Improving resource availability for geospatial information infrastructures

Dí­az Sánchez, Laura

07 May 2010

Los sistemas de información construidos mediante servicios distribuidos basados en estándares se han convertido en el paradigma de computación adoptado por defecto por la comunidad geoespacial para la construcción de infraestructuras de información. Diferentes disposiciones gubernamentales, como la Directiva Europea INSPIRE, recomiendan normas para compartir recursos (por ejemplo, datos y procesos) con el objetivo de mejorar el estudio del medio ambiente (y otros campos similares) y la toma de decisiones.La mayoría de las infraestructuras de información geoespacial (IIG) atienden necesidades básicas tales como acceso a datos, visualización y descarga, sin embargo, tienen escasos enlaces a servicios de geoprocesamiento. Además, la mayorí¬a de infraestructuras geoespaciales se han construido siguiendo un enfoque del tipo top-down, donde sólo a los proveedores oficiales (por lo general los organismos públicos) se les permite desplegar y mantener recursos. Debido a que los mecanismos para desplegar e integrar recursos en estas infraestructuras son tecnológicamente complejos, existe una muy limitada participación por parte de los usuarios, provocando a la larga la escasez de recursos actualizados.Para hacer frente a estas limitaciones, se presenta en este trabajo, una arquitectura distribuida basada en los principios de INSPIRE y ampliada con un componente llamado ServiceFramework. Este componente proporciona capacidad de procesamiento, ofreciendo una funcionalidad existente en forma de servicio estándar de procesamiento. También mejora la integración ad hoc y el despliegue de recursos de información geoespacial dentro de la infraestructura. El ServiceFramework trata la necesidad de mejorar la disponibilidad de recursos de datos geoespaciales, proporcionando mecanismos para generar de forma automática servicios compatible con INSPIRE.Estas contribuciones son evaluadas en dos escenarios diferentes dentro de dos proyectos europeos. En el proyecto AWARE, se demuestra cómo un grupo de hidrólogos puede beneficiarse del acceso a las infraestructuras geoespaciales donde pueden compartir capacidades de procesamiento. En el proyecto EuroGEOSS, demostramos cómo mejorar la disponibilidad de los recursos geoespaciales para analizar un escenario forestal. Se prevé que estas nuevas metodologí¬as, pueden aumentar la participación de usuarios más expertos en la creación de infraestructuras de información geoespacial, lo que aumenta la utilidad y el valor de estas infraestructuras.

standards

web services

IDE

information infrastructures

INSPIRE

004

504

62

Boundary Matters: The Dynamics of Boundary Objects, Information Infrastructures, and Organisational Identities

Gal, Uri

14 February 2008

No description available.

Information Systems

Boundary Objects

Information Infrastructures

Organisational Identities

Organisational Change

An information infrastructure design to support home care of warfarin users: problems and possibilities

Larsson, John

January 2016

The anti-coagulant warfarin is consumed by around 200 000 people in Sweden every year. There are many dose affecting factors, and if the dose is wrong the consequences can be severe. Hence patients are required to regularly have their coagulation ability tested so that the dosage can be adjusted if needed. In this study the dosage regulation processes of warfarin in Swedish home care are examined through a case study, where-after an information infrastructure design is created that could support the identified needs. The proposed design is formed through combining three separate IT-capabilities: a general purpose health care platform, a warfarin specialist software and a medication reminder application. The design was guided by the application of the information infrastructure design rules with the aim of uncovering problems and possibilities associated with this design approach. By applying the information infrastructure design rules a technical architecture could successfully be created. Additionally, information exchange specifications and important decision making points could be identified or solved successfully. However the design rules were found to assume an unlikely level of openness and to lack a focus on organizational and legal factors which make them difficult to apply in practice.

information infrastructures

design rules

warfarin

home care

Information Systems

From embracing to managing risks

Keen, J., Nicklin, E., Wickramasekera, N., Long., A., Randell, Rebecca, Ginn, C., McGinnis, E., Willis, S., Whittle, J.

04 March 2020

Yes / Objective: To assess developments over time in the capture, curation and use of quality and safety information in managing hospital services. Setting: Four acute National Health Service hospitals in England. Participants: 111.5 hours of observation of hospital board and directorate meetings, and 72 hours of ward observations. 86 interviews with board level and middle managers and with ward managers and staff. Results: There were substantial improvements in the quantity and quality of data produced for boards and middle managers between 2013 and 2016, starting from a low base. All four hospitals deployed data warehouses, repositories where datasets from otherwise disparate departmental systems could be managed. Three of them deployed real-time ward management systems, which were used extensively by nurses and other staff. Conclusions: The findings, particularly relating to the deployment of real-time ward management systems, are a corrective to the many negative accounts of information technology implementations. The hospital information infrastructures were elements in a wider move, away from a reliance on individual professionals exercising judgements and towards team-based and data-driven approaches to the active management of risks. They were not, though, using their fine-grained data to develop ultrasafe working practices. / NIHR Health Service and Delivery Research (HS&DR) programme, project 13/07/68.

