Service brokerage with Prolog

Service brokerage is a complex problem. At the design stage the semantic gap between user, device and system requirements must be bridged, and at the operational stage the conflicting objectives of many parties in the value chain must be reconciled. For example why should a user who wants to watch a film need to understand that due to limited battery power the film can only be shown in low resolution? Why should the user have to understand the business model of a content provider? To solve these problems we present (1) the concept of a packager who acts as a service broker, (2) a design derived systematically from a semi-formal specification (the CC-model), and (3) an implementation using our Prolog based LicenseScript language

Computer Security Incident Response Team Effectiveness: A Needs Assessment

Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued that under these working conditions CSIRTs would be likely to encounter problems. A needs assessment was done to see to which extent this argument holds true. We constructed an incident response needs model to assist in identifying areas that require improvement. We envisioned a model consisting of four assessment categories: Organization, Team, Individual and Instrumental. Central to this is the idea that both problems and needs can have an organizational, team, individual, or technical origin or a combination of these levels. To gather data we conducted a literature review. This resulted in a comprehensive list of challenges and needs that could hinder or improve, respectively, the performance of CSIRTs. Then, semi-structured in depth interviews were held with team coordinators and team members of five public and private sector Dutch CSIRTs to ground these findings in practice and to identify gaps between current and desired incident handling practices. This paper presents the findings of our needs assessment and ends with a discussion of potential solutions to problems with performance in incident response. https://doi.org/10.3389/fpsyg.2017.02179 LinkedIn: https://www.linkedin.com/in/rickvanderkleij1

Service Brokerage with Prolog

Service brokerage is a complex problem. At the design stage the semantic gap between user, device and system requirements must be bridged, and at the operational stage the conflicting objectives of many parties in the value chain must be reconciled. For example why should a user who wants to watch a film need to understand that due to limited battery power the film can only be shown in low resolution? Why should the user have to understand the business model of a content provider? To solve these problems we present (1) the concept of a packager who acts as a service broker, (2) a design derived systematically from a semi-formal specification (the CC-model), and (3) an implementation using our Prolog based LicenseScript language

Computer Security Incident Response Team Effectiveness: A Needs Assessment

Computer security incident response teams (CSIRTs) respond to a computer security incident when the need arises. Failure of these teams can have far-reaching effects for the economy and national security. CSIRTs often have to work on an ad hoc basis, in close cooperation with other teams, and in time constrained environments. It could be argued that under these working conditions CSIRTs would be likely to encounter problems. A needs assessment was done to see to which extent this argument holds true. We constructed an incident response needs model to assist in identifying areas that require improvement. We envisioned a model consisting of four assessment categories: Organization, Team, Individual and Instrumental. Central to this is the idea that both problems and needs can have an organizational, team, individual, or technical origin or a combination of these levels. To gather data we conducted a literature review. This resulted in a comprehensive list of challenges and needs that could hinder or improve, respectively, the performance of CSIRTs. Then, semi-structured in depth interviews were held with team coordinators and team members of five public and private sector Dutch CSIRTs to ground these findings in practice and to identify gaps between current and desired incident handling practices. This paper presents the findings of our needs assessment and ends with a discussion of potential solutions to problems with performance in incident response