Conversational Browsing

How can we better understand the mechanisms behind multi-turn information seeking dialogues? How can we use these insights to design a dialogue system that does not require explicit query formulation upfront as in question answering? To answer these questions, we collected observations of human participants performing a similar task to obtain inspiration for the system design. Then, we studied the structure of conversations that occurred in these settings and used the resulting insights to develop a grounded theory, design and evaluate a first system prototype. Evaluation results show that our approach is effective and can complement query-based information retrieval approaches. We contribute new insights about information-seeking behavior by analyzing and providing automated support for a type of information-seeking strategy that is effective when the clarity of the information need and familiarity with the collection content are low

Tools and techniques for analysing the impact of information security

PhD ThesisThe discipline of information security is employed by organisations to protect the confidentiality, integrity and availability of information, often communicated in the form of information security policies. A policy expresses rules, constraints and procedures to guard against adversarial threats and reduce risk by instigating desired and secure behaviour of those people interacting with information legitimately. To keep aligned with a dynamic threat landscape, evolving business requirements, regulation updates, and new technologies a policy must undergo periodic review and change. Chief Information Security Officers (CISOs) are the main decision makers on information security policies within an organisation. Making informed policy modifications involves analysing and therefore predicting the impact of those changes on the success rate of business processes often expressed as workflows. Security brings an added burden to completing a workflow. Adding a new security constraint may reduce success rate or even eliminate it if a workflow is always forced to terminate early. This can increase the chances of employees bypassing or violating a security policy. Removing an existing security constraint may increase success rate but may may also increase the risk to security. A lack of suitably aimed impact analysis tools and methodologies for CISOs means impact analysis is currently a somewhat manual and ambiguous procedure. Analysis can be overwhelming, time consuming, error prone, and yield unclear results, especially when workflows are complex, have a large workforce, and diverse security requirements. This thesis considers the provision of tools and more formal techniques specific to CISOs to help them analyse the impact modifying a security policy has on the success rate of a workflow. More precisely, these tools and techniques have been designed to efficiently compare the impact between two versions of a security policy applied to the same workflow, one before, the other after a policy modification. This work focuses on two specific types of security impact analysis. The first is quantitative in nature, providing a measure of success rate for a security constrained workflow which must be executed by employees who may be absent at runtime. This work considers quantifying workflow resiliency which indicates a workflow’s expected success rate assuming the availability of employees to be probabilistic. New aspects of quantitative resiliency are introduced in the form of workflow metrics, and risk management techniques to manage workflows that must work with a resiliency below acceptable levels. Defining these risk management techniques has led to exploring the reduction of resiliency computation time and analysing resiliency in workflows with choice. The second area of focus is more qualitative, in terms of facilitating analysis of how people are likely to behave in response to security and how that behaviour can impact the success rate of a workflow at a task level. Large amounts of information from disparate sources exists on human behavioural factors in a security setting which can be aligned with security standards and structured within a single ontology to form a knowledge base. Consultations with two CISOs have been conducted, whose responses have driven the implementation of two new tools, one graphical, the other Web-oriented allowing CISOs and human factors experts to record and incorporate their knowledge directly within an ontology. The ontology can be used by CISOs to assess the potential impact of changes made to a security policy and help devise behavioural controls to manage that impact. The two consulted CISOs have also carried out an evaluation of the Web-oriented tool. vii

Socialization agent’s knowledge dissemination among Bajau-Laut community: Tun Sakaran Marine Park Conservation Zone, Sabah

