Modelling And Reasoning About Trust Relationships In The Development Of Trustworthy Information Systems

Trustworthy information systems are information systems that fulfill all the functional and non-functional requirements. To this end, all the components of an information system, either human or technical, need to collaborate in order to meet its requirements and achieve its goals. This entails that system components will show the desired or expected behaviour once the system is put in operation. However, modern information systems include a great number of components that can behave in a very unpredictable way. This unpredictability of the behaviour of the system components is a major challenge to the development of trustworthy information systems and more particularly during the modelling stage. When a system component is modelled as part of a requirements engineering model it creates an uncertainty about its future behaviour, thus undermining the accuracy of the system model and eventually the system trustworthiness. Therefore, the addition of system components inevitably is based on assumptions of their future behaviour. Such assumptions are underlying the development of a system and usually are assumptions of trust by the system developer about her trust relationships with the system components, which are instantly formed when a component is inserted into a requirements engineering model of a system. However, despite the importance of such issues, a requirements engineering methodology that explicitly captures such trust relationships along with the entailing trust assumptions and trustworthiness requirements is still missing. For tackling the preceding problems, the thesis proposes a requirements engineering methodology, namely JTrust (Justifying Trust) for developing trustworthy information systems. The methodology is founded upon the notions of trust and control as the means of confidence achievement. In order to develop an information system the developer needs to consider her trust relationships with the system components that are formed with their addition in a system model, reason about them, and proceed to a justified decision about the design of the system. If the system component cannot be trusted to behave in a desired or expected way then the question of what are the alternatives in order to build confidence in the future behaviour of the system component raises. To answer this question we define a new class of requirements, namely trustworthiness requirements. Trustworthiness requirements prescribe the functionality of the software included in the information system that compels the rest of the information system components to behave in a desired or expected way. The proposed methodology consists of: (i) a modelling language which contains trust i and control abstractions; (ii) and a methodological process for capturing and reasoning about trust relationships, modelling and analysing trustworthiness requirements, and assessing the system trustworthiness at a requirements stage. The methodology is accompanied by a CASE tool to support it. To evaluate our proposal, we have applied our methodology to a case study, and we carried out a survey to get feedback from experts. The topic of the case study was the e-health care system of the National Health Service in England, which was used to reason about trust relationships with system components and identify trustworthiness requirements. Researchers from three academic institutions across Europe and from one industrial company, British Telecom, have participated in the survey in order to provide valuable feedback about the effectiveness and efficiency of the methodology. The results conclude that JTrust is useful and easy to use in modelling and reasoning about trust relationships, modelling and analysing trustworthiness requirements and assessing the system trustworthiness at a requirements level

Privacy Level Agreements for Public Administration Information Systems

Improving Public Administration (PA) operations and services is a major focus globally; they should be transparent, accountable and provide services that improve citizens' confidence and trust. In this context, it is important that PAs have the ability to define agreements between citizens and PAs and that such agreements can be used in the context of PAs Information Systems to specify citizens' privacy needs, provide feedback on data sharing and enable PA departments to analyse privacy threats and vulnerabilities, compliance with laws and regulations and analyse trust relationships. We propose the use of the concept of Privacy Level Agreement (PLA) to address the aforementioned issues. The PLA is formally specified, based on an XML schema, which enables its automated use

Characterization of a Highly Virulent <i>Edwardsiella anguillarum</i> Strain Isolated From Greek Aquaculture, and a Spontaneously Induced Prophage Therein

Edwardsiella-associated outbreaks are increasingly reported on both marine and freshwater aquaculture setups, accounting for severe financial and biomass losses. E. tarda, E. ictaluri, and E. hoshinae have been the traditional causative agents of edwardsiellosis in aquaculture, however, intensive studies due to the significance of the disease have just recently revealed two more species, E. piscicida and E. anguillarum. Whole genome sequencing that was conducted on the strain EA011113, isolated from farmed Diplodus puntazzo after an edwardsiellosis outbreak in Greece, confirmed it as a new clinical strain of E. anguillarum. Extensive phylogenetic analysis showed that this Greek strain is closely related to an Israeli E. piscicida-like clinical strain, isolated from diseased groupers, Epinephelus aeneus and E. marginatus in Red Sea. Bioinformatic analyses of E. anguillarum strain EA011113 unveiled a wide repertoire of potential virulence factors, the effect of which was corroborated by the mortalities that the strain induced in adult zebrafish, Danio rerio, under different levels of infection intensity (LD50 after 48 h: 1.85 × 104 cfu/fish). This strain was non-motile and according to electron microscopy lacked flagella, a fact that is not typical for E. anguillarum. Comparative genomic analysis revealed a deletion of 36 nt found in the flagellar biosynthetic gene (FlhB) that could explain that trait. Further in silico analysis revealed an intact prophage that was integrated in the bacterial genome. Following spontaneous induction, the phage was isolated, purified, characterized and independently sequenced, confirming its viability as a free, inducible virion as well. Separate genomic analysis of the prophage implies a plausible case of lysogenic conversion. Focusing on edwardsiellosis as a rapidly emerging aquaculture disease on a global scale, this work offers some insight into the virulence, fitness, and potential lysogenic conversion of a of a newly described, yet highly pathogenic, strain of E. anguillarum.</p

