This document discusses building a responsibility model using modal logic. It begins with a literature review of existing policy models and engineering methods related to concepts of accountability, capability and commitment. It identifies that while some concepts like rights and roles are commonly addressed, models do not fully cover all responsibility components. The document then proposes a preliminary responsibility model and defines the main concepts of capability, accountability and commitment. It suggests a formalization of these concepts using deontic logic to help analyze organizational structures and policies for consistency and problems.
An Extended Reasoning Cycle Algorithm for BDI Agents
Abstract: multi-agent systems and particularly bdi agents are mostly used in a wide range of projects, from agent-based simulations to air-traffic control. They all benefit from the autonomy and proactive behavior that provides agent-based architectures, as well as the characteristics of reasoning that are outlined by the bdi architecture. Thereforethe belief desire intention agent model and agentspeak language have becomea state-of-the-art and one of the challenging research subjects in the agent modeling and programming area.
In particular the bdi architecture is frequently used in the development of agents that try to simulate certainaspects of human behavior, and precisely perception and formulation of beliefs are two of the elements of bdiagents that require special attention in the development of such agents. Thiswork propose a way to extend the reasoning cycle algorithm on bdi agents, in a way that it allows to process inaccurate perceptions in the formulation of beliefs in such agents; it also shows an example implemented in agentspeak as well as the results of its execution within the jason interpreter.
P o l i t i c a l c s r d o e s d e m o c r a t i c t h
The document discusses building a personal learning network for doctoral students, outlining essential members such as other students, professors, career professionals, veterans, and spiritual advisors. It describes how to connect with these groups through tools like social media, university resources, and meeting platforms. The purpose of a personal learning network is to improve engagement, develop relationships, and gain knowledge and insights from a community of diverse individuals.
Adaptive guidance model based similarity for software process development pro...
This paper describes a modeling approach SAGM (Similarity for Adaptive Guidance Model) that provides
adaptive and recursive guidance for software process development. This approach, in accordance to
developer needs, allows specific tailored guidance regarding the profile of developers. A profile is partially
or completely defined from a model of developers, through their roles, their qualifications, and through the
relationships between the context of the current activity and the model of the defined activities. This
approach aims to define the generic profile of development context and a similarity measure that evaluates
the similarities between the profiles created from the model of developers and those of the development
team involved in the execution of a software process. This is to identify the profiles classification and to
deduce the appropriate type of assistance to developers (that can be corrective, constructive or specific).
A SIMILARITY MEASURE FOR CATEGORIZING THE DEVELOPERS PROFILE IN A SOFTWARE PR...csandit
Software development processes need to have an integrated environment that fulfills specific
developer needs. In this context, this paper describes the modeling approach SAGM ((Similarity
for Adaptive Guidance Model) that provides adaptive recursive guidance for software
processes, and specifically tailored regarding the profile of developers. A profile is defined from
a model of developers, through their roles, their qualifications, and through the relationships
between the context of the current activity and the model of the activities. This approach
presents a similarity measure that evaluates the similarities between the profiles created from
the model of developers and those of the development team involved in the execution of a
software process. This is to identify the profiles classification and to deduce the appropriate
type of assistance (that can be corrective, constructive or specific) to developers.
Using fuzzy set qualitative comparative analysis to measure contract rules in...Maria Kapsali (PhD)
The document describes a study that uses fuzzy-set Qualitative Comparative Analysis (fsQCA) to measure the effectiveness of contract rules in complex project operations. The study analyzes 23 projects across different sectors using fsQCA to identify configurations of conditions (i.e. types of contract rules) that lead to different outcomes (i.e. levels of compliance). Interviews and contract documents are analyzed to develop a truth table capturing combinations of conditions and their associated outcomes. The results identify configurations associated with positive behavioral outcomes for different project contexts based on levels of interdependence and modularity. The findings suggest contracts should balance rules rather than rely solely on classical or relational approaches.
The problem of user designer relations in technolgy production, formattedPekka Muukkonen
This document discusses problems in the relationship between users and designers in technology production. It compares the approaches of Business Process Reengineering (BPR) and Rational Unified Process (RUP) with Participatory Design (PD). BPR and RUP take a top-down, formal approach that designs processes and systems away from the actual use context, while PD actively involves end-users to incorporate tacit knowledge about work. The author argues that both approaches have value and that a successful design process should incorporate relevant aspects of each to build a system that meets the needs of all stakeholders. Representations used must capture knowledge in a way that is meaningful to users, managers, and developers.
Abstract: multi-agent systems and particularly bdi agents are mostly used in a wide range of projects, from agent-based simulations to air-traffic control. They all benefit from the autonomy and proactive behavior that provides agent-based architectures, as well as the characteristics of reasoning that are outlined by the bdi architecture. Thereforethe belief desire intention agent model and agentspeak language have becomea state-of-the-art and one of the challenging research subjects in the agent modeling and programming area.
In particular the bdi architecture is frequently used in the development of agents that try to simulate certainaspects of human behavior, and precisely perception and formulation of beliefs are two of the elements of bdiagents that require special attention in the development of such agents. Thiswork propose a way to extend the reasoning cycle algorithm on bdi agents, in a way that it allows to process inaccurate perceptions in the formulation of beliefs in such agents; it also shows an example implemented in agentspeak as well as the results of its execution within the jason interpreter.
P o l i t i c a l c s r d o e s d e m o c r a t i c t h DIPESH30
The document discusses building a personal learning network for doctoral students, outlining essential members such as other students, professors, career professionals, veterans, and spiritual advisors. It describes how to connect with these groups through tools like social media, university resources, and meeting platforms. The purpose of a personal learning network is to improve engagement, develop relationships, and gain knowledge and insights from a community of diverse individuals.
Adaptive guidance model based similarity for software process development pro...ijseajournal
This paper describes a modeling approach SAGM (Similarity for Adaptive Guidance Model) that provides
adaptive and recursive guidance for software process development. This approach, in accordance to
developer needs, allows specific tailored guidance regarding the profile of developers. A profile is partially
or completely defined from a model of developers, through their roles, their qualifications, and through the
relationships between the context of the current activity and the model of the defined activities. This
approach aims to define the generic profile of development context and a similarity measure that evaluates
the similarities between the profiles created from the model of developers and those of the development
team involved in the execution of a software process. This is to identify the profiles classification and to
deduce the appropriate type of assistance to developers (that can be corrective, constructive or specific).
TOWARDS AUDITABILITY REQUIREMENTS SPECIFICATION USING AN AGENT-BASED APPROACHijseajournal
Transparency is an important factor in democratic societies composed of characteristics such as accessibility, usability, informativeness, understandability and auditability. In this research we focus on auditability since it plays an important role for citizens that need to understand and audit public information. Although auditability has been a subject of discussion when designing systems, there is a lack of systematization in its specification. We propose an approach to systematically add auditability requirements specification during the goal-oriented agent-based Tropos methodology. We used the Transparency Softgoal Interdependency Graph that captures the different facets of transparency while considering their operationalization. An empirical evaluation was conducted through the design and implementation of LawDisTrA system that distributes lawsuits among judges in an appellate court. Experiments included the distribution of over 300,000 lawsuits at the Brazilian Superior Labor Court. We theorize that the presented approach for auditability provides adequate techniques to address the cross-organizational nature of transparency
CRESUS: A TOOL TO SUPPORT COLLABORATIVE REQUIREMENTS ELICITATION THROUGH ENHA...cscpconf
Communicating an organisation's requirements in a semantically consistent and understandable manner and then reflecting the potential impact of those requirements on the IT infrastructure presents a major challenge among stakeholders. Initial research findings indicate a desire among business executives for a tool that allows them to communicate organisational changes using natural language and a simulation of the IT infrastructure that supports those changes. Building on a detailed analysis and evaluation of these findings, the innovative CRESUS tool was designed and implemented. The purpose of this research was to investigate to what extent CRESUS both aids communication in the development of a shared understanding and supports collaborative requirements elicitation to bring about organisational, and associated IT infrastructural, change. This paper presents promising results that show how such a tool can facilitate collaborative requirements elicitation through increased communication around organisational change and the IT infrastructure.
