E-Technologies: Embracing the Internet of Things

The Internet of Agents (IoA) is an emerging field of research that aims to combine the advantages of multi-agent systems and Internet of Things (IoT), by adding autonomy and smartness to, traditionally, naive things used in IoT. IoA can be used to interconnect agents of different multi-agent systems through web-like technologies or using Internet-like architecture. Trust management can be considered an essential component of successful interactions between autonomous agents in IoA, especially when agents cannot assure that potential interaction partners share the same core beliefs, or make accurate statements regarding their competencies and abilities. To date, most research in trust modeling has focused on mechanisms for agents to model the trustworthiness of potential interaction partners, to decide about which of them to interact with. However, slight consideration has been paid for going beyond trust evaluation to outline actions for directing trustees, instead of trustors, to build a higher level of trust and have a greater impact on the results of interactions. Reaching a higher degree of trust can be challenging, especially when explicit feedback is not available. This paper presents a trust establishment model that uses implicit feedback from trustors to modify the behavior of trustees to build a higher level of trust and have a greater impact on the results of interactions. The proposed model is evaluated through simulation, and results indicate that trustees empowered with our proposal have higher chances to be selected as interaction partners when such selection is based on trust.

The widely use of advanced technologies in the sensor network and computing has facilitated the development of convenient pervasive applications in order to access information at anytime and anywhere. The traditional access control mechanisms cannot appropriately protect the access and usage of digital resources in the highly distributed and heterogeneous computing environment. In such an environment, enforcing continuously the access control policies during the access period is a challenge because traditional authorization decisions are generally made at the time of access requests but do not consider ongoing controls. Obligations are the vital part of many access control policies and they specify mandatory behavior that should be conducted by a user of the access control system in sensitive domains. Therefore, utilizing a mechanism to approve the fulfillment of the obligation is required for continuing or revoking the access decision. We leveraged the capability of Session Initiation Protocol (SIP) to manage the communication between entities in order to provide a mechanism to handle the continuous enforcement of the obligation. Meanwhile, we present several scenarios which indicate our proposed model can manage the obligatory behavior that affects the continuity of access to resources in pervasive computing environment.

We propose a privacy-preserving protocol for the discovery of nearby friends. In this scenario, Alice wants to verify whether any of her friends is close to her or not. This should be done without disclosing any information about Alice to her friends and also any of the other parties’ information to Alice. In this paper, we present a protocol based on the homomorphic property of Goldwasser-Micali cryptosystem to protect each user’s location in proximity queries. However, an active adversary could learn, if two users are “close” to each other due to the vulnerability of the Goldwasser-Micali to IND-CCA2 attacks and malleability of homomorphic encryption schemes. Our protocol solves this problem with the authenticated encryption scheme called encrypt-then-mac [5]. We implemented our proposed protocol on the Android platform and we show that the proposed system and protocol can achieve a high level of privacy and secrecy.

Today, an increasing number of “smart devices” are becoming available to consumers, enabling them to quantify their physical activity and health status and to receive updates from their environment and applications. The preferred method of tethering these devices to the Internet is through the BLE (Bluetooth Low Energy) communication protocol connecting them to special-purpose mobile applications. The efficient development of high-quality applications of this type can present challenges to developers who have to familiarize themselves with a number of new technologies and platform-specific architectural patterns. A combination of domain-specific languages and code-generation techniques is a potential solution to this problem.

In this paper, we present (a) a generic reference architecture for Android BLE-enables applications, and (b) our AHL (Android Health Language), a domain-specific language and a corresponding code-generation framework that enables the easy and rapid development of the core elements of a typical BLE-enabled data-collection application in this architecture. The generated code is functional and does not need any modifications. This model-driven application-construction process relieves developers from the burden of dealing with complex Android concepts and components. Thus, AHL can save time and reduce the cost of Android application development for developers. In this paper, we explain the AHL framework, its models, its underlying DSL, and the methodology we used to design and implement it. We evaluate our work with two functional applications and compare them to the existing ones developed from scratch.

Users who request to access protected objects must obtain the authorization of access control systems. Among the elements of decision for such systems should be the risk of authorizing accesses under various assumptions, and one of the notions of risk is threat likelihood. Access control systems deals essentially with insider threats coming from people within the organization, such as employees, business associates or contractors, who could violate access control policies. We present in this paper a new approach for insider threat likelihood assessment for secrecy and integrity properties by considering reading and writing operations within the context of access control systems. Access operations, the trustworthiness of subjects, the sensitivity of objects, and the applied security countermeasures are all considered in the assessment of the likelihood of this category of insider threats. Both qualitative and quantitative assessments are provided. Hence our approach makes it possible to compare and calculate the likelihoods of these insider threats, leading to more flexible and more informed access control decisions in various situations.

This paper proposes an algebraic formalism and a dedicated logic for computer systems and security policies specifications. A tableau-based proof system is then developed for assessing whether policies are satisfied for a given model of a computer system. A practical example and an implementation within a theorem prover show the effectiveness of our specification and verification technique.

