Catálogo de publicaciones - libros

Trust as a design issue for information systems has appeared in e-commerce, e-science, and a wide variety of collaborative applications. Much discussion has centred around trust in computational artefacts such as protocols, encryption and security mechanisms; however, little research has focused on exactly what trust means in human terms. In this presentation I will review the psychology literature on trust as a product of reasoning processes, and describe a cognitive model to explain and predict inter-personal and inter-organisational trust. I argue that sound design should be based on cognitive models of users, and these should inform the semantics of conceptual modelling as well as guiding the design process. I will explore the implications of the cognitive model of trust for conceptual modelling in requirements specification languages such as i*. The final part will be more speculative. After a brief review of the implementations of trust-enhancing mechanisms in collaborative and e-science systems, focusing on user interface features rather than encryption, etc. middleware, I will discuss the design challenges for future trustworthy systems. This will cover how trust can be communicated, and issues of honesty when users may not always have the best intentions.

Public Organisations are generally concerned with delivery of services to taxpayers and members of a sovereign state, or with delivery and maintenance of frameworks that benefit the general public (traffic networks, protection against criminals, education, protection from foreign perpetrators, etc.). Traditionally and in most states, Public Organizations have been early adopters of Information and Communication Technologies (ICT) in their effort to increase efficiency and quality of services delivered to the public.

Trust emerges from interaction. If trust in information systems is to be promoted, then attention must be directed, at least in part, to interaction design. This presentation will explore issues of trust in the interactions between users and systems from the perspective of interaction design. It will consider a variety of pragmatic aspects in interaction design that impact user trust, including, predictability, interface stability, user control, and the match between expectations and performance. It will critically examine contemporary design practices, such as adaptive interfaces, in terms of their impact on user trust.

The quest for designing secure and trusted software has led to refined Software Engineering methodologies that rely on tools to support the design process. Automated reasoning mechanisms for requirements and software verification are by now a well-accepted part of the design process, and model driven architectures support the automation of the refinement process. We claim that we can further push the envelope towards the automatic exploration and selection among design alternatives and show that this is concretely possible for Secure Tropos, a requirements engineering methodology that addresses security and trust concerns. In Secure Tropos, a design consists of a network of actors (agents, positions or roles) with delegation/permission dependencies among them. Accordingly, the generation of design alternatives can be accomplished by a planner which is given as input a set of actors and goals and generates alternative multi-agent plans to fulfill all given goals. We validate our claim with a case study using a state-of-the-art planner.

Security involves technical as well as social challenges. In the development of security-critical applications, system developers must consider both the technical and the social parts. To achieve this, security issues must be considered during the whole development life-cycle of an information system. This paper presents an approach that allows developers to consider both the social and the technical dimensions of security through a structured and well defined process. In particular, the proposed approach takes the high-level concepts and modelling activities of the secure Tropos methodology and enriches them with a low level security-engineering ontology and models derived from the UMLsec approach. A real case study from the e-commerce sector is employed to demonstrate the applicability of the approach.

Modern information systems interact with a wide variety of users ranging from people with specific roles in business processes to end-users who access information in various ways and in different environments. Therefore, an application has to adhere to a well defined security policy on one hand and be highly adaptable to context on the other. We have extended the OM data model, with its rich support for role modelling, with concepts for modelling interactions between users and applications. In this paper, we show how the resulting interaction model can be used for role-based access control, as well as for modelling interactions in context-aware applications.

Integrity checking is aimed at determining whether an operation execution violates a given integrity constraint. To perform this computation efficiently, several incremental methods have been developed. The main goal of these methods is to consider as few of the entities in an information base as possible, which is generally achieved by reasoning from the structural events that define the effect of the operations. In this paper, we propose a new method for dealing with the incremental evaluation of the OCL integrity constraints specified in UML conceptual schemas. Since our method works at a conceptual level, its results are useful in efficiently evaluating constraints regardless of the technology platform in which the conceptual schema is to be implemented.

Temporal Data Warehouses (TDWs) allow to manage time-varying multidimensional data by joining the research of Temporal Databases and Data Warehouses. TDWs raise different issues such as temporal aggregations, multidimensional schema versioning, etc. However, very little attention from the research community has been drawn to conceptual modeling for TDWs and its subsequent logical representation. In this paper, we present a mapping transforming our conceptual model for TDW design into the conventional ER and an object-relational models. For the latter, we show some examples using the SQL:2003 standard. We include the mapping for time-varying levels, hierarchies, and measures. We also discuss the inconveniences of a pure relational representation.

The task of translating data from one schema into another is usually performed with the help of information stating how the elements between two schemas correspond. Translation mechanisms can use this information in order to identify how instances of a source schema must be translated. We claim that a uniform matching approach, where instances of a source classes are always translated into the same target classes, may not represent the reality, specially when the schemas involved describe taxonomies. In this paper we demonstrate taxonomies that support our idea, and propose the usage of a conditional matching approach to improve the accuracy of taxonomical instances translation.

In this work we propose, for an environment where multidimensional queries are made over multiple Data Marts, techniques for providing the user with quality information about the retrieved data. This meta-information behaves as an added value over the obtained information or as an additional element to take into account during the proposition of the queries. The quality properties considered are freshness, availability and accuracy. We provide a set of formulas that allow estimating or calculating the values of these properties, for the result of any multidimensional operation of a predefined basic set.