International Journal of Computer Science and Security Volume (2) Issue (2)CSCJournals
The document summarizes a proposed new role-based access control (RBAC) model for workflow systems. The proposed model addresses limitations of existing RBAC models by incorporating additional control factors relevant to workflows, such as decentralization, delegation, supervision, review, and separation of duties. It defines relationships between roles, such as "is a" and "part of" relations, to relax strict role hierarchies. The model introduces tasks as a new component and a task assignment relationship to enable delegation of tasks from one role to another. This allows superior roles to delegate specific access rights and tasks to subordinate roles for completion while maintaining responsibility.
Goal Dynamics_From System Dynamics to ImplementationAmjad Adib
1) The document describes a PhD research proposal on developing dynamic modeling methods for goal dynamics and multi-agent systems.
2) The research aims to analyze and capture goal dynamics in social contexts and provide intelligent agents that can handle complex, distributed events in real-time.
3) The methodology involves defining artifacts and processes, modeling tools, and evaluating the results against objectives through case studies and simulations.
This document discusses the challenges of requirements engineering for cross-organizational enterprise resource planning (ERP) implementations. It proposes analyzing coordination requirements from a coordination theory perspective to better align ERP systems with business needs. The document inventories coordination mechanisms supported by ERP packages and analyzes how mismatches between business flexibility needs and ERP rigidity can be addressed. Explicitly specifying coordination mechanisms may help requirements engineers find a match between an ERP system's coordination support and the mechanisms selected by cooperating organizations.
The document discusses effective requirements elicitation through interviews and modeling. It notes that inaccurately capturing requirements is a major cause of software project failures. Requirements elicitation through interviews is cited as one of the most popular elicitation methods. The document then analyzes different aspects of conducting effective interviews for requirements elicitation, including stakeholder selection and participation, communication methods, interview techniques, and comparing analyst and stakeholder knowledge. It proposes structuring interviews by preparing a basic set of questions and defining the order and control of questioning.
This document discusses and compares several agent-assisted methodologies for developing multi-agent systems:
- It reviews Gaia, HLIM, PASSI, and Tropos methodologies, outlining their key models and phases. Gaia focuses on analysis and design, HLIM models internal and external agent behavior, and PASSI and Tropos incorporate UML modeling.
- It then proposes a new MAB methodology intended to address shortcomings of existing approaches. MAB includes requirements, analysis, design, and implementation phases and models such as use case maps and agent roles.
- Finally, it concludes that agent technologies represent a promising approach for developing complex software systems, but that matching methodologies to problem domains and developing princip
At midlife, she has reinvented herself as a rookie jockey and has won several key races despite a lifelong battle with bipolar disorder. I interviewed Sylvia as part of a package celebrating phenomenal women.
Impact of counterfeits on electronics companiesNEW Momentum
Outsourcing and globalization have numerous benefits, but there is a downside—the proliferation of counterfeits and sales through unauthorized channels. This paper demonstrates the impact of counterfeits on electronics companies and gives solutions for finding the violators as well as a four-step roadmap for recovering revenue lost to counterfeits.
This document discusses the different types of "si clauses" or conditional sentences in French. There are three main types: first conditional for likely present or future situations, second conditional for unlikely past situations, and third conditional for impossible past situations. Examples of each type are provided along with their English equivalents using "if...then". A quiz with 15 example sentences follows to test understanding of the different conditional structures.
Presentación correspondiente a las charlas: Windows 8: Arquitectura y seguridad y Desarrollo de aplicaciones seguras en Windows 8 estilo Metro, impartidas en el curso de Especialización en Dispositivos Móviles que tuvo lugar en la Facultad de Informática de la Universidad de A Coruña del 20 al 22 de junio de 2012.
This short document promotes taking action to dominate affiliate sales through Clickbank by providing a link to more information. It emphasizes the importance of taking action to succeed with Clickbank affiliate marketing and drives the reader to the provided link for next steps. Overall, it encourages immediate action to learn more about using Clickbank for affiliate sales.
1) In 389 BC, barbaric Celtic tribes invaded the Roman Empire, looting and burning the city until paid ransom.
2) In 535 AD, the massive volcanic eruption of Krakatoa caused global climate catastrophe and stunted tree growth for years.
3) In 1532, 168 Spanish conquistadors led by Francisco Pizarro attacked and killed 7,000 Inca soldiers in Peru, conquering the vast Inca Empire with few casualties due to their technological advantages.
This document provides guidance on giving effective presentations in English. It discusses setting goals and choosing a title for the presentation. The document then covers planning the presentation, preparing the content, and establishing a thesis statement. Examples are given of an effective thesis statement and how to stay focused during the presentation. The document concludes by noting that next steps include final presentations and peer review/evaluation.
This document discusses various techniques for improving email security, including spam filtering, secure authentication, and protecting user accounts. It describes how email services use Bayesian filtering, sender reputation levels, and user feedback to identify spam messages. It also explains security measures like Sender Policy Framework, DomainKeys Identified Mail, and mutual Transport Layer Security to authenticate senders and encrypt server communication. Additionally, it recommends steps users can take to strengthen their accounts, such as associating a mobile number, using single-use codes, and marking computers as trusted. The document emphasizes that maintaining email security requires continual effort as threats evolve over time.
The document discusses how social governance can make governments more effective through improved communication, collaboration, and transparency. It notes that traditionally governments communicated through paper files that got lost, but even with computers communication is inefficient through many emails and phone calls. Collaboration on programs is also lacking, as different departments don't work together well. There is also a lack of transparency, with questions about decisions and delays. The document argues that social business can help by allowing governments to crowdsource from citizens, better collaborate in online groups, and more openly share information and status updates.
White paper stopping counterfeit pharmaceuticals 0309NEW Momentum
This white paper discusses the growing problem of counterfeit pharmaceuticals and proposes four ways for pharmaceutical companies to address it. It notes that 10% of global drug supply is counterfeit, with some countries over 50%, and counterfeit drug sales are growing much faster than the legitimate market. The paper advocates for counterfeit protection on packaging, RFID tracking in supply chains, security features on dosages, and advanced web monitoring to identify counterfeits. It argues the private sector must lead solutions to protect patients, brands, and industry profits from counterfeiting.
Charla impartida de Igor Lukic de Zendal Backup, en el I Curso de Verano de Informática Forense de la Facultad de Informática de la Universidad de A Coruña.
