149 research outputs found
Civic Engagement and Democracy in Post-Suharto Indonesia: a Review of Musrenbang, the Kecamatan Development Programme, and Labour Organising
Drawing attention to the wider literature on the linkages between civic engagement and democracy, this paper starts off by asking the question whether civic engagement beyond formal politics actually serves to strengthen democracy in Indonesia. Noting a contradiction between the literature that proposes that high associational density fosters democracy and recent analysis that highlights that political opportunity structures in Indonesia are unfavourable to popular representation and participation, the paper draws attention to a largely underexplored field within Indonesian democracy studies, namely that of mobilisation and participation by marginalised groups. The paper discusses and analyses strategies for bottom-up mobilisation, specifically the development planning programmes of Musrenbang, the Kecamatan Development Program (KDP), and Indonesian labour organising. The analysis focuses on the democratising aspects of these sectors, arguing that participation and mobilisation lacks the necessary popular foundations as well as organisational capacities that are necessary for participatory institutions to effectively enhance democracy. The paper thereby hints that associational density in and of itself is a poor indicator for democracy, especially in relation to democratic consolidation in new democracies
Risk and Business Goal Based Security Requirement and Countermeasure Prioritization
Companies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but need to be able to justify their security investment plans. Currently companies achieve this by means of checklist-based security assessments, but these methods are a way to achieve consensus without being able to provide justifications of countermeasures in terms of business goals. But such justifications are needed to operate securely and effectively in networked businesses. In this paper, we first compare a Risk-Based Requirements Prioritization method (RiskREP) with some requirements engineering and risk assessment methods based on their requirements elicitation and prioritization properties. RiskREP extends misuse case-based requirements engineering methods with IT architecture-based risk assessment and countermeasure definition and prioritization. Then, we present how RiskREP prioritizes countermeasures by linking business goals to countermeasure specification. Prioritizing countermeasures based on business goals is especially important to provide the stakeholders with structured arguments for choosing a set of countermeasures to implement. We illustrate RiskREP and how it prioritizes the countermeasures it elicits by an application to an action case
A Tool-based Semantic Framework for Security Requirements Specification
Attaining high quality in security requirements specification requires first-rate
professional expertise, which is scarce. In fact, most organisations do not include core security
experts in their software team. This scenario motivates the need for adequate tool support for
security requirements specification so that the human requirements analyst can be assisted to
specify security requirements of acceptable quality with minimum effort. This paper presents a
tool-based semantic framework that uses ontology and requirements boilerplates to facilitate
the formulation and specification of security requirements. A two-phased evaluation of the
semantic framework suggests that it is usable, leads to reduction of effort, aids the quick
discovery of hidden security threats, and improves the quality of security requirements
Energistyrings- og kraftforsyningssystem
Denne oppgaven har tatt for seg utviklingen, byggingen og idriftsettelsen av et energistyringssystem (EMS) på en modell av en elektrisk forsyningslinje. I oppgaven ble det lagt vekt på å lage en modell av en moderne forsyningslinje for fartøy, slik at det kunne utvikles og implementeres et EMS for denne. Flere typer forsyninger ble vurdert, men til slutt falt valget på en hybrid DC-fordeling. Av økonomiske grunner var det ikke mulig å lage modellen nøyaktig slik en virkelig fordeling ville blitt bygget, men det ble lagt vekt på å komme prinsippmessig så nært som mulig.
Det ble valgt å bruke en spenning på 12 V for DC-fordelingen. Denne spenningen ble valgt fordi det da var mulig å anskaffe delene som trengtes for modellen innenfor prosjektets budsjettramme på 20000Kr. Modellen består av et blybatteri, en kombinert batterilader/sinusinverter, en DC/DC-omformer, nødvendige kabler, samt komponenter som er nødvendige for målinger, beregninger og modellens el-sikkerhet. Det er i tillegg anskaffet et aggregat som kan brukes som spenningsforsyning. Modellen kan forsyne forbrukere som trenger 12 VDC, 24 VDC og 230 VAC.
Et EMS-program ble programmert på en WAGO PLS. Dette programmet tar inn måleverdier fra sensorer på modellen, omformer og skalerer disse og presenterer resultatene i et skjermbilde som vises på en tilkoblet datamaskin. I dette skjermbildet kan man lett se hvordan energiflyten i modellen er. Man får oppgitt hvilke effekter som går i de forskjellige kablene, hvor mange wattimer som er på batteriet og estimater over hvor lenge modellen kan være operativ ved nåværende og fastsatte belastninger før den trenger å lades.