The issues of water conservation are part of the agenda of the Coral Triangle Initiative (CTI) between Malaysia, Indonesia and the Philippines due to the population of Bajau-Laut community in the surrounding waters. It is feared that the freedom of the communities living in the confines of our waters as well as cultivating their traditional fishing using explosives may threaten the sustainability of marine conservation zones. The knowledge and the preparation of the community to obey the rules and regulations enforced in the protected area of marine activity to ensure a sustainable supply for the future. Thus, this study aims to discuss the agents who socialize the knowledge of Bajau-Laut community about the conservation zone involving the Tun Sakaran Marine Park (TSMP). Research has been ongoing in Pulau Bum-Bum, Semporna, Sabah through applying phenomenological approaches on selected ten informants through purposive sampling techniques. Semi-structured interview was chosen to deepen the knowledge of Bajau-Laut community as the actor of the study. Assumptions made by ontology and epistemology idealist of the social constructivist envisioned paradigm study as a research to understand the significance of conservation zones that are formed from social reality of Bajau-Laut community. The results revealed that the Village Development Committee (JKKK), Welfare Association Bajau-Laut (PEKEBAL), the agency of Tun Sakaran Marine Park (TSMP) serves as a formal agent of socialization while families, friends and the media are informal socialization agents that make up the knowledge of informant. As a community living in an island, the knowledge of zoning and conservation efforts by the significant agencies is crucial to understand the importance of preserving habitat of marine resources. Hence, the habitat of marine resources could be protected and conserved for future supplies

Adapting a Faceted Search Task Model for the Development of a Domain-Specific Council Information Search Engine

Domain specialists such as council members may benefit from specialised search functionality, but it is unclear how to formalise the search requirements when developing a search system. We adapt a faceted task model for the purpose of characterising the tasks of a target user group. We first identify which task facets council members use to describe their tasks, then characterise council member tasks based on those facets. Finally, we discuss the design implications of these tasks for the development of a search engine. Based on two studies at the same municipality we identified a set of task facets and used these to characterise the tasks of council members. By coding how council members describe their tasks we identified five task facets: the task objective, topic aspect, information source, retrieval unit, and task specificity. We then performed a third study at a second municipality where we found our results were consistent. We then discuss design implications of these tasks because the task model has implications for 1) how information should be modelled, and 2) how information can be presented in context, and it provides implicit suggestions for 3) how users want to interact with information. Our work is a step towards better understanding the search requirements of target user groups within an organisation. A task model enables organisations developing search systems to better prioritise where they should invest in new technology

Knowledge Management, Information Technology and Learning in Construction Projects

ICT (Information and Communication Technology) usage in construction is limited when compared with other industries. This may be due to the unique characteristics of the construction industry and the tendency for late take-up of ICT solutions. The amount and diversity of information created and referenced during a typical construction project is considerable. Most people working in the construction business have been involved in projects where costs have enormously exceeded the budget, where timetables have caused problems, and where the end results have been useless or even unhealthy for people. The KM (Knowledge Management) in construction projects fails, and there is no commitment to improve the process even if productivity in the industry is very low compared to other industries. Construction professionals work in complex and heterogeneous networks of human beings and various artefacts. Productive participation in knowledge-intensive work requires that both individual professionals and their communities and organisations continuously transform their practices, develop new competencies, advance their knowledge and understanding, as well as produce innovations and create new knowledge. This present thesis is a case study conducted within the Prolab project in Vaasa University. This study deals with the issues and problems of knowledge management in construction projects. The focus is in construction ICT and solutions that have emerged in this field. There are five published articles that relate to these themes. The empirical part for this study comes from the Prolab project interviews in five demanding public construction projects. The informants were project stakeholders; end-users of the buildings, such as nurses and teachers; architects and special designers; as well as project managers and contractors. My conclusions are that the knowledge processing tools are in use but they are not used in as centralized or intelligent way as they could be. It seems that the solutions are not interoperable because of technical problems. In addition, I found problems related to inefficient information flow, lack of communication and project participants not being ready to utilize the modern technologies, as well as to the lack of centralised KM strategy. In order to improve the process, construction companies must integrate learning with dayto-day work processes in such a way that they not only share knowledge but also provide access to knowledge at any level. The knowledge portal systems that include BIM (Building Information Modelling) operations and perceive user and business requirements are one way to innovative project management systems. Continual discussion between customer and the application provider is necessary for the best results.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