The document discusses embedded systems and how they have evolved over time. It describes how embedded controllers now power many everyday devices, from phones to washing machines, and how embedded technology will continue advancing to be included in more low-cost products. It promotes an open source training on embedded systems called Open.Embedded that aims to provide practical, up-to-date skills on using different microcontrollers and IDEs to develop working prototypes quickly.
Headway Chemicals presents its range of fire protection and sealing products for the construction industry. It distributes products from NPT Italy, including one-part polyurethane sealants for joints in concrete and buildings. It also offers polyurethane foam, passive fire protection products, and intumescent fire stopping materials like sealants, mortars, coatings, and putty. Headway has a 20-year production history, fully equipped laboratories for product development and testing, and distributes globally through partnerships like the one with NPT Italy.
Agile Business Intelligence is taking shape as the way to address the disconnect between Business users and IT developers of BI applications. Find out how Yellowfin is making Agile BI easy.
Harbor Research - Strategies for Smart ServicesHarbor Research
The document discusses strategies for "smart services" enabled by connecting manufactured products to the internet. It argues that connecting devices allows manufacturers to (1) gather field intelligence on product performance and customer usage, (2) provide preemptive services based on this data to reduce failures and surprises for customers, and (3) create new recurring revenue streams from ongoing smart services. Early adopters like Honeywell, Air Products, and GE have transformed their businesses through these smart service strategies.
Preliminary literature review of policy engineering methodschristophefeltus
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It begins by discussing Camerer's observations that policy research often lacks agreed upon definitions, testing of theories against alternatives, and building upon previous work. It then reviews how responsibility is addressed in access control models like MAC, DAC, RBAC and UCON, noting they focus primarily on rights. Finally, it introduces the author's intention to propose a new policy model and engineering method that incorporates responsibility by considering stakeholders' capabilities, accountability and commitments, and uses requirements engineering principles while accounting for business processes.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
Methodology to align business and it policies use case from an it companychristophefeltus
This document proposes a methodology for aligning business and IT policies using a responsibility model. The methodology is a five-step approach consisting of collecting information, defining capabilities, accountabilities and commitments, linking responsibilities to processes, validating the model, and defining policies. It is illustrated with a case study from an IT company where they define an access control policy using this methodology and responsibility model. The responsibility model defines three components - capabilities, accountabilities, and commitments - to clarify roles and responsibilities for policy definition.
This document proposes enhancements to the Role-Based Access Control (RBAC) model by integrating the concept of responsibility. It summarizes the existing RBAC model and user-role/permission-role assignment processes. It then presents a responsibility model built around three concepts: an employee's obligations derived from responsibilities, the rights required to fulfill obligations, and the employee's commitment to fulfill obligations. The paper argues RBAC could be improved by incorporating acceptance of responsibility within the role assignment process. It proposes integrating the responsibility model with RBAC to address identified weaknesses and modeling the integrated model using the OWL ontology language.
Enhancement of business it alignment by including responsibility components i...christophefeltus
This document proposes enhancements to the Role-Based Access Control (RBAC) model by integrating the concept of responsibility. It summarizes the existing RBAC model and user/permission assignment processes. It then presents a responsibility model built around three concepts: an employee's obligations derived from responsibilities, the rights required to fulfill obligations, and the employee's commitment to fulfill obligations. The paper argues RBAC could be improved by incorporating acceptance of responsibility within the role assignment process. It proposes integrating the responsibility model with RBAC to address identified weaknesses and modeling the integrated model using the OWL ontology language.
Strengthening employee’s responsibility to enhance governance of it – cobit r...christophefeltus
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. The researchers analyzed existing responsibility concepts from literature and frameworks like COBIT. They developed a UML model of responsibility with key concepts like obligation, accountability, right, and commitment. The researchers then compared their model to COBIT's representation of responsibility. They propose enhancements to COBIT based on responsibility concepts from their model, aiming to provide a common understanding of responsibility across frameworks to benefit IT governance. The paper illustrates proposed changes to COBIT's process for identifying system owners.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
The document presents a responsibility model that includes accountability, capability, and commitment. The objectives of the model are to help organizations verify their structure and detect policy problems. It also provides a conceptual framework to define corporate, security, and access control policies. The paper reviews previous research and proposes a UML model of responsibility integrating its main concepts and relationships. It also selects a formal system to formally represent the model.
Building a responsibility model including accountability capability and commi...christophefeltus
The document presents a responsibility model that includes accountability, capability, and commitment. It aims to help organizations verify their structure and detect policy problems. The model provides a literature review on responsibility concepts in access control models and engineering methods. It then proposes a formal representation of the responsibility model using UML and a formal logic system. The analysis shows that an important variable is whether responsibility is perceived at the user or company level.
State of the art of agile governance a systematic reviewijcsit
This document summarizes a systematic literature review on the state of agile governance. The review identified over 1,900 studies from 10 databases, of which 167 provided evidence to answer the research questions. The studies were organized into four major groups: software engineering, enterprise, manufacturing, and multidisciplinary. The review provides a definition of agile governance, six meta-principles, and a map of findings organized by topic and classified by relevance and convergence. The evidence suggests agile governance is a new, wide, and multidisciplinary area focused on organizational performance that requires more intensive study.
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates concepts from the business and technical layers, with the concept of employee responsibility bridging the two. It incorporates four types of obligations from the COBIT framework to refine employee responsibilities and better assign access rights. ReMoLa maps responsibilities to roles in the RBAC model to leverage its advantages for access right management while ensuring responsibilities align with business tasks and employee commitment.
Re mola responsibility model language to align access rights with business pr...christophefeltus
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates both business and technical perspectives to bridge the gap between them. It uses the concept of employee responsibilities to link business obligations to the technical capabilities and access rights needed to fulfill those obligations. The meta-model includes concepts like responsibilities, obligations, accountabilities, capabilities, and rights. It also maps these concepts to the four types of obligations from the COBIT framework to better define employee responsibilities and access rights assignments based on real needs.
Sim an innovative business oriented approach for a distributed access managementchristophefeltus
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to define access control policies in a way that is closely aligned with business objectives. It does this by linking concepts from the ISO/IEC 15504 process-based model for organizing work to concepts of responsibility. The approach also defines a multi-agent system architecture to automate the deployment of access policies across an organization's heterogeneous IT components and devices. This provides autonomy and adaptability. The goal is to improve how access rights are defined according to business needs and how those rights are deployed throughout the IT infrastructure.
This paper aims to build a responsibility model based on accountability, capability, and commitment. The model's objectives are to help organizations verify their structure and detect policy problems. It also provides a framework for organizations to define corporate, security, and access control policies. The paper reviews previous research and proposes a responsibility model using UML and a formal representation using logic. It analyzes whether responsibility is perceived at the user or company level.
This document discusses challenges with access rights management for information systems due to growing complexity from distributed systems and dynamic environments. It proposes an agent-based framework called SIM that focuses on aligning access policies with business objectives by linking them to processes and responsibilities defined in the ISO/IEC 15504 standard. The goals are to define policies based on business needs and automatically deploy them through IT infrastructure using a multi-agent system architecture.
