Identity in research infrastructure and scientific communication: Report from the 1st IRISC workshop, Helsinki Sep 12-13, 2011

Motivation for the IRISC workshop came from the observation that identity and digital identification are increasingly important factors in modern scientific research, especially with the now near-ubiquitous use of the Internet as a global medium for dissemination and debate of scientific knowledge and data, and as a platform for scientific collaborations and large-scale e-science activities.

The 1 1/2 day IRISC2011 workshop sought to explore a series of interrelated topics under two main themes: i) unambiguously identifying authors/creators & attributing their scholarly works, and ii) individual identification and access management in the context of identity federations. Specific aims of the workshop included:

• Raising overall awareness of key technical and non-technical challenges, opportunities and developments.
• Facilitating a dialogue, cross-pollination of ideas, collaboration and coordination between diverse – and largely unconnected – communities.
• Identifying & discussing existing/emerging technologies, best practices and requirements for researcher identification.

This report provides background information on key identification-related concepts & projects, describes workshop proceedings and summarizes key workshop findings

Homo Datumicus : correcting the market for identity data

Effective digital identity systems offer great economic and civic potential. However, unlocking this potential requires dealing with social, behavioural, and structural challenges to efficient market formation. We propose that a marketplace for identity data can be more efficiently formed with an infrastructure that provides a more adequate representation of individuals online. This paper therefore introduces the ontological concept of Homo Datumicus: individuals as data subjects transformed by HAT Microservers, with the axiomatic computational capabilities to transact with their own data at scale. Adoption of this paradigm would lower the social risks of identity orientation, enable privacy preserving transactions by default and mitigate the risks of power imbalances in digital identity systems and markets

Authentication and authorisation in entrusted unions

This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported

Towards an integrated model for citizen adoption of E-government services in developing countries: A Saudi Arabia case study

This paper considers the challenges that face the widespread adoption of E-government in developing countries, using Saudi Arabian our case study. E-government can be defined based on an existing set of requirements. In this paper we define E-government as a matrix of stakeholders; governments to governments, governments to business and governments to citizens using information and communications technology to deliver and consume services. E-government has been implemented for a considerable time in developed countries. However E-government services still faces many challenges their implemented and general adoption in developing countries. Therefore, this paper presents an integrated model for ascertaining the intention to adopt E-government services and thereby aid governments in accessing what is required to increase adoption

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors

Misaligned Values in Software Engineering Organizations

The values of software organizations are crucial for achieving high performance; in particular, agile development approaches emphasize their importance. Researchers have thus far often assumed that a specific set of values, compatible with the development methodologies, must be adopted homogeneously throughout the company. It is not clear, however, to what extent such assumptions are accurate. Preliminary findings have highlighted the misalignment of values between groups as a source of problems when engineers discuss their challenges. Therefore, in this study, we examine how discrepancies in values between groups affect software companies' performance. To meet our objectives, we chose a mixed method research design. First, we collected qualitative data by interviewing fourteen (\textit{N} = 14) employees working in four different organizations and processed it using thematic analysis. We then surveyed seven organizations (\textit{N} = 184). Our analysis indicated that value misalignment between groups is related to organizational performance. The aligned companies were more effective, more satisfied, had higher trust, and fewer conflicts. Our efforts provide encouraging findings in a critical software engineering research area. They can help to explain why some companies are more efficient than others and, thus, point the way to interventions to address organizational challenges.Comment: accepted for publication in Journal of Software: Evolution and Proces

The Impact Of Technology Trust On The Acceptance Of Mobile Banking Technology Within Nigeria

With advancement in the use of information technology seen as a key factor in economic development, developed countries are increasingly reviewing traditional systems, in various sectors such as education, health, transport and finance, and identifying how they may be improved or replaced with automated systems. In this study, the authors examine the role of technology trust in the acceptance of mobile banking in Nigeria as the country attempts to transition into a cashless economy. For Nigeria, like many other countries, its economic growth is linked, at least in part, to its improvement in information technology infrastructure, as well as establishing secure, convenient and reliable payments systems. Utilising the Technology Acceptance Model, this study investigates causal relationships between technology trust and other factors influencing user’s intention to adopt technology; focusing on the impact of seven factors contributing to technology trust. Data from 1725 respondents was analysed using confirmatory factor analysis and the results showed that confidentiality, integrity, authentication, access control, best business practices and non-repudiation significantly influenced technology trust. Technology trust showed a direct significant influence on perceived ease of use and usefulness, a direct influence on intention to use as well as an indirect influence on intention to use through its impact on perceived usefulness and perceived ease of use. Furthermore, perceived ease of use and perceived usefulness showed significant influence on consumer’s intention to adopt the technology. With mobile banking being a key driver of Nigeria’s cashless economy goals, this study provides quantitative knowledge regarding technology trust and adoption behaviour in Nigeria as well as significant insight on areas where policy makers and mobile banking vendors can focus strategies engineered to improve trust in mobile banking and increase user adoption of their technology