A Monitoring Instrument for Resilience

This document describes a monitoring instrument for efficiently tracking changes in resilience in agricultural initiatives. Operationalizing the concept of resilience (i.e. the ability to withstand change, stresses and shocks) poses significant challenges for project managers, particularly when required for performance reporting. This monitoring instrument aims to balance the demands for tracking and reporting changes in resilience with the scarcity of time and information typical of development initiatives. The instrument can be used to inform decisions on program planning and management where the program goal is to enhance the resilience of communities, to better manage ecosystem services, and to create positive and sustainable development impacts

Experiencing information: using systems theory to develop a theoretical framework of information interaction

2021 Spring.Includes bibliographical references.This study outlines the construction, development, and initial testing of a proposed theoretical framework and measure for information interaction. To address the challenges associated with experiencing information, I synthesized existing literature from complementary and multidisciplinary domains of cognitive psychology, computer science, and organizational communication. I initially proposed theoretically driven components of information interaction based on a literature review, followed by a multimethod evaluation to further develop and refine the framework. Quantitatively, I researched organizational practices used for managing the information environment. Empirically, I collected data using multiple samples to test the psychometric properties of a proposed measure of information interaction. I used structural equation modeling to assess relationships associated with information interaction to develop its nomological network. The findings of these studies have implications for research and practice by establishing a new theoretical space in Industrial and Organizational Psychology, using a systems approach to construct development and application, and providing organizations with a mechanism for constant, minimally obtrusive collection and assessment of the information experience of members within the organizational system

Improving expert search effectiveness: Comparing ways to rank and present search results

Expert search systems help professionals find colleagues with specific expertise. Expert search results can be presented as a list of documents with their associated experts, or as a list of candidate experts with evidence for their expertise based on documents they authored. The type of result may affect search behaviour, and therefore search task performance. Previous work has not considered such effects from the result presentation, focusing instead on how to rank experts or on ways to interact with the search results. We compare the task performance of novice users using either a document-centric interface (where each search result is a document and its associated expert) or a candidate-centric interface (where each search result is a candidate expert and their associated documents). We also compare candidate-centric and document-centric ranking functions per interface. A post-experiment survey indicated that two variables affect which interface participants preferred: the retrieval unit (candidates or documents) and the complexity (number of documents per search result). These variables affected participants' search strategy, and consequently their task performance. A quantitative analysis revealed that 1) using the candidate-centric interface results in a higher rate of correctly completed tasks, as users evaluate candidates more thoroughly, and 2) the document-centric ranking yields faster task completion. Weak evidence of a statistical interaction effect was found that prevents a straightforward combination of the most effective interface type and the most efficient ranking type. Present work resulted in a more effective, albeit less efficient, search engine for expert search at the municipality of Utrecht

Information Security: IRS Needs to Address Control Weaknesses That Place Financial and Taxpayer Data at Risk

A letter report issued by the Government Accountability Office with an abstract that begins "The Internal Revenue Service (IRS) continued to make progress in addressing information security control weaknesses and improving its internal control over financial reporting; however, weaknesses remain that could affect the confidentiality, integrity, and availability of financial and sensitive taxpayer data. During fiscal year 2013, IRS management devoted attention and resources to addressing information security controls, and resolved a number of the information security control deficiencies that were previously reported by GAO. However, significant risks remained. Specifically, the agency had not always (1) installed appropriate patches on all databases and servers to protect against known vulnerabilities, (2) sufficiently monitored database and mainframe controls, or (3) appropriately restricted access to its mainframe environment. In addition, IRS had allowed individuals to make changes to mainframe data processing without requiring them to follow established change control procedures to ensure changes were authorized, and did not configure all applications to use strong encryption for authentication, increasing the potential for unauthorized access.