An agent based framework for identity management the unsuspected relation wit...christophefeltus
The document discusses access rights management in information systems and proposes an innovative approach. It aims to better align access policies with business objectives by linking them to organizational processes and responsibilities. The approach uses concepts from the ISO/IEC 15504 process assessment standard to define policies based on processes, outcomes, roles and responsibilities. It then proposes a multi-agent system to automate deployment of access policies across IT systems and devices in a flexible way. The approach seeks to improve on existing identity management solutions which can be rigid and difficult to integrate across organizations.
Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.
Alignment of remmo with rbac to manage access rights in the frame of enterpri...christophefeltus
The document proposes aligning a Responsibility metamodel (ReMMo) with the Role-Based Access Control (RBAC) model to better manage access rights based on employee responsibilities within an enterprise architecture. It first defines the ReMMo to represent business responsibilities and related access rights. ReMMo is then integrated with the ArchiMate enterprise architecture framework. Finally, the paper proposes aligning ReMMo and RBAC and provides a reference model for engineering access rights based on aligning business roles, responsibilities, and RBAC roles. This approach uses responsibility as a pivot to integrate business and application layer access rights requirements.
Similar to Building a responsibility model using modal logic (20)
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.
This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.
This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.
This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.
This document proposes a methodological approach for specifying services and analyzing service compliance considering the responsibility dimension of stakeholders. The approach includes a product model and process model. The product model has three layers: an informational layer describing service context and concepts, an organizational layer describing business rules and roles, and a responsibility dimension layer linking the two. The process model outlines steps for service architects to identify context, define concepts and rules, specify services, and analyze compliance. The approach is illustrated with an example of managing access rights for sensitive healthcare data exchange between organizations.
This document discusses integrating responsibility aspects into service engineering for e-government. It proposes a multi-layered approach including an ontological layer defining legal concepts, an organizational layer describing roles and stakeholders, an informational layer representing data structures and integrity constraints, and a technical layer representing IT components. A responsibility meta-model is also introduced to align responsibilities across these layers and facilitate interoperability between services that share data. The approach aims to ensure service compliance and manage risks associated with e-government services.
1) The document proposes a dynamic approach for assigning functions and responsibilities to agents in a multi-agent system for critical infrastructure management.
2) The approach uses an agent's reputation, which is based on past performance, to determine which agents receive which responsibilities as crisis situations change over time.
3) Assigning responsibilities dynamically based on reputation allows the system to continue operating effectively if an agent becomes isolated or has reduced capabilities during a crisis.
The document describes the NOEMI assessment methodology, which was developed as part of a research project to help very small enterprises (VSEs) improve their IT practices. The methodology aims to assess VSEs' IT capabilities in order to facilitate collaborative IT management across organizations. It was designed to be aligned with common IT standards like ISO/IEC 15504 and ITIL, but adapted specifically for VSEs. The methodology has been tested through several case studies with VSEs in Luxembourg, with promising results.
This document proposes an extension of the ArchiMate enterprise architecture framework to model multi-agent systems for critical infrastructure governance. The authors develop a responsibility-driven policy concept and metamodel layers to represent agent behavior and organizational policies across technical, application, and organizational layers. The approach is illustrated through a case study of a financial transaction processing system.
This document summarizes an experimental prototype of the OpenSST protocol for secured electronic transactions. OpenSST was developed to achieve high security, simplicity in software engineering, and compatibility with existing standards. The prototype uses OpenSST for the authorization portion of electronic payments in an e-business clearing solution. It describes the OpenSST message format and types, and discusses how OpenSST is implemented in the prototype's three-element architecture of an OpenSST proxy, reverse proxy, and server.
This document proposes an automatic reaction strategy for critical infrastructure SCADA systems. It defines a three-layer metamodel for modeling SCADA components and two types of policies (cognitive and permissive) that govern component behavior. It then presents a two-phase method for identifying these policies from the SCADA architecture and formalizing them to support an automatic reaction strategy. This strategy is modeled as an integral part of the SCADA architecture using the defined metamodel and policy identification method. It includes organizational and application layers with main actors, strategies, and components that realize the reaction policies based on expected automation levels.
This document discusses the NOEMI model, a collaborative management model for ICT processes in SMEs. The model was developed by the Centre Henri Tudor and tested with a cluster of 8 partner SMEs. Key aspects of the model include defining ICT activities across 5 domains, assessing each SME's capabilities, and having an operational team manage activities for the cluster under a coordination committee. The experiment showed improved cost control, management, and partner satisfaction compared to alternatives like outsourcing or hiring individual IT staff. The research is now ready for market transfer as the successful model is adopted long-term by participating SMEs.
The document proposes an agent-based architecture for multi-level security incident reaction in distributed telecommunication networks. The architecture has three levels: a low level interface with the infrastructure, an intermediate level using multi-agent systems to correlate alerts and deploy reactions across domains, and a high level for global supervision and policy management. The architecture was designed based on requirements like scalability, availability, autonomy, and robust reaction and alert management across distributed systems. It was successfully tested for implementing data access control policies.
This document proposes a multi-agent architecture for incident reaction in information system security. The architecture has three layers - low level interacts directly with the infrastructure, intermediate level correlates alerts and deploys reaction actions using multi-agent systems, and high level provides supervision and manages business policies. The architecture was tested for data access control and aims to quickly and efficiently react to attacks while ensuring policy compliance. The document discusses requirements like scalability, autonomy, and global supervision. It also describes the key components of alert management, reaction decision making, and policy definition/deployment to implement the architecture using a multi-agent approach.
The document discusses information security concerns of industry managers. A survey found that information security is the top concern of managers, even more than risks from the economy or natural disasters. While industries invest heavily in information security, most managers still trust their current security systems despite few having organizations well-adapted to new information risks. The complexity of assessing security risks is growing due to new IT capabilities, critical infrastructure developments, cloud services, and increasing cybercrime. Industries and academics must collaborate further on information security research to address these challenges.
Collaborative Team Recommendation for Skilled Users: Objectives, Techniques, ...Hossein Fani
Collaborative team recommendation involves selecting users with certain skills to form a team who will, more likely than not, accomplish a complex task successfully. To automate the traditionally tedious and error-prone manual process of team formation, researchers from several scientific spheres have proposed methods to tackle the problem. In this tutorial, while providing a taxonomy of team recommendation works based on their algorithmic approaches to model skilled users in collaborative teams, we perform a comprehensive and hands-on study of the graph-based approaches that comprise the mainstream in this field, then cover the neural team recommenders as the cutting-edge class of approaches. Further, we provide unifying definitions, formulations, and evaluation schema. Last, we introduce details of training strategies, benchmarking datasets, and open-source tools, along with directions for future works.
A mature quasar at cosmic dawn revealed by JWST rest-frame infrared spectroscopySérgio Sacani
The rapid assembly of the first supermassive black holes is an enduring mystery. Until now, it was not known whether quasar ‘feeding’ structures (the ‘hot torus’) could assemble as fast as the smaller-scale quasar structures. We present JWST/MRS (rest-frame infrared) spectroscopic observations of the quasar J1120+0641 at z = 7.0848 (well within the epoch of reionization). The hot torus dust was clearly detected at λrest ≃ 1.3 μm, with a black-body temperature of
K, slightly elevated compared to similarly luminous quasars at lower redshifts. Importantly, the supermassive black hole mass of J1120+0641 based on the Hα line (accessible only with JWST), MBH = 1.52 ± 0.17 × 109 M⊙, is in good agreement with previous ground-based rest-frame ultraviolet Mg II measurements. Comparing the ratios of the Hα, Paα and Paβ emission lines to predictions from a simple one-phase Cloudy model, we find that they are consistent with originating from a common broad-line region with physical parameters that are consistent with lower-redshift quasars. Together, this implies that J1120+0641’s accretion structures must have assembled very quickly, as they appear fully ‘mature’ less than 760 Myr after the Big Bang.
