Content enrichment through dynamic annotation

This paper describes a technique for interceding between users and the information that they browse. This facility, that we term 'dynamic annotation', affords a means of editing Web page content 'on-the-fly' between the source Web server and the requesting client. Thereby, we have a generic way of modifying the content displayed to local users by addition, removal or reorganising any information sourced from the World-Wide Web, whether this derives from local or remote pages. For some time, we have been exploring the scope for this device and we believe that it affords many potential worthwhile applications. Here, we describe two varieties of use. The first variety focuses on support for individual users in two contexts (second-language support and second language learning). The second variety of use focuses on support for groups of users. These differing applications have a common goal which is content enrichment of the materials placed before the user. Dynamic annotation provides a potent and flexible means to this end

Second language user support

Computer users rarely experience entirely trouble-free interaction. The natural variety ofindividuals ensures that no software systems yield constantly fluent interaction for allusers. In consequence, software designers often strive to ameliorate this situation bybuilding 'user support' into their systems. User support can take different forms but,conventionally, each aims to assist the needy end-user by means of facilities directly supporting the performance of certain operations, or through supply of information thatadvises the user on available system functionality.The present paper briefly characterises a range of user support facilities before describingone requirement in greater detail. This aspect considers the needs of users whose mother-tongue is not English, but who are obliged to use English-based information systems. Inthis context, 'helping the user' must reasonably extend beyond mere advice on systemoperation to selective elucidation of information content. We regard this move as alogical extension of the user support concept, by seeking to address specific interactionneeds in a target user population. An example of this approach is described through aninformation system, in the domain of civil engineering, for native Chinese speakers ofEnglish

The Internet of Things : promise of a better connected world

The progressive adoption of Internet-enabled devices and technologies may yield significant social and economic benefits for countries, organisations and individuals able to leverage the enhanced communication, integration, and data synthesis capabilities lauded for these developments. This chapter considers the varieties of application that are emerging and discusses the likely merits and demerits of such progress. Although the technological advances seem to be inevitable, the economic and social benefits are less assured. In particular, issues of availability, security, and privacy raise prospective concerns that may curtail the ultimate gains from the Internet of Things

Action and volition

Despite views to the contrary, 'action' is not a concept alien to ordinary ways of thinking, hence the significance of the philosophical problem of action, which demands that we ground this concept in some real difference between actions and other occurrences. I argue that of the two likely candidates, the causal and the volitional theories of action, the causal approach will not suffice because it is unable to cope with instances of wayward causality.My concern is principally with the volition theory of which the views of James and Prichard are discussed at length. James's account of the will is deemed unacceptable by virtue of its emphasis upon introspection. While Prichard appears to offer good reasons for believing that willing is fundamental to action, his identification of action with volition is rejected. Subsequently, detailed consideration is given to the relation of volition to action, and I suggest that volition be regarded neither as action nor cause of action. Instead, actions are best understood as causings, which embrace both volitions and their effects. This analysis of action is extended through the concept of 'basic action', and it emerges that there is a clear sense in which willing is not intentional.The suggestion that 'trying' is crucial to the concept of action is discussed and it is argued that willing may constitute trying in every instance of action, although it never counts as action in its own right.Volition is faced with with criticisms from Ryle. I defend the view that volitions may be regarded as essentially voluntary, although we may do better to construe it as involuntary. The problem of descriptive deficiency and the logical connection argument are the next challenges met by my account of volition. Several remaining objections to my account of action are dismissed before I demonstrate that, unlike the causal approach, the volition theory meets the rigours of wayward causality.In conclusion, we have an account of action which harks back to the suggestion of J.S. Mill, that action is 'not one thing but a combination of two'. By thus supposing that volition plays an essential role in action, we can adequately resolve the problem of action with which we began

