SECURITY SUBCULTURES IN AN ORGANIZATION - EXPLORING VALUE CONFLICTS

Security culture is considered as an important factor in overcoming the problem with employees’ lack of compliance with Information Security (IS) policies. Within one organization different subcultures might transcribe to different and sometimes even conflicting, values. In this paper we study such value conflicts and their implications on IS management and practice. Shein’s (1999) model of organizational culture is used as a tool supporting analysis of our empirical data. We found that value conflicts exists between different security cultures within the same organization and that users anchor their values related to IS in their professional values. Thus our empirical results highlight value conflicts as an important factor to take into account when security culture is developed in an organization. Moreover, we found Shein’s model as a useful tool for analysis of value conflicts between different subcultures in an organization

Policy Conflict Analysis in Distributed System Management

Accepted versio

Innovative approaches to water security:ICTs as platforms for systemic online negotiation

This paper presents the initial outcomes of the research project ‘Innovative approaches to water security using ICTs for systemic online negotiations’ carried out between the department of Systems at the OU, UNESCO PC-CP program and UNESCO-IHE Institute of water education. It explores how water conflicts could be managed - by being prevented through integrated water management and - through better communication amongst water stakeholders and more systemic analysis of water problems at stake

Towards a Framework for Managing Inconsistencies in Systems of Systems

The growth in the complexity of software systems has led to a proliferation of systems that have been created independently to provide specific functions, such as activity tracking, household energy management or personal nutrition assistance. The runtime composition of these individual systems into Systems of Systems (SoSs) enables support for more sophisticated functionality that cannot be provided by individual constituent systems on their own. However, in order to realize the benefits of these functionalities it is necessary to address a number of challenges associated with SoSs, including, but not limited to, operational and managerial independence, geographic distribution of participating systems, evolutionary development, and emergent conflicting behavior that can occur due interactions between the requirements of the participating systems. In this paper, we present a framework for conflict management in SoSs. The management of conflicting requirements involves four steps, namely (a) overlap detection, (b) conflict identification, (c) conflict diagnosis, and (d) conflict resolution based on the use of a utility function. The framework uses a Monitor-Analyze-Plan- Execute- Knowledge (MAPE-K) architectural pattern. In order to illustrate the work, we use an example SoS ecosystem designed to support food security at different levels of granularity

Safety, Security and Socio-Economic Wellbeing in Somaliland

This report documents the findings from a study on the relationship between safety/security and socio-economic wellbeing in Somaliland. The study was conducted for the Danish Demining Group (DDG) and Geneva International Centre for Humanitarian Demining in twelve of DDG's project sites. It is based on a quantitative survey of 378 households and qualitative focus group interviews. Findings suggest a high degree of correlation between improvements in safety and security, many associated with the community safety work of DDG, and socio-economic benefits to communities. Reported benefits include fewer conflicts, more secure communities at night, fewer accidents involving small arms and explosive remnants of war, and better community-police relations. These are perceived to have contributed to improvements in access to markets, lengthening hours that businesses can remain open, improved opportunities for participating in savings activities, and generally increased household incomes. Recommendations for maximizing the benefits of improved security for socio-economic gains are provided

Disentangling the Epistemic Failings of the 2008 Financial Crisis

I argue that epistemic failings are a significant and underappreciated moral hazard in the financial services industry. I argue further that an analysis of these epistemic failings and their means of redress is best developed by identifying policies and procedures that are likely to facilitate good judgment. These policies and procedures are “best epistemic practices.” I explain how best epistemic practices support good reasoning, thereby facilitating accurate judgments about risk and reward. Failures to promote and adhere to best epistemic practices contributed to the 2008 financial crisis. I identify and discuss some of the ways in which best epistemic practices were violated in the events that led to the crisis, with a focus on the role of the credit rating agencies. I go on to discuss some of the ways in which these failings have been redressed. I conclude by observing how proactive regulation for best epistemic practices might help us to anticipate and avoid future crises

A Survey of Techniques for Improving Security of GPUs

Graphics processing unit (GPU), although a powerful performance-booster, also has many security vulnerabilities. Due to these, the GPU can act as a safe-haven for stealthy malware and the weakest `link' in the security `chain'. In this paper, we present a survey of techniques for analyzing and improving GPU security. We classify the works on key attributes to highlight their similarities and differences. More than informing users and researchers about GPU security techniques, this survey aims to increase their awareness about GPU security vulnerabilities and potential countermeasures

Shinren : Non-monotonic trust management for distributed systems

The open and dynamic nature of modern distributed systems and pervasive environments presents significant challenges to security management. One solution may be trust management which utilises the notion of trust in order to specify and interpret security policies and make decisions on security-related actions. Most trust management systems assume monotonicity where additional information can only result in the increasing of trust. The monotonic assumption oversimplifies the real world by not considering negative information, thus it cannot handle many real world scenarios. In this paper we present Shinren, a novel non-monotonic trust management system based on bilattice theory and the anyworld assumption. Shinren takes into account negative information and supports reasoning with incomplete information, uncertainty and inconsistency. Information from multiple sources such as credentials, recommendations, reputation and local knowledge can be used and combined in order to establish trust. Shinren also supports prioritisation which is important in decision making and resolving modality conflicts that are caused by non-monotonicity

Linking Peace, Security and Regional Integration in Africa

Ye