Hydrogen sulfide and metal-enriched atmosphere for a Jupiter-mass exoplanetSérgio Sacani
We observed two transits of HD 189733b in JWST program 1633 using JWST
NIRCam grism F444W and F322W2 filters on August 25 and 29th 2022. The first
visit with F444W used SUBGRISM64 subarray lasting 7877 integrations with 4
BRIGHT1 groups per integration. Each effective integration is 2.4s for a total effective exposure time of 18780.9s and a total exposure duration of 21504.2s (∼6 hrs)
including overhead. The second visit with F322W2 used SUBGRISM64 subarray
lasting 10437 integrations with 3 BRIGHT1 groups per integration. Each effective
integration is 1.7s for a total effective exposure time of 17774.7s and a total exposure
duration of 21383.1s (∼6 hrs) including overhead. The transit duration of HD189733
b is ∼1.8 hrs and both observations had additional pre-ingress baseline relative to
post-egress baseline in anticipating the potential ramp systematics at the beginning
of the exposure from NIRCam infrared detectors.
Search for Dark Matter Ionization on the Night Side of Jupiter with CassiniSérgio Sacani
We present a new search for dark matter (DM) using planetary atmospheres. We point out that
annihilating DM in planets can produce ionizing radiation, which can lead to excess production of
ionospheric Hþ
3 . We apply this search strategy to the night side of Jupiter near the equator. The night side
has zero solar irradiation, and low latitudes are sufficiently far from ionizing auroras, leading to a lowbackground search. We use Cassini data on ionospheric Hþ
3 emission collected three hours either side of
Jovian midnight, during its flyby in 2000, and set novel constraints on the DM-nucleon scattering cross
section down to about 10−38 cm2. We also highlight that DM atmospheric ionization may be detected in
Jovian exoplanets using future high-precision measurements of planetary spectra.
SCIENTIFIC INVESTIGATIONS – THE IMPORTANCE OF FAIR TESTING.pptxJoanaBanasen1
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
download it
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking ...University of Maribor
Slides from talk:
Aleš Zamuda, Mark Dokter:
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking Randomised Optimisation Algorithms.
2024 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom), 9--11 July 2024, Graz, Austria
https://www.cobcom.tugraz.at/
Lunar Mobility Drivers and Needs - ArtemisSérgio Sacani
NASA’s new campaign of lunar exploration will see astronauts visiting sites of scientific or strategic
interest across the lunar surface, with a particular focus on the lunar South Pole region.[1] After landing
crew and cargo at these destinations, local mobility around landing sites will be key to movement of
cargo, logistics, science payloads, and more to maximize exploration returns.
NASA’s Moon to Mars Architecture Definition Document (ADD)[2] articulates the work needed to achieve
the agency’s human lunar exploration objectives by decomposing needs into use cases and functions.
Ongoing analysis of lunar exploration needs reveals demands that will drive future concepts and elements.
Recent analysis of integrated surface operations has shown that the transportation of cargo on the
surface from points of delivery to points of use will be particularly important. Exploration systems will
often need to support deployment of cargo in close proximity to other surface infrastructure. This cargo
can range from the crew logistics and consumables described in the 2023 “Lunar Logistics Drivers and
Needs” white paper,[3] to science and technology demonstrations, to large-scale infrastructure that
requires precision relocation.
1. Building a Responsibility Model using Modal Logic -
Towards Accountability, Capability and
Commitment Concepts
Christophe Feltus
PReCISE Researcher Centre
University of Namur, Belgium, and
Public Research Centre Henri Tudor
Luxembourg-Kirchberg, Luxembourg
christophe.feltus@tudor.lu
Michaël Petit
PReCISE Researcher Centre
Faculty of Computer Science
University of Namur, Belgium
mpe@info.fundp.ac.be
Abstract— This paper aims at building a responsibility model
based on the concepts of Accountability, Capability and
Commitment. This model’s objective is, firstly, to help
organizations verify the organization structure and detect policy
problems and inconsistencies, and secondly, to provide a
conceptual framework to support them in defining their
corporate, security and access control policies. Our work
provides a preliminary review of the research performed in that
field and proposes, based on the observations, an UML
responsibility model and a definition for all its components.
Thereafter, we suggest and explain a deontological logic
formalization of the most significant concepts. To achieve that,
our innovation stands in the adaptation of the Traditional
Threefold Classification from the alethic logic to an adapted
threefold classification that targets “Responsibility” and based
upon which commitment is somewhat refined.
I. INTRODUCTION
It is remarkable that nowadays, the responsibility
committed from a person to perform a task, an aspect that for
a long time remained overshadowed, appears to be of major
interest. This responsibility [18] and [19] is often perceived as
a combination of rights and obligations. However, current
business (for instance in the financial sector) demonstrates that
the moral aspect is improvable, and that taking care of that
matter would avoid, in some cases, malfunctions of the
system. In practice, responsibility is most often translated
through policies. Many definitions of policy exist. For our
work, we prefer the definition of policies from [1] that Policies
are rules governing the choice in behaviour of a system. This
definition is interesting in that, even if it stems from a low
level context, it sounds applicable to a high level one such as
management.
Based upon the above observations, the objective of the
paper is to propose a literature review of policy models and
engineering methods to identify the main policy’s concepts.
From that literature review, a model of responsibility is
elaborated and incorporates main responsibility concepts and
the major relationships between these. This model aims to be
generic enough to permit the declination of policies to all
abstract layers of the company as well as policies compatible
to all domains of application, e.g. a high level policy for the
management up to a low level policy of access rights. Finally,
we propose a formalization of the concepts using logic system.
The main formalization objectives are, first, to propose a basic
logic framework for defining all concepts and second, by
using that framework, to verify the organisational structure
and detecting policy problems and inconsistency.
II. RESPONSIBILITY LITERATURE REVIEW
It is rapidly observable, when analyzing policy literature,
that a very large number of authors show interest in that
concern. Consequently, a number of surveys have already
been produced in that domain [2][3][4] and [5] but none has
targeted the responsibility through the triplet (Capability,
Accountability, Commitment).
Despite that proliferation of works, it is noteworthy that up
to now there a distinction between works addressing access
control model, policy model, role engineering and
permission/policy engineering does not really exist. Based on
that assumption, it appears meaningful for apprehending that
topic to clarify this point and to highlight the existing
dichotomy between model and method. To perform our
review, we will base our analysis on a commonly accepted
idea that a model or conceptual model is a representation
designed to show the structure of a system or concept and that
(at least in our case), a method is a body of techniques for
collecting data necessary to instantiate the conceptual model.
Consequently and as illustration, the Role-Based Access
Control (RBAC) model [6] proposes a structure for providing
access based on role, whereas role engineering [7] and [8] is a
method aiming to define roles to instantiate the conceptual
model. Identically, policy may also be modelled, and there
exists a proliferation of methods to instantiate it. These
Identify applicable sponsor/s here. (sponsors)
2. methods may be classified according to the technique they
use. We propose to start with methods based on Requirements
Engineering (RE) and to continue with a list of others.