Early life stress induces long-term changes in limbic areas of a teleost fish: the role of catecholamine systems in stress coping

Early life stress (ELS) shapes the way individuals cope with future situations. Animals use cognitive flexibility to cope with their ever-changing environment and this is mainly processed in forebrain areas. We investigated the performance of juvenile gilthead seabream, previously subjected to an ELS regime. ELS fish showed overall higher brain catecholaminergic (CA) signalling and lower brain derived neurotrophic factor (bdnf) and higher cfos expression in region-specific areas. All fish showed a normal cortisol and serotonergic response to acute stress. Brain dopaminergic activity and the expression of the α2Α adrenergic receptor were overall higher in the fish homologue to the lateral septum (Vv), suggesting that the Vv is important in CA system regulation. Interestingly, ELS prevented post-acute stress downregulation of the α2Α receptor in the amygdala homologue (Dm3). There was a lack of post-stress response in the β2 adrenergic receptor expression and a downregulation in bdnf in the Dm3 of ELS fish, which together indicate an allostatic overload in their stress coping ability. ELS fish showed higher neuronal activity (cfos) post-acute stress in the hippocampus homologue (Dlv) and the Dm3. Our results show clear long-term effects on limbic systems of seabream that may compromise their future coping ability to environmental challenges.publishedVersio

An Adaptive Supply Chain Cyber Risk Management Methodology

Maritime information infrastructures have developed to highly interrelated cyber ecosystems, where ports as well as their partners are connected in dynamic Information and Communication Technology (ICT)-based maritime supply chains. This makes them open and vulnerable to the rapidly changing ICT threat landscape. Hence, attacks on a seemingly isolated system of one business partner may propagate through the whole supply chain, causing cascading effects and resulting in large-scale impacts. In this article, we want to present a novel risk management methodology to assess the risk level of an entire maritime supply chain. This methodology builds upon publicly available information, well-defined mathematical approaches and best practices to automatically identify and assess vulnerabilities and potential threats of the involved cyber assets. This leads to a constantly updated risk evaluation of each business partner’s cyber assets together with their cyber interconnections with other business partners. The presented risk management methodology is based on qualitative risk scales, which makes the assessment as well as the results more intuitive. Furthermore, it enables a holistic view on all of the integrated ICT-systems as well as their interdependencies and thus can increase the security level of both a whole supply chain and every participating business partner

Characterization of a Highly Virulent Edwardsiella anguillarum Strain Isolated From Greek Aquaculture, and a Spontaneously Induced Prophage Therein

Edwardsiella-associated outbreaks are increasingly reported on both marine and freshwater aquaculture setups, accounting for severe financial and biomass losses. E. tarda, E. ictaluri, and E. hoshinae have been the traditional causative agents of edwardsiellosis in aquaculture, however, intensive studies due to the significance of the disease have just recently revealed two more species, E. piscicida and E. anguillarum. Whole genome sequencing that was conducted on the strain EA011113, isolated from farmed Diplodus puntazzo after an edwardsiellosis outbreak in Greece, confirmed it as a new clinical strain of E. anguillarum. Extensive phylogenetic analysis showed that this Greek strain is closely related to an Israeli E. piscicida-like clinical strain, isolated from diseased groupers, Epinephelus aeneus and E. marginatus in Red Sea. Bioinformatic analyses of E. anguillarum strain EA011113 unveiled a wide repertoire of potential virulence factors, the effect of which was corroborated by the mortalities that the strain induced in adult zebrafish, Danio rerio, under different levels of infection intensity (LD50 after 48 h: 1.85 × 104 cfu/fish). This strain was non-motile and according to electron microscopy lacked flagella, a fact that is not typical for E. anguillarum. Comparative genomic analysis revealed a deletion of 36 nt found in the flagellar biosynthetic gene (FlhB) that could explain that trait. Further in silico analysis revealed an intact prophage that was integrated in the bacterial genome. Following spontaneous induction, the phage was isolated, purified, characterized and independently sequenced, confirming its viability as a free, inducible virion as well. Separate genomic analysis of the prophage implies a plausible case of lysogenic conversion. Focusing on edwardsiellosis as a rapidly emerging aquaculture disease on a global scale, this work offers some insight into the virulence, fitness, and potential lysogenic conversion of a of a newly described, yet highly pathogenic, strain of E. anguillarum