At eSmart 2003, Kekicheff and Brewer [1] reported on the development of the GlobalPlatform Card Security Requirements Specification (CSRS) [2]. They pointed out not only that the CSRS presents a semi-formal security specification for the entire card platform, but also that it proposes a method for selecting the most appropriate card configuration based on risk analysis. Particular attention was...

This paper addresses the concept of model uncertainty within the context of risk analysis. Though model uncertainty is a topic widely discussed in the risk analysis literature, no consensus seems to exist on its meaning, how it should be measured, or its impact on the application of analysis results in decision processes. The purpose of this paper is to contribute to clarification. The first pa...

While security professionals have long talked about risk, moving an organization from a “security” mindset to one that thoughtfully considers information risk is a challenge. Managing information risk means building risk analysis into every business decision. In this panel, we will discuss how CISOs are working to move the conversation from security towards information risk. In particular, we w...

only modest prolongation of survival and limited improvements in the quality of life. So is it worth giving non-curative treatment for cancer? Delay in diagnosis, poor communication and support, inequalities in treatment and inadequate funding have contributed to poor survival figures for cancer in the UK. However, there has now been an unprecedented increase in financial support, with an incre...

This paper introduces a new corpus, QA-It, for the classification of non-referential it. Our dataset is unique in a sense that it is annotated on question answer pairs collected from multiple genres, useful for developing advanced QA systems. Our annotation scheme makes clear distinctions between 4 types of it, providing guidelines for many erroneous cases. Several statistical models are built ...

In order to explain how DIYbio knowledge and expertise is developed and shared the use of Practice Theory will help us gain a useful understanding of how working practices are sustained, reproduced and potentially changed. In addition, the development and sharing of thick, evocative, rich descriptions of these practices might contribute to the motivational knowledge of DIYbio practitioners.

Employees and/or functional managers increasingly adopt and use IT systems and services that the IS management of the organization does neither provide nor approve. To effectively counteract such shadow IT in organizations, the understanding of employees’ motivations and drivers is necessary. However, the scant literature on this topic primarily focused on various governance approaches at firm ...

While cloud computing is becoming a mainstream IT sourcing option, especially large companies struggle with the internal governance of cloud and the issue of shadow IT. This study takes a technological frames perspective to contrast the knowledge and expectations that business versus IT stakeholders have regarding cloud IT. Our interview data from 20 business and IT managers display the incongr...