Moreover, it is more frequent to read papers targeting policy
language than policy model. Those policy languages are
innumerable and spread over the entire organizational model
layers. The most famous of them are Ponder [5], Policy
Description Language [6], Security Policy Language [7], and
Rei [8]. Amazingly, the policy model used to support the
policy expression through the policy language remains rarely
specified. This review successively presents the responsibility
through access control models and engineering methods. The
components of the responsibility’s triplet are:
• Capability: which describes the quality of having the
prerequisite qualities or accesses to resources to
achieve a task;
• Accountability: which describes the state of being
accountable on the achievement of a task;
• Commitment: which concerns the engagement of a
stakeholder to fulfil a task, and the assurance he will
do it.
These definitions are refined through the description of
these concepts in section 4.
Responsibility in the field of IT has already been
investigated because of IT security constraints and
requirements firstly, and of software requirement engineering
secondly. IT security depicts responsibility mainly when it
addresses access control. Indeed, to provision employees with
rights and obligations to operate an application or a
component, main access control model use the concept of role
for group employees based on their responsibility, function,
geographic location, domain of work, etc. Some examples of
those models are the Mandatory Access Control, RBAC [10],
UCON [11], OrBAC [12], etc. However, the inconvenient
already observed in large company is that the engineering of
these roles sometimes leads to situations where the amount of
roles is bigger than the amount of employees. This is
summarized in Table I.
Responsibility has also been subject of research in the field
of software requirement engineering. Indeed, this concept is
concentric for a large amount of methods like I*[13]. I* makes
goal-oriented strategic modelling and analysis of requirements
by using three mains concepts that are: actors, intentional
elements, and links. Actors are described in their
organizational settings and have attributes such as goals,
abilities, beliefs, and commitments. Actors can be agents,
roles, and positions. Agents are concrete actors, systems or
humans, with specific capabilities. The inconvenient of those
methods is that they are limited to concepts directly linked to
the software requirement like the right or the obligation
without offering the possibility to be extended to wider
concepts like the commitment.
The state of the art of policy concepts introduces a review
of four main recognized access control models: Mandatory
Access Control (MAC), Discretionary Access Control (DAC),
Role-based Access Control (RBAC) and Usage Control Model
(UCON).
Our survey has also covered others approaches that, due to
the size of the paper, are not presented here. In summary we
may observe that firstly, some concepts are commonly
accepted, such as right, role and obligation. Definitions of the
two firsts concepts are scarce. Only one definition has been
found for the concept of “right”: the right (or permission) is
explicitly granted to a subject to access an object in a specific
mode, such as read or write [1]. For the concept of “role”, only
one definition has been found in [13]. The concept of
obligation is subject to more debate. For Bettini et al. [14],
obligations are conditions or actions that must be fulfilled
either by the users or the system after a decision. In [1],
Sandhu et al. define obligations as requirements that have to
be fulfilled by the subject for allowing access. Crook et al.
[15] extend the notion of obligation to obligation policies
relating to actions that must be carried out on targets by
subjects when a predefined event occurs, and Haley et al. in
[16] define it as which actions must be taken before access can
be granted.
TABLE I. AC MODEL AND RESPONSIBILITY’S CONCEPTS
MAC DAC RBAC UCON
Subject Yes Yes Yes Yes
Object Yes Yes Yes Yes
Group No User Group Role Defined by objects and subject’s attributes
Capability Access Right Access Right Access Right Access Right
Accountability
(Obligation, Constraint)
No No
Yes, static and dynamic
separation of duty
Defined by objects and subject’s attributes
Commitment No No No No
Table II is a summary and a comparison of the reviewed
engineering methods. We may observe that, because the
most frequently addressed concern of capability is the
access right, existing models and methods most of the time
remain targeting low-level layers of abstraction of the
organization. Moreover, if we consider responsibility as a
tuple (Capability, Accountability, Commitment), we
observe that nowadays no model and method exist that
entirely take into account all these responsibility
components.
3. TABLE II. ENGINEERING METHODS AND RESPONSIBILITY’S CONCEPTS.
KAOS I* GBRAM ARMF RACAF
Scenario
Driven
Uses Cases
Subject Agent Actors Agent Users Actors Subject Actors
Object Yes Yes - Asset Data - Object
Group - Yes - Yes Yes Yes Yes
Capability (Right,
Authorzation)
Authorization rules
Abilities
and beliefs
- Permission Permission Permission Access right
Accountability
(Obligation, Constraint)
Achieve requirements
and expectations
Goal
Achieve
a goal
Perform
a task
Perform
a task
Perform
a scenario
Pre-conditions,
post-conditions
Commitment No Yes No No No No No
III. MODELING RESPONSIBILITY CONCEPT
At the top of the UML model (see Figure 1) is the
organization. Organizations encompass employees (users)
whose objectives are to perform tasks (or processes) by using
resources. To facilitate administration, those users are often
grouped together based on their profile. As previously
explained in the literature review, the most famous type of
classification is the role, but variations exist such as for
example the team, the hierarchy, or some geographical
constraints. Existing solutions most often limit the resources
accessibility to an access right conferred to a role. Our model
covers that possibility, but extends it to the notion of
responsibility that also encompasses the accountability, the
commitment, and the capability. In our model, capability is a
broader concept than the mere one of access right. Our model
encompasses the following concept:
User: a person, external or internal to an organization, that has
to achieve a task s/he is responsible for;
Role: describes the position of a person in the organisation.
This position may be related to a hierarchical status, a
geographic position, the membership in an organisation unit or
department, or whatever;
Resource: is something needed for or produced by performing
a task. Resource can take different forms such like
information, manpower;
Task: is the operation performed by the users;
Capability: describes the quality of having the required
qualities, skills or resources to perform a task;
Accountability: describes the state of being accountable
(responsible) on the achievement of a task;
Commitment: is the engagement of a stakeholder to fulfil a
task and the assurance that s/he will do it;
Access right: is a statement on the type of action that could be
performed by a user through a resource;
Organization: is an entity that encompasses users, resources
and processes, that aims at pursues collective goals.
Our model reuses some commonly accepted components
presented in the literature survey in sections 3 and 4, whereas
others are new. User is the basic component and appears as a
person, a system or a software component. Resource could
take a large scale of representation. Capability is a component
that is part of all models and methods. Capability is a
component that is part of all models and methods. Capability
is most frequently declined through definition of access
rights, authorizations or permissions. Accountability is a
component that exists mainly in engineering methods and that
is the obligation to achieve a task or to perform an action.
Commitment is the most infrequent concept. Traditional
policy model such as RBAC do not address it, however i*
partly introduces it (e.g. when defining dependency as an
“agreement” between two actors), but knowing whether it is a
moral concept or an obligation remains subject to
interpretation.
Figure 1. UML Model of Responsibility
In the first part of this section, we tackle at explaining
main responsibility concepts. The second part of this section
will put forward some significant relationships between them.
As basic relation, the link between Role, Responsibility and
Task is to be underlined. Indeed, it is no longer justified that
the main construct of an organization is the performance of a
task by an employee implicitly generating profit.
