Sandra Winfield

The Personal Data Store Approach to Personal Data Security

A growing number of actors believe personal data stores (PDSs) are the solution to the issue of online privacy. With PDSs, people can choose to share specific personal information or restrict access to certain interested parties. A small-scale test involving job applicants and employers attempted to ascertain the extent to which users are willing to adopt PDSs. This article describes the EU Framework Programme 7 TAS3s PDS solution and explores whether PDSs are a practical solution to address personal data insecurity on the Web.

Scenario-Based Testing Applied in Two Real Contexts: Healthcare and Employability

In this paper we focus on the automatic application of UML scenario-based testing to two real case studies developed in the Integrated Project TAS3: one focuses on issues from healthcare, the other on those from an employability context. The aim was the derivation of integration test plans. We report on our experience, and the results obtained from the two test plan executions, which resulted in the discovery of some critical bugs in both integration trials, thereby opening up the possibility of discussing and applying immediate corrective actions.

An ecosystem for user centric learning: revolution or evolution?

Development of Digital Business Ecosystems (DBE) is commonly associated with a top-down, grant-funded approach that aims to encourage service-based co-operation between organisations. The implementation of DBEs is often focused on specific tasks and the implementation of new processes. Projects are often linked to time-limited funding resources and rely on a willingness between organisations to collaborate towards specific goals. The expectation is often that through the reconfiguration of processes via DBE technology and the sheer focus of effort, the outcomes will be dramatic and often revolutionary in nature. However in reality the sustainability and impact of these projects varies widely. In terms of the wider DBE concept, the result of these projects is often a legacy of systems integration and process addition, rather than of process evolution in the DBE. The SAMSON project aims to take a different approach to the development of a DBE by using the technology as a catalyst to support and aid future developments in a regional learning community, rather than attempting a systems overhaul. The project is developing services to encourage the use of emerging standards-based technology in existing processes. These developments are forming the community DBE that aims to enhance the existing processes and encourage innovation in the domain in a sustainable manner.

Ontology Based Interoperation for Securely Shared Services: Security Concept Matching for Authorization Policy Interoperability

This paper addresses the problem of access control in the context of unified distributed architectures, in which a local authorization policy is not able to recognize all the terms applicable to the authorization decision requests. The approach is based on semantic interoperability between the different services of the architecture. More specifically, we present the ontologybased interoperation service (OBIS), which calculates the matching of security concepts extracted from access requests and local authorization policies. This service is then validated in an employability use case scenario.

Access policy compliance testing in a user centric trust service infrastructure

Access Policy compliance testing within a trust network helps ensure that the services available to users are reliable, secure and trustworthy. In the TAS3 project Access Policy testing is a vital function of the trust network in which users and service providers interact. User-centric security management is enabled by using automated compliance testing using the TAS3 Audit Bus and OCT components to monitor service state and provide users with a new level of privacy protection in networks of services. The components have been deployed and tested in an employability scenario and present a foundation from which a new level of security for emerging service-based applications can be developed.

Aggregating policies in user centric, real-time and distributed applications

Securing individual data objects using sticky policies in trusted networks is essential in user centric distributing computing applications. However aggregation of data objects presents a challenge in terms of sticky policy integrity for the new object. A possible solution is based on a mathematical merger of sticky polices associated with all aggregated data objects that respects all the individual policy rules in a new sticky policy for the data object. Whilst another approach is an aggregation using the policy enforcement framework of the trusted network to bypass the sticky rules. This process is enabled by the use of meta-polices that are introduced in this paper that explores the application both approaches in a employability demonstrator from the EU Framework 7 project TAS3 (Trusted Architecture for Securely Shared Services).

An ecosystem for user centric learning: Revolution or evolution?

The SAMSON project uses technology as a catalyst to support and aid future developments in a regional learning community. This is in contrast to many ecosystem approaches that attempt a systems overhaul. The project is developing services to encourage the use of emerging standards–based technology in existing processes. These developments are forming the community and developing the ecosystem at a natural pace that aims to enhance existing processes and encourage innovation in a sustainable manner.