Access control policy management is an increasingly hard problem from both the security point of view and the verification point of view. SELinux is a Linux Security Module (LSM) implementing a mandatory access control mechanism. SELinux integrates user identity, roles, and type security attributes for stating rules in security policies. As SELinux policies are developed and maintained by security administrators, they often become quite complex, and it is important to carefully analyze them in order to have high assurance of their correctness. There are many existing analysis tools for modeling and analyzing SELinux policies with the goal of answering specific safety and functionality questions. In this paper, we identify and highlight current gaps in these existing tools for SELinux policy analysis, and propose new tools and technologies with the potential to lead to significant improvements. The proposed solution includes adopting a certified access control policy language such as ACCPL (A Certified Access Core Policy Language). ACCPL comes with formal proofs of important properties, and our proposed solution includes adopting it to facilitate various analyses and proof of reasonability properties. ACCPL is general, and our goal is to design a certified domain-specific policy language based on it, specialized to our task.

In this paper, we propose an approach for email spam detection based on text semantic analysis at two levels. The first level allows categorization of emails by specific domains (e.g., health, education, finance, etc.). The second level uses semantic features for spam detection in each specific domain. We show that the proposed method provides an efficient representation of internal semantic structure of email content which allows for more precise and interpretable spam filtering results compared to existing methods.

The healthcare sector faces important challenges in evaluating and improving its services to meet desired targets, patient needs, and government requirements. In particular, the introduction of a new process or information system in healthcare is a challenging task, especially in the absence of mature practices for requirements engineering and process modeling. Most of today’s healthcare process research is focused on mappings between existing processes and new ones without considering the different needs of multiple stakeholders and the satisfaction of organizational goals. In this paper, we introduce a novel Activity-based Process Integration (AbPI) approach that highlights integration opportunities of each new activity into current processes. AbPI exploits the User Requirements Notation (URN) language to model, analyze, and estimate the potential impact of each integration opportunity on performance objectives, organizational goals, and stakeholder satisfaction. We demonstrate the capabilities of the proposed approach with an illustrative example (increasing patient satisfaction in an Emergency Room). Preliminary results show the feasibility of the approach as well as many potential benefits over existing approaches.

Business Process Model and Notation (BPMN) is becoming a de-facto standard for the specification of organizational business processes. In most cases, business processes are modeled in order to build software that may support or automate specific parts of those processes. In this work, we aim at refining BPMN models in order to automatically derive software analysis and design artifacts (e.g., UML Class Diagrams or Use Cases) from a given BPMN. These artifacts will be later on used to develop the software components (not necessarily services) automating or supporting business process activities. Our envisioned approach is based on a three-steps model transformation chain: (1) we refine the BPMN as-is model; (2) we apply process re-engineering and automation patterns to generate the BPMN to-be model; and (3) we use the resulting to-be BPMN model to derive analysis and design software artifacts. In this paper, we focus on the first two steps of the approach.

Context: In Canada, the justice system suffers from performance and efficiency issues as indicated by long wait time before trial. Actors in the justice system are seeking solutions involving emerging information technology. Problem: There is need to guide the selection of appropriate combinations of technologies supporting or improving justice systems, yet there is no adapted approach focusing on this concern. Objective: This paper aims to develop the basis of a modeling approach supporting the selection of technologies relevant to justice systems. Method: Goal-oriented requirements modeling is used to describe and evaluate the contribution of technology in the context of justice systems, with the help of an illustrative example targeting the improvement of access to justice. Results: The example shows that it is feasible to model the technology alternatives and their contributions to the goals of different stakeholders in justice systems so that selected technologies are well-aligned with the needs of such systems. Goal models also support trade-off analysis in this context. Conclusion: A justice-aware modeling approach has the potential of helping justice stakeholders to better reason about technology selection and document the rationale of their choices. There are however many remaining challenges in the generalization of the approach to other cases and in its validation in practice.

Organizations are increasingly focused on using data to make their operational business processes more intelligent and reactive. Reactive performance monitoring consists of automating strategic decisions into rule-based actions when appropriate. Often there is a response gap, where there is unnecessary latency or missing detail, as the mapping between the strategic, the operational and the analytical is complex, labor intensive and not clearly defined. This paper presents an OLAP-modeled rule environment that leverages Complex Event Processing (CEP), multi-dimensionally modeled On-line Analytical Processing (OLAP) databases and Business Process Management (BPM) to provide reactive performance monitoring. We use two case studies to evaluate our proposed architecture for an OLAP-modeled rule environment. The first case study prototyped the environment using IBM PMQ, while the second prototyped the environment using QuickForms and a custom-built OLAP rule engine. Predictive modeling, traditional rule engines, and our OLAP rule engine are compared in terms of their support for reactive performance monitoring.

This paper presents machine learning approaches based on supervised methods applied to triage of health and biomedical data. We discuss the applications of such approaches in three different tasks, and evaluate the usage of triage pipelines, as well as data sampling and feature selection methods to improve performance on each task. The scientific data triage systems are based on a generic and light pipeline, and yet flexible enough to perform triage on distinct data. The presented approaches were developed to be integrated as a part of web-based systems, providing real time feedback to health and biomedical professionals. All systems are publicly available as open-source.