Responsibility is the midpoint concept that lies down between
Task and Employee (declined in the model under the concept
of Role), and that adds essence to this relation. On this relation
is to be read: “there is one and only one role responsible for
one task, and one role may have many responsibilities and one
responsible may perform many tasks”. The second significant
relation to be discussed in the paper is, subsequently, the
relationship between Responsibility and Capacity,
Accountability and Commitment. This relation is of the form
4. 0..* to 1. That means that being responsible involves the
possibility to dispose of many Capacities, Accountabilities and
Commitment. But on the opposite, Commitment is only bound
to one responsibility, and adequately for Accountability and
Capability. The last quite interesting relation is the one that
concerns the access to a Resource, and more precisely, the
Access right to a Resource. This Access Right is a Capability
for a person responsible, while being at the same time an
Accountability for another.
IV. FORMALIZING CONCEPTS USING STANDARD AND
DEONTIC LOGIC
Responsibility may be formalized using standard logic and
more precisely SDL (for Standard Deontic Logic) theories.
Standard Logic is the logic of necessary truth and related
relations. This chapter attempts to define the responsibility (R)
assigned to a user (u) to perform a task (t) and is written
R([t]u). The responsibility is defined as according to the
capability (CA), the accountability (AC) and the commitment
(CO) as explained on Figure 1.
In [17], Cholvy et al. propose a formalization of the
responsibility concept . To achieve this, they begin their work
with a definition of the various meanings of responsibility, and
then model several aspects of responsibility using SDL and
logic of actions. The three concepts {capability, accountability
and commitment} implicitly exist through the responsibility
definitions, but are not duly modelled. For example, definition
2 issued from Cholvy’s paper claims that responsibility is an
obligation or a moral duty to report or explain the action, or
someone else’s action to a given authority (answerability).
This definition helps at defining the commitment as a moral
duty in parallel with an obligation that is a legal duty.
Definition 3, which defines the responsibility according to a
position in an organization, explains that someone responsible
for something should be prepared to justify his action. This
justification brings the content of the concept of accountability
and consequently nuances accountability versus answerability.
This definition also argues that it is possible to analyze the
“consistency” of an organization by identifying users
overloaded with responsibility. It brings up the notion of user
capability in the sense of having enough resources to assume a
number of responsibilities.
Figure 2. Traditional Threefold Classification
IMp ↔ OB⌐p (1)
PEp ↔ ⌐OB⌐p (2)
GRp ↔ ⌐OBp (3)
OPp ↔ (⌐OBp & ⌐OB⌐p) (4)
In addition to Cholvy’s proposition to formalize
responsibility with deontic logic, our work provided an
adaptation of the traditional threefold classification (TTC)
(Figure 2) on firstly transposing Obligatory by Accountable in
that both bring up the notion of anything indispensable and
makes obligatory through a legal issue (like a policy).
Secondly, we transpose Impermissible by Incapable in that
both defend the idea that it is not permitted or not allowable.
Thirdly, an optional proposition of the deontic standard logic
is analogue to an optional (OP) proposition in a responsibility
based threefold classification. To achieve that transposition,
we defined the incapacity (IN) and the unaccountability (UN)
such as :
IN[t]u ↔ AC⌐[t]u (5)
UN[t]u ↔ ⌐AC[t]u (6)
Equally to the deontic standard schema, the Figure 3
highlights that the three rectangular cells are jointly exhaustive
and mutually exclusive.
Figure 3. Responsibility based Threefold Classification
Indeed, each proposition is accountable, optional or
incapable. Moreover, Capable propositions are those that are
either accountable or optional and unaccountable propositions
are those that are either optional or incapable. Moreover, we
may define the capability and optional concept based on the
accountability one such as:
CA[t]u ↔ ⌐AC⌐[t]u (7)
OP[t]u ↔ (⌐AC[t]u & ⌐AC⌐[t]u) (8)
The equation (8) asserts that something is an optional
proposition if and only if neither the performance of the task t
by the user u nor its negation is accountable. This first
assertion of the optional proposition issued from the
adaptation of the deontological logic TTC is very interesting
in that it expresses a first statement of being through the
proposition of accountability. However, accountability is a
proposition that aims to link two stakeholders: the accountable
(or the responsible) and its manager (or the organization). It
appears that this option proposition, even if optional to an
organizational accountability, could remain engaged toward a
moral obligation that we call Commitment. This commitment
could be defined as the act of binding itself (intellectually or
emotionally) to a course of actions. The set of commitment
5. possibilities in (9) aims at defining the optional proposition
according to the commitment.
CO Type = {CO[t]u ∨ CO⌐[t]u ∨ CO[⌐t]u ∨ CO⌐[⌐t]u} (9)
This proposition that based on the user’s (u) commitment
for achieving the task t, 4 possibilities exist:
1. u is committed to achieve t;
2. u is committed not to achieve t;
3. u is committed to achieve not t;
4. u is committed not to achieve not t.
For achieving a task, u must have the necessary
capabilities and be committed to perform it. Whether or not he
is accountable do not presents any impact on the realization.
Whatever, not achieving a task for which the user is
accountable may lead to some kind of blame. This aspect is
not discussed in that paper. Commitment is possible to be
represented on Figure. 2 as shown on Figure 4.
Figure 4. Commitment on Responsibility Threefold Classification
To accept a responsibility, a user must consequently have
received necessary capability, he must also provide evidences
to obligations he is accountable for and finally, he must be
committed to perform obligations. Responsibility R is now
definable using alethic and deontic logic on considering that:
1. The responsibility is for a user the obligation (noted
with Classical ML) to perform a task and is equivalent to the
accountability for that task (10)
R[t]u → [t]u ≈ R[t]u → AC[t]u (10)
2. To be responsible of performing a task, it is obliged
that the user receives necessary capability. Providing these
capability is another user’s (u’) responsibility (11 et 11’).
R[t]u → CA[t]u (11)
≈
R[t]u → R[« provide [t]u capability »]u’ (11’)
Moreover, because user (u) capability (c) is received when
user (u’) the task ([« provide [t]u capability »]u’), we can state
in (12)
CA[t]u → « provide [t]u capability »]u (12)
3. It is necessary that he provides commitment to
perform that task (13):
R[t]u → CO[t]u (13)
Consequently, the responsibility may be formalized be the
addition of (10), (11) and (13).
R[t]u ↔ AC[t]u ∧ CA[t]u ∧ CO[t]u (14)
V. CASE STUDY
To illustrate the formal definition of the responsibility
developed in the previous section, we propose the following
little case study: ”Mister Boss is the manager of the marketing
company named “SelltheWorld”. Each year, Mister Boss
organizes during the Christmas period a large mailing of
postcards to all customers. This year, Mr Boss has too much
work for closing the annual report and consequently decides
to delegate this task to one of the employees. Because the task
is less business sensitive as some other production task, Mr
Boss decides to delegate it to a part-time secretary named
Sophie. Sophie has just got married and consequently, she
accepts this additional work without commitment. Mr Boss
asks the IT service to give Sophie the necessary access right to
the customers address list. John from this service realizes the
necessary operation for providing this right as soon as he gets
the request. On 30th
January, Mister Boss receives over 100
complains from customers who didn’t receive Christmas
cards.”
