Sabah Al-Fedaghi

Information Management and Valuation

The aim of information lifecycle management is to develop a cost-effective strategy for maintaining information assets, balancing the cost of maintaining information against business value. This paper contributes to development of theoretical information value based on a classification scheme that does not consider operational factors (e.g., storage, access). It concentrates on valuing information in terms of its type, organizational level and the extent of its effects. An information flow model provides the foundation for such categorisation.

Machine recognition of printed Arabic text utilizing natural language morphology

We describe a computer system for recognizing the printed Arabic text of multifonts. The system contains four components: acquisition, segmentation, character recognition and word recognition. The word recognition component includes two sub-systems: a morphological spelling checker/correcter, and a morphological word recognizer. With a 95·5% character recognition rate corresponding to an 81·58% word recognition rate, tests have resulted in an increase in the rate of word recognition by 6·97% using the proposed morphologically based method.

Threat Risk Modeling

Application development security utilizes a list of threats that identify and organize application security classes of attack. The developed system is decomposed into relevant components and then each component is analyzed for threats. Data flow diagrams (DFDs) are typically used to graphically represent a system. In this paper we propose a flow-based model as an alternative methodology for identification and classification of threats.

Software Engineering Interpretation of Information Processing Regulations

Current software engineering methods extract software requirements through converting legal text into semi-formal constraints and rules. In this paper, we complement these methods with a state-based model that includes all possibilities of information flow. We show that such a model provides a foundation for the interpretation process.

Modeling communication: one more piece falling into place

A variety of idealized models of communication systems exist, and all may have something in common. Starting with Shannons communication model and ending with the seven layers OSI model, this paper presents progressively more advanced forms of modeling of communication systems by tying communication models together on the basis of the notion of flow. The communication system is divided into different spheres (sources, channels, and destinations), each with its own five interior stages: receiving, processing, creating, releasing, and communicating information. The flow of information is ontologically distinguished from the flow of physical signals. Accordingly, Shannons and network-based OSI models are redesigned.

System-based Approach to Software Vulnerability

The focus of vulnerability research has been conceptualization of the lifecycle of software vulnerability as errors in software that can be used by an attacker to gain access to a system or network. This lifecycle is described in terms of its phases: creation, discovery, exploitation, disclosure, patch availability, and patch installed. The objective of this paper is to clarify the notion of vulnerability so it complements current error-focused conceptualization. The paper proposes a fine-grained lifecycle of a vulnerable system in terms of a flowsystem that includes five basic stages and is defined by a flow transition diagram. A software system is first created, released, and transferred to users; it is then activated until it fails as a result of vulnerability to an attack. Several other phases lead to re-creation of the system. Accordingly, vulnerability is defined as the state of a system where it can be damaged when it receives a certain type of attack.

Scrutinizing UML Activity Diagrams

Building an information system involves two processes: conceptual modeling of the “real world domain” and designing the software system. Object-oriented methods and languages (e.g., UML) are typically used for describing the software system. For the system analysis process that produces the conceptual description, object-oriented techniques or semantics extensions are utilized. Specifically, UML activity diagrams are the “flow charts” of object-oriented conceptualization tools. This chapter proposes an alternative to UML activity diagrams through the development of a conceptual modeling methodology based on the notion of flow.

Scrutinizing the Rule: Privacy Realization in HIPAA

Privacy policies, laws, and guidelines have been cultivated based on overly verbose specifications. This article claims that privacy regulations lend themselves to a firmer language based on a model of flow of personal identifiable information. The model specifies a limited number of situations and acts on personal identifiable information. As an application of the model, the model is applied to portions of the Privacy Rule of Health Insurance Portability and Accountability Act (HIPAA).

Awareness of context and privacy

Editors Summary Adding contextual information enhances the content and value of communications, yet it can also introduce risk and threaten privacy. A common piece of contextual information is location, but context extends to identity, user profile, e-mail address, time and more. Understanding context from the standpoint of privacy awareness requires a systematic conceptualization of the concepts of privacy and context, personally identifiable information and the ways information flows, from processing and creation through transfer and acceptance. Numerous examples illustrate the potential chain of connections that could be revealed between a personal subject and context. Such information, made explicit, can undermine privacy policies. Integrating context- and location-aware services in software should be approached cautiously and with full understanding of the implications. Diagrammed scenarios provided can inform considerations and software specification building.

Morphological compression of arabic text

Abstract The morphological compression of Arabic text is a compression technique that replaces some words in the original text by their roots and morphological patterns. This method is studied by developing a new method to reduce Arabic words to their roots and patterns, and by a compression algorithm that encodes reducible words into a three byte format. The technique is implemented and tested by utilizing different texts. The results indicate a reduction ratio of 20% to 30% due to the morphological property of the language alone. However, 40% reduction is attainable if the morphological compression is used in conjunction with space elimination from the original text.