A formal model of trust lifecycle management

The rapid development of collaborative environments over the internet has highlighted new concerns over security and trust in such global computing systems. The global computing infrastructure poses an issue of uncertainty about the potential collaborators. Reaching a trusting decision in such environments encompasses both risk and trust assessments. While much work has been done in terms of modelling trust, the investigation of the management of trust lifecycle issues with consideration of both trust and risk is less examined. Our previous work addressed the dynamic aspects of trust lifecycle with a consideration of trust formation, exploitation, and evolution. In this paper we provide an approach for formalizing these aspects. As part of the formalization of the trust lifecycle,we introduce a notion of attraction to model the effect of new pieces of evidence on our opinion. The formalization described in this paper constitutes the basis of ongoing work to investigate the properties of the model

The ethics of secondary data analysis: learning from the experience of sharing qualitative data from young people and their families in an international study of childhood poverty

This working paper focuses on secondary analysis, an aspect of research practice that is sometimes assumed to pose few ethical challenges. It draws in particular on the experience of a collaborative research project involving secondary analysis of qualitative data collected as part of an ongoing international longitudinal study, Young Lives (www.younglives.org.uk), and sets this alongside a wider review of regulatory guidance on research ethics and academic debates. Secondary analysis can take many forms, and bring many benefits. But it is more ethically complex than regulatory frameworks may imply. Whether or not data are publicly archived, ethical considerations have to be addressed, including responsibilities to participants and the original researchers, and the need to achieve a contextual understanding of the data by identifying and countering risks of misinterpretation. The considerations raised here are intended to aid ethical research practice by supporting planning and reflection – for primary researchers who are planning to archive their data, as well as for researchers embarking on a qualitative secondary analysis. Not least, our experience highlights the importance of developing and maintaining trusting relationships between primary and secondary researchers

Arguing security: validating security requirements using structured argumentation

This paper proposes using both formal and structured informal arguments to show that an eventual realized system can satisfy its security requirements. These arguments, called 'satisfaction arguments', consist of two parts: a formal argument based upon claims about domain properties, and a set of informal arguments that justify the claims. Building on our earlier work on trust assumptions and security requirements, we show how using satisfaction arguments assists in clarifying how a system satisfies its security requirements, in the process identifying those properties of domains that are critical to the requirements

Understanding Management Accounting Changes in a Family-Owned Company: A Greek Case Study

This study seeks to understand the changes to management accounting controls in a large Greek company in the context of the rapidly changing socio-economic environment. The paper investigates the case of FA (here anonymised), a Greek dairy company, as it has been transformed from a small family-run firm to one of the biggest companies in Greece. Familial and informal management controls have been transformed into a relatively formal and professional form of control over the years. The dynamics and nature of management accounting changes are understood by drawing on critical realism, a theoretical framework pioneered by Roy Bhaskar (1975, 1979). Our analysis revealed that a changed wider structural environment, changed control needs of owners and ?politics of control within capital? between competing management positions (Armstrong, 1989) precipitated the changes in the management control practices of the organization

Accessing Socially Excluded People — Trust and the Gatekeeper in the Researcher-Participant Relationship

This paper describes methodological findings from research to recruit and research hard-to-reach socially excluded people. We review the ways in which researchers have used particular strategies to access hard-to-reach individuals and groups and note that little attention has been given to understanding the implications of the nature of the trust relationship between researcher and participant. Gatekeepers invariably play a role in accessing socially excluded people in research, yet discussion to date invariably focuses on the instrumental role gatekeepers play in facilitating researchers\' access. In this paper we explore the possibilities for analysing relationships in terms of trust and distrust between gatekeeper and socially excluded participant. Our analysis considers the different kinds of relationships that exist between gatekeepers and socially excluded people and, in particular, the relationships of power between gatekeepers and socially excluded people. Insights into the nature of trust among socially excluded people will also be considered. Finally, we discuss how size and use of social networks among socially excluded groups and perceptions of risk in interactions with gatekeepers are important to understanding the possibilities for trustful relationships, and for meaningful and successful access for researchers to socially excluded individuals and groups.Social Exclusion, Access, Research, Gatekeepers, Trust, Distrust, Risk

Assessing the Risk due to Software Faults: Estimates of Failure Rate versus Evidence of Perfection.

In the debate over the assessment of software reliability (or safety), as applied to critical software, two extreme positions can be discerned: the ‘statistical’ position, which requires that the claims of reliability be supported by statistical inference from realistic testing or operation, and the ‘perfectionist’ position, which requires convincing indications that the software is free from defects. These two positions naturally lead to requiring different kinds of supporting evidence, and actually to stating the dependability requirements in different ways, not allowing any direct comparison. There is often confusion about the relationship between statements about software failure rates and about software correctness, and about which evidence can support either kind of statement. This note clarifies the meaning of the two kinds of statement and how they relate to the probability of failure-free operation, and discusses their practical merits, especially for high required reliability or safety