This case study permits to highlight responsibility toward
the task of sending postcards:
Mr Boss has duly formalized Sophie’s Accountability by
asking her to process the sending activity. It was consequently
clear what she was accountable to do. To achieve the mailing,
she got the necessary capability that was the access to the
customers file. However, due to the fact that her thought went
to her new husband rather than to the work to accomplish, she
didn’t really want to achieve the work and failed to assure her
responsibility due to a lack of commitment. Sophie’s
responsibility of sending postcard → 1 ∧ 2 ∧ 3
1) Sophie’s obligation of having the capacity to access
customer file.
2) Sophie’s obligation to get the accountability to
achieve that task from Mr Boss
3) Sophie is committed to achieve it.
Responsibility could also not be assured in the case where
she didn’t get the necessary capabilities, i.e. if Mr Boss forgets
to ask the IT service to provide the necessary access right or if
the IT service didn’t do as requested. No guarantee of having
the job performed would also have been assured if Mr Boss
had not clearly asked Sophie to send postcards. In that case,
she would not have received the due Accountability.
John’s responsibility can also be analyzed with that case
study. John is a well paid IT staff who is very happy with his
6. function. He has received clear accountability to give access
right to Sophie and he has the needed capabilities due to his
position as network administrator. He has consequently been
responsible to fulfil Mr Boss’ request.
Sophie’s obligation of having the capacity to access
customer file → 4 ∧ 5 ∧ 6
4. John’s obligation of having the capacity to give access
right to the customer file.
5. John’s obligation to get the accountability to provide
that access from Mr Boss.
6. John is committed to achieve it.
We may consequently observe that the responsibility of
John to provide access to the customer file precedes the
capability of Sophie to possess those rights.
VI. CONCLUSION
We have analyzed the literature to understand the
semantics of AC policy conceptual models and engineering
methods. We have observed that some elements are
commonly accepted components whereas others remain
debated or not addressed. Accepted concepts include the one
of user (and related ones such as group or role), the one of
resource and the one of Capability. Capability is most
frequently delineated under access right, authorizations or
permissions. Accountability is a concept that exists mainly in
engineering methods and that is delineated as the obligation to
achieve a task or to perform an action. Commitment is the
most infrequent concept.
Based upon that observation, we have developed a
conceptual model of responsibility as a UML class diagram.
We have provided a definition for all the conceptual
components and clarified some important relationships
between those (relation task-responsibility-user,
responsibility-capability-accountability-commitment and
resource-capability-accountability). Based upon that model,
we have proposed a formal description of the responsibility
using modal deontological logic theory. Finally, a case study
has been drawn to illustrate the whole idea.
In this paper, the responsibility concept has mainly by
addressed based on an IT approach. The “organizational and
management” field is also rich of responsibility’s theory [34]
and [35]. This area will be the focus of our future researches
and will permit to refine our first findings. Consequently, our
future works will focus on continuing the development of the
model of responsibility, and most specifically the concept of
commitment that is important to consider in high-level layers
of the organizational model. Moreover, defining a policy that
allows taking into account the commitment opens doors to
new approaches that have right to be taken into account in
traditional and renowned risk management solutions. Future
investigations will e.g. deal with the case where the
stakeholder commits to unmoral actions or actions that are
different to the one requested (CO[⌐t]u and CO⌐[⌐t]u).
Another part of our work aims at defining a new approach
to propagate the responsibility from the high level down to the
lower one. Our first researches demonstrate that potential
solutions are to link responsibility concepts with an
organization’s processes. To support the progress of that
approach, a software prototype has been developed based on
“egroupware open framework”. Those researches and the
prototype have been presented in [19].
REFERENCES
[1] N. Dulay, E. Lupu, M. Solman, N. Damianou, A Policy Deployment
Model for the Ponder Language ,International Symposium on
Integrated Network Management, Seattle, May 2001, IEEE Press.
[2] Robert Crook, Darrel Ince, Bashar Nuseibeh, Modelling access policies
using roles in requirements engineering, Information and Software
Technology 45 (2003) 979-991.
[3] Robert Crook, Darrel Ince, Bashar Nuseibeh, On Modelling access
policies: Relating Roles to their Organisational Context, RE 2005,
Paris.
[4] P. A. Epstein, Engineering of Role/Permission Assignement, PhD
thesis.
[5] R. Crook, D. Ince, B. Nuseibeh, “Using i* to Model Access Policies:
Relating Roles to their Organisational Context”, Social Modelling for
Requirements Engineering,, MIT Press, 2006
[6] D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn and R.
Chandramouli, Proposed NIST Standard for Role-Based Access
Control, ACM Transactions on Information and System Security, Vol.
4, No. 3, August 2001, Pages 224-274
[7] G. Neumann, M. Strembeck, A Scenario-driven Role Engineering
Process for Functional RBAC Roles, SACMAT’02, June 34, 2002,
Monterey, California, USA.
[8] E. J. Coyne,. 1996. Role engineering. First ACM Workshop on Role-
Based Access Control, Gaithersburg, Maryland, United States.
[9] N. Damianou, N. Dulay, E. Lupu, M. Sloman , The Ponder Policy
Specification Language Workshop on Policies for Distributed Systems
and Networks (Policy2001), HP Labs Bristol, 29-31. Springer-Verlag.
[10] E. Bertino, A. Mileo, A. Provetti, PDL with Preferences. IEEE
international Workshop on Policies For Distributed Systems and
Networks, Policy 2005 – Vol. 00, IEEE Computer Society,
Washington, DC, 213-222.
[11] C. Basile, A. Lioy, G. Perez, C. Martinez; F. J. Garcia; Skarmeta, A. F.
Gomez, POSITIF: A Policy-Based Security Management
SystemPolicies for Distributed Systems and Networks, 2007.
POLICY’07, pp. 280 – 280.
[12] K. Lalana, Rei : A Policy Language for the Me-Centric Project,
TechReport, HP Labs, September 2002.
[13] R. Sandhu, J. Park, Usage Control: A Vision for Next Generation
Access Control, The Second International Workshop on Mathematical
Methods, Models and Architectures for Computer Networks Security,
2003
[14] A. Miège, Définition d’un environnement formel d’expression de
politiques de sécurité. Modèle Or-BAC et extensions. Thèse Sécurité
informatique, INFRES, Télécom Paris [ ENST ] (2005)
[15] E. S. Yu, L. Liu, 2001. Modelling Trust for System Design Using the i*
Strategic Actors Framework. Workshop on Deception, Fraud, and Trust
in Agent Societies Held During the Autonomous, Eds. Lecture 35 194
[16] C. Bettini, S. Jajodia, X. S. Wang, D. Wijesekera, Provisions and
Obligations in Policy Management and Security Applications, 28th
VLDB conference, China, 2002
[17] L. Cholvy, F. Cuppens, and C. Saurel. Towards a logical formalization
of responsibility. In Proc. of the Sixth International Conference on
Artificial Intelligence and Law, pages 233--242, 1997
[18] C. Feltus, A. Rifaut, An Ontology for Requirements Analysis of
Managers’ Policies in Financial Institutions, I-ESA2007, Portugal
[19] B. Gâteau, C. Feltus, J. Aubert, C. Incoul, An Agent-based Framework
for Identity Management: The Unsuspected Relation with ISO/IEC
15504, IEEE RCIS 2008, 3-6/6/2008, Marrakech, Morocco.