468 research outputs found

    Risk and Business Goal Based Security Requirement and Countermeasure Prioritization

    Get PDF
    Companies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but need to be able to justify their security investment plans. Currently companies achieve this by means of checklist-based security assessments, but these methods are a way to achieve consensus without being able to provide justifications of countermeasures in terms of business goals. But such justifications are needed to operate securely and effectively in networked businesses. In this paper, we first compare a Risk-Based Requirements Prioritization method (RiskREP) with some requirements engineering and risk assessment methods based on their requirements elicitation and prioritization properties. RiskREP extends misuse case-based requirements engineering methods with IT architecture-based risk assessment and countermeasure definition and prioritization. Then, we present how RiskREP prioritizes countermeasures by linking business goals to countermeasure specification. Prioritizing countermeasures based on business goals is especially important to provide the stakeholders with structured arguments for choosing a set of countermeasures to implement. We illustrate RiskREP and how it prioritizes the countermeasures it elicits by an application to an action case

    Evaluation of Agents Interactions in a Context-Aware System

    Get PDF
    The evaluation of Multi-Agent Systems (MAS) is a complex problem and it does not have a single form. Much effort has been spent on suggesting and implementing new architectures of MAS. Often these new architectures are not even compared to any other existing architectures in order to evaluate their relative benefits. The present work focuses on interactions, the most important characteristic of any complex software as autonomous agents according to [25], as a problematic of evaluation. So, in this paper, we describe the assignment of evaluation values to Agents interaction in a specific MAS architecture. This evaluation is based on the weight of the messages brought by an interaction.Funded by projects CICYT TIN2008-06742-C02-02/TSI,CICYT TEC2008-06732-C02-02/TEC, SINPROB, CAM MADRINET S-0505/TIC/0255, and DPS2008-07029-C02-02.Publicad

    Stretching the Comfort Zone: Using Early Clinical Contact to Influence Professional Identity Formation in Medical Students

    Get PDF
    Purpose: To explore first-year medical students’ affective reactions to intimate encounters with severely sick patients in their homes, within a curricular innovation targeting the development of a patient-centered professional identity. Background: Early patient encounters create complex emotional challenges and constitute fertile ground for professional identity formation. The literature indicates that students often learn, largely through the hidden curriculum, to avoid and suppress emotion. This can culminate in mental health problems and loss of empathy. Method: A qualitative descriptive analysis of 28 randomly selected, mandatory, reflective essays focused on a home visit to a previously unknown patient, in an unsupervised group of 4 students, within the context of a structured course called Patient Contact—PASKON. Results: Students described a wide range of affect-laden responses, positive and negative, elicited by the home visits. The observations were typically related to loss of control, struggles to behave “professionally,” and the unmasking of stereotypes and prejudices. Conclusions: Medical students’ initial clinical encounters elicit emotional responses that have the potential to serve as triggers for the development of emotional maturity, relational skills, and patient-centered attitudes. Conversely, they can foreground uncertainty and lead to defensive distancing from patients’ existential concerns. The findings point to a role for structured educational strategies and supervision to assist students in the emotion work necessary in the transition from a “lay” to a “medical” identity.publishedVersio

    Investigating Differences between Graphical and Textual Declarative Process Models

    Full text link
    Declarative approaches to business process modeling are regarded as well suited for highly volatile environments, as they enable a high degree of flexibility. However, problems in understanding declarative process models often impede their adoption. Particularly, a study revealed that aspects that are present in both imperative and declarative process modeling languages at a graphical level-while having different semantics-cause considerable troubles. In this work we investigate whether a notation that does not contain graphical lookalikes, i.e., a textual notation, can help to avoid this problem. Even though a textual representation does not suffer from lookalikes, in our empirical study it performed worse in terms of error rate, duration and mental effort, as the textual representation forces the reader to mentally merge the textual information. Likewise, subjects themselves expressed that the graphical representation is easier to understand

    A Goal-based Framework for Contextual Requirements Modeling and Analysis

    Get PDF
    Requirements Engineering (RE) research often ignores, or presumes a uniform nature of the context in which the system operates. This assumption is no longer valid in emerging computing paradigms, such as ambient, pervasive and ubiquitous computing, where it is essential to monitor and adapt to an inherently varying context. Besides influencing the software, context may influence stakeholders' goals and their choices to meet them. In this paper, we propose a goal-oriented RE modeling and reasoning framework for systems operating in varying contexts. We introduce contextual goal models to relate goals and contexts; context analysis to refine contexts and identify ways to verify them; reasoning techniques to derive requirements reflecting the context and users priorities at runtime; and finally, design time reasoning techniques to derive requirements for a system to be developed at minimum cost and valid in all considered contexts. We illustrate and evaluate our approach through a case study about a museum-guide mobile information system

    Engaging End-Users in the Collaborative Development of Domain-Speci c Modelling Languages

    Get PDF
    International audienceDomain-Speci c Modelling Languages (DSMLs) are high-level languages specially designed to perform tasks in a particular domain. When developing DSMLs, the participation of end-users is normally limited to providing domain knowledge and testing the resulting language prototypes. Language developers, which are perhaps not domain experts, are therefore in control of the language development and evolution. This may cause misinterpretations which hamper the development process and the quality of the DSML. Thus, it would be bene cial to promote a more active participation of end-users in the development process of DSMLs. While current DSML workbenches are mono-user and designed for technical experts, we present a process and tool support for the example-driven, collaborative construction of DSMLs in order to engage end-users in the creation of their own languages

    The conceptual schema of Ethereum

    Get PDF
    There is an abundant literature on Ethereum, but as far as we know what is missing is its explicit conceptual schema. We present here the conceptual schema of Ethereum in UML. The schema should be useful to those that want to understand Ethereum. We also show that the schema is necessary for developing the schema of Ethereum–based DApps. We present a few population constraints, and show that they suffice for the specification at the conceptual level of what is understood by immutability of a blockchain. We also show that the well–known reification construct and an initial constraint suffice to specify at the conceptual level that the Ethereum blockchain stores the full state history.Peer ReviewedPreprin

    The dynamics of proving uncolourability of large random graphs I. Symmetric Colouring Heuristic

    Full text link
    We study the dynamics of a backtracking procedure capable of proving uncolourability of graphs, and calculate its average running time T for sparse random graphs, as a function of the average degree c and the number of vertices N. The analysis is carried out by mapping the history of the search process onto an out-of-equilibrium (multi-dimensional) surface growth problem. The growth exponent of the average running time is quantitatively predicted, in agreement with simulations.Comment: 5 figure

    The Utility of the Abstract Relational Model and Attribute Paths in SQL

    Get PDF
    It is well-known that querying information is difficult for domain experts, for they are not familiar with querying actual relational schemata due to the notions of primary and foreign keys and the various ways of representing and storing information in a relational database. To overcome these problems, the Abstract Relational Model and the query language, SQLP, have been proposed. They are the theoretical foundations and ensure that explicit primary and foreign keys are hidden from the user's view and that queries can be expressed more compactly. In this paper we evaluate these theoretical advantages with user studies that compare SQLP to plain SQL as the baseline. The experiments show significant statistical evidence that SQLP indeed requires less time for understanding and authoring queries, with no loss in accuracy. Considering the positive results, we develop a method to reverse engineer legacy relational schemata into abstract relational ones
    corecore