Å måle energimengden i batteriet har vært en utfordring. Det har blitt gjennomført flere utladningstester og ved å bruke resultatene fra disse har det vært mulig å programmere en batteriestimator som, ved å måle strøm og spenning, gir ganske nøyaktige verdier for gjenværende driftstider. Modellen og programvaren viser at det er prinsipielt mulig å lage et energistyringssystem som kan måle energiflyter i en elektrisk fordeling og beregne gjenværende batteridriftstid. Dette anses som høy måloppnåelse med tanke på første del av oppgaveteksten. Etter å ha sett modellen og energistyringssystemet i drift er det vår mening at dersom Forsvaret en gang skal gå til anskaffelse av autonome fartøy vil man være godt tjent med å ha et EMS ombord. Et slikt system vil kunne gi informasjon som har direkte innvirkning på hvordan fartøyet kan operere. For bemannede fartøy vil det også kunne gi større handlingsrom fordi man kan frigjøre ressurser til å løse andre oppgaver enn å overvåke og estimere driftstider manuelt
An Emergent Space for Distributed Data with Hidden Internal Order through Manifold Learning
Manifold-learning techniques are routinely used in mining complex
spatiotemporal data to extract useful, parsimonious data
representations/parametrizations; these are, in turn, useful in nonlinear model
identification tasks. We focus here on the case of time series data that can
ultimately be modelled as a spatially distributed system (e.g. a partial
differential equation, PDE), but where we do not know the space in which this
PDE should be formulated. Hence, even the spatial coordinates for the
distributed system themselves need to be identified - to emerge from - the data
mining process. We will first validate this emergent space reconstruction for
time series sampled without space labels in known PDEs; this brings up the
issue of observability of physical space from temporal observation data, and
the transition from spatially resolved to lumped (order-parameter-based)
representations by tuning the scale of the data mining kernels. We will then
present actual emergent space discovery illustrations. Our illustrative
examples include chimera states (states of coexisting coherent and incoherent
dynamics), and chaotic as well as quasiperiodic spatiotemporal dynamics,
arising in partial differential equations and/or in heterogeneous networks. We
also discuss how data-driven spatial coordinates can be extracted in ways
invariant to the nature of the measuring instrument. Such gauge-invariant data
mining can go beyond the fusion of heterogeneous observations of the same
system, to the possible matching of apparently different systems
Ontology-Based Support for Security Requirements Specification Process
The security requirements specification (SRS) is an integral aspect of the development of secured information systems and entails the formal documentation of the security needs of a system in a correct and consistent way.
However, in many cases there is lack of sufficiently experienced security experts or security requirements (SR) engineer within an organization, which limits the quality of SR that are specified. This paper presents an approach that
leverages ontologies and requirements boilerplates in order to alleviate the effect of lack of highly experienced personnel for SRS. It also offers a credible starting point for the SRS process. A preliminary evaluation of the tool prototype – ReqSec tool - was used to demonstrate the approach and to confirm its usability to support the SRS process. The tool helps to reduce the amount of effort required, stimulate discovery of latent security threats, and enables the specification of good quality SR
Identifying Implicit Vulnerabilities through Personas as Goal Models
When used in requirements processes and tools, personas
have the potential to identify vulnerabilities resulting from misalignment between user expectations and system goals. Typically, however,
this potential is unfulfilled as personas and system goals are captured
with different mindsets, by different teams, and for different purposes. If
personas are visualised as goal models, it may be easier for stakeholders
to see implications of their goals being satisfied or denied, and designers
to incorporate the creation and analysis of such models into the broader
RE tool-chain. This paper outlines a tool-supported approach for finding
implicit vulnerabilities from user and system goals by reframing personas
as social goal models. We illustrate this approach with a case study where
previously hidden vulnerabilities based on human behaviour were identified
Finding and Resolving Security Misusability with Misusability Cases
Although widely used for both security and usability concerns, scenarios used in security design may not necessarily inform the design of usability, and vice- versa. One way of using scenarios to bridge security and usability involves explicitly describing how design deci- sions can lead to users inadvertently exploiting vulnera- bilities to carry out their production tasks. This paper describes how misusability cases, scenarios that describe how design decisions may lead to usability problems sub- sequently leading to system misuse, address this problem. We describe the related work upon which misusability cases are based before presenting the approach, and illus- trating its application using a case study example. Finally, we describe some findings from this approach that further inform the design of usable and secure systems
- …