Online learning : towards enabling choice

Education is rapidly evolving from an opportunity that was provided mainly for an elite to one that is available to a mass markets and as such is prone to the forces generated by this environment. Where, in the established pattern, commercial interest was limited mainly to the use of skills developed during the educational process, the future model of educational provision will involve extensive commercial activity in the production, delivery and marketing of material. Already there are a number of commercial companies offering framework products enabling "off the shelf solutions" for the construction and delivery of web based courses in any subject area. The commercialisation of education is underway and it is inevitable that it will be viewed, by entrepreneurs and customers alike, as any other commercial product. It would seem reasonable that the consumer should be able to evaluate the performance of these new modes of working in a similar manner to other commercial products. This paper draws together current thinking on the problems associated with evaluating computer and communication based learning

Readability as a basis for information security policy assessment

Most organisations now impose information security policies (ISPs) or 'conditions of use' agreements upon their employees. The need to ensure that employees are informed and aware of their obligations toward information security is apparent. Less apparent is the correlation between the provision of such policies and their compliance. In this paper, we report our research into the factors that determine the efficacy of information security policies (ISPs). Policies should comprise rules or principles that users can easily understand and follow. Presently, there is no ready mechanism for estimating the likely efficacy of such policies across an organisation. One factor that has a plausible impact upon the comprehensibility of policies is their readability. The present study investigates the effectiveness of applying readability metrics as an indicator of policy comprehensibility. Results from a preliminary study reveal variations in the comprehension test results attributable to the difficulty of the examined policies. The pilot study shows some correlation between the software readability formula results and human comprehension test results and supports our view that readability has an impact upon understanding ISPs. These findings have important implications for users’ compliance with information security policies and suggest that the application of suitably selected readability metrics may allow policy designers to evaluate their draft policies for ease of comprehension prior to policy release. Indeed, there may be grounds for a readability compliance test that future ISPs must satisfy

Toward music-based data discrimination for cybercrime investigations

In this paper we describe an approach to data interpretation in which ‘raw’ data is analysed quantitatively in terms of textual content and the results of this analysis ‘converted’ to music. The purpose of this work is to investigate the viability of projecting complex text-based data, via textual analysis, to a musical rendering as a means for discriminating data sets ‘by ear’. This has the potential of allowing non-domain experts to make distinctions between sets of data based upon their listening skills. We present this work as a research agenda, since it is based upon earlier exploration of the underlying concept of mapping textual analyses to music, and explore possible areas of application in the domains of information security and digital forensics

Strategies for intrusion monitoring in cloud services

Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activities. We outline an approach to intrusion monitoring that aims (i) to ensure the credibility of log data and (ii) provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired

Vulnerability to social engineering in social networks : a proposed user-centric framework

Social networking sites have billions of users who communicate and share their personal information every day. Social engineering is considered one of the biggest threats to information security nowadays. Social engineering is an attacker technique to manipulate and deceive users in order to access or gain privileged information. Such attacks are continuously developed to deceive a high number of potential victims. The number of social engineering attacks has risen dramatically in the past few years, causing unpleasant damage both to organizations and individuals. Yet little research has discussed social engineering in the virtual environments of social networks. One approach to counter these exploits is through research that aims to understand why people fall victim to such attacks. Previous social engineering and deception research have not satisfactory identified the factors that influence the users' ability to detect attacks Characteristics that influence users' vulnerability must be investigated to address this issue and help to build a profile for vulnerable users in order to focus on increasing the training programs and education for those users. In this context, the present study proposes a user-centric framework to understand the user's susceptibility, relevant factors and dimensions

Cybersecurity and the unbearability of uncertainty

Cyber criminals increasingly target Small and Medium Sized Businesses (SMEs) since they are perceived to have the weakest defences. Some will not survive a cyber attack, and others will have their ability to continue trading seriously impaired. There is compelling evidence that, at present, SMEs do not seem to be implementing all the advisable security measures which could help them to resist such attacks. Many in the security industry believe that this is because SMEs do not take the threat seriously. This paper reports on a study to find out whether this is the case, or not. The primary finding is that most SMEs do care about the threat but that very few implement even a small subset of the available security precautions. One contributory factor seemed to be the uncertainty caused by the wealth of conflicting and confusing online advice offered by industry and official bodies. This seemed to be hindering rather than helping SMEs so that they did not know what actions to take to improve their resilience. The conclusion is a recommendation for actions to be taken to better inform SMEs and help them to secure their systems more effectively