Variables selection is a vital Data Mining technique which is used to select the cost-effective predictors by discarding variables with little or no predictive power.

Massive Open Online Courses (MOOCs) are a new shaking development in higher education. They combine openness and scalability in a most energetic way. They have the capacity to broaden participation in higher education. In this way, they help to achieve social inclusion, the dissemination of knowledge and pedagogical innovation and also the internationalization of higher education institutions. However, one of the most essential elements for a massive open language learning experience to be efficient is to enhance learners and to facilitate networked learning experiences. In fact, MOOCs are meant to serve an undefined number of participants, thus serving a high heterogeneity of profiles, with various learning styles and schemata, and also contexts of contribution and diversity of online platforms. Personalization can play a primary role in this process. Accordingly, adaptive MOOCs use adaptive techniques so as to present personalized learning experiences, having as basis dynamic assessment and data collecting on the course. They count on networks of prerequisites and deal with learners according to their different personalized paths through the content. This has been described by the Gates Foundation as an essential novelty in the area for large-scale productivity in online courses. Analytics are also to be credited with bringing about change and improvement of the course in the future. This paper looks into the MOOCs system by reviewing the available literature, spotting the various limitations of traditional MOOC system and suggesting a proposed framework for adaptive MOOCs based on hybrid techniques. By so doing, we generate suggestions of learning paths adapted to the competences profile of each participant with a focus on objectives, such as reducing the rate of dropout and improving MOOCs quality.

A virtual patient navigator is a web/mobile application that helps patients with lung cancer diagnosis reduce their anxiety and uncertainties. In particular, lung cancer patients easily become overwhelmed when having to manage information overload, many appointments with different instructions and locations, and recommendations on how to improve their lifestyle. Existing solutions such as paper-based patient navigators provide much reliable information but are limited in terms of dynamic updates and do not provide opportunities for interactions between care providers and patients. In this paper, we propose a new web-based, mobile, and user-friendly virtual patient navigator application named Care Ami, which incorporates the information found in an existing paper-based navigator along with new features such as remote updates to personal care paths and calendars, personalized navigation guidance, sharing of symptom/medication information, and peer group support. The architecture and main features of this application are presented. Based on the identified requirements, Care Ami compares favorably against related work and solutions.

Persuasive technology capitalizes on the use of technology and the art of persuasion to change the behaviors and attitudes of people without the use of coercion. They have been used at workplaces to achieve positive outcomes like increase in employee motivation, engagement and productivity. While a number of researchers have investigated the effectiveness of Cialdini’s principles of persuasion, little or no research has been conducted in the context of work environments. In many workplaces, it is important that employees provide detailed records of their activities for easy tracking of an organization’s day-to-day activities and future historical reference. However, research has shown that some employees find it difficult to comply. In an attempt to address this problem, we carried out a pilot study among 20 healthcare Applied Behavior Analysis(ABA) frontline employees, working with autistic patients. The study is aimed at investigating how effective Cialdini’s principles of persuasion are in motivating employees to record details about the sessions they have with patients. A Two-Way Mixed ANOVA analysis showed that ABA frontline employees are most susceptible to Commitment and Reciprocity, followed by Authority, and least susceptible to Consensus and Scarcity. These results suggest that designers of gamified persuasive systems tailored to healthcare ABA frontline staff should focus on implementing Commitment, Reciprocity and Authority as persuasive strategies aimed at motivating them in engaging in sufficient and quality data entry.

In the past two decades, the development of payment solutions has significantly changed the way online retail businesses are conducted and enlarged the scope of numerous payment technologies offered in the market. Despite the multitude of payment solutions, card-based systems are still the most prevalent. While secure, card-based systems still lack privacy protection, user control and supervision. In this paper, we propose a new e-payment framework relying on card-based payment systems, with the aggregation of virtual credit cards and a personalized conditional E-Payment Plan defined by the cardholder. In our framework, the cardholder’s privacy is ensured with the use of Virtual Credit Cards. Moreover, with the E-Payment Plan Service Manager (E-PPSM), our proposed framework brings considerable improvements to the shopping practice. Through this service, cardholders can efficiently control and supervise their online purchases. The proposed framework thus ensures three considerable concentrations: personalization, control, and supervision applicable in multi-purchase checkouts, which are, in addition to privacy protection, our main contributions.

Despite the profusion of approaches that were proposed to deal with the problem of the Automatic Schema Matching, yet the challenges and difficulties caused by the complexity and uncertainty characterizing both the process and the outcome of Schema Matching motivated us to investigate how bio-inspired emerging paradigm can help with understanding, managing, and ultimately overcoming those challenges.

In this paper, we explain how we approached Schema Matching as a Complex Adaptive System (CAS) and how we modeled it using the approach of Agent-Based Modeling and Simulation (ABMS) giving birth to a new tool (prototype) for schema matching called Reflex-SMAS.

This prototype was submitted to a set of experiments which aimed to demonstrate the viability of our approach to two main aspects: (i) effectiveness (increasing the quality of the found matchings) and (ii) efficiency (reducing the effort required for this efficiency). The results, came to demonstrate the viability of our approach, both in terms of effectiveness or that of efficiency.