Quality and safety information

Managing hospital services

Ward management systems

Information infrastructures

IS supported service work: a case study of global certification

Berntsen, Kirsti Elisabeth

January 2011

The thesis approaches the issue of IS support for service work, understood as distributed knowledge work taking place as a negotiation between diverse interests. It is based on an ethnographically inspired, longitudinal case study of certification auditing according to a formal generic standard. A handful of certification auditors are followed closely, periodically and comprehensively over three years. Observations are combined with interviews of subjects and colleagues, added by exploration of other material. The practices of company ‘W’ is placed within a larger historical and institutional context. Research literature and theory is explored in four chapters from Social studies of science (STS), Computer supported cooperative work (CSCW), Information systems (IS), Information infrastructures (II) and Management literature. The aim is to identify basic characteristics of service work, its opportunities and challenges, from both the company’s and workers’ perspective. Main topics are Decision Making as negotiated sensemaking, contextual rationality and judgement; Sharing of understanding and meaning as ongoing practiced articulation work aiming for trust and an equifinal level of accord that will ‘find and allow common action’; Perseverance in a capable role that will allow calibration of distributed knowledge is vital for auditors. Common Information Spaces (CIS) is used as a framework to explore the heterogeneous circumstances of identity work in work practices; Predictability in production is sought through various strategies of standardization. Approaches to avoid and counter the inherent side-effects of standardization are described. The empirical results of the research project are presented and analysed in four chapters that look at the issue of i) being an accomplished service worker and ii) practicing service work. Both issues are addressed from a local, individual perspective, and from an organizational perspective in terms of the continuation of quality production. The thesis closes with a Conclusion of organized and standardized service work as displaying Practical drift, in response to the research question RQ0. How is IS supported distributed service work negotiated?, followed by implications for IS research and practice. The empirical case displays the role of information systems (IS) support in distributed service work - as part of a larger assembly of standardization measures, a broad-spectrum approach, displaying practical drift in its effect. The service work of certification auditing is characterized by ongoing negotiation of partly contradictory interests. It is heterogeneously standardized through material, rational/immaterial and social/organizational measures, many in place long before the advent of advanced IS. Traditionally, there are release mechanisms that, on the auditors’ discretion, alleviate the inappropriate effects of standardization. With new harmonising efforts the scope of this personal latitude needs to change, but when first implemented the IS along with new procedures start off as too tight. However, over time adaptations are made, making the overall process self regulatory with feedback mechanisms. On the whole, the thesis aims to contribute to the literature on information infrastructures, on knowledge work in general, and CSCW by drawing on insights from this specific collaborative work in controversial settings. The case provides practical insights for resilient systemizing of knowledge based global service work practices.

information systems

global service work

information infrastructures

CSCW

standardization of work

knowledge work

controversial settings

diverse interests

certification

identity work

CIS

decision making

Le contrôle d'accès des réseaux et grandes infrastructures critiques distribuées / Access control in distributed networks and critical infrastructures

Ameziane El Hassani, Abdeljebar

23 April 2016

La stabilité et le développement des nations dépendent grandement de leurs Infrastructures Critiques (IC). Vu leur importance, de nombreuses menaces guettent leurs systèmes d’information - aussi appelés Infrastructures d’Information Critiques (IIC) -, parmi elles: les atteintes à l’intégrité de leurs données et processus informatisés ainsi que les abus pouvant survenir au cours des collaborations avec d’autres parties. L’intégrité d’une information, qui est sa propriété de ne pas être altérée, est primordiale pour les IIC puisqu’elles manipulent et génèrent des informations devant nécessairement être correctes et fiables. Dans un contexte de mondialisation et d’ouverture, les IC ne peuvent évoluer sans collaborer avec leur environnement. Toutefois, cela n’est pas sans risques puisque les ressources qu’elles engagent peuvent faire l’objet de corruptions et de sabotages. Tentant de réduire les risques de corruptions pouvant émaner de l’intérieur comme de l’extérieur, nous avons œuvré à l’amélioration du mécanisme de contrôle d’accès. Incontournable, il vise à limiter les actions auxquelles peuvent prétendre les utilisateurs légitimes du système, conformément à la politique de sécurité de l’organisation. La pertinence et la finesse de cette dernière impacte grandement l’efficacité du mécanisme. Ainsi, les modèles de contrôle d’accès sont utilisés pour faciliter l’expression et l’administration desdites politiques. OrBAC est un modèle riche et dynamique, satisfaisant plusieurs besoins des IIC, en revanche il reste limité quant à la prise en charge de l’intégrité, aussi bien en contexte localisé que distribué. Ainsi, nous avons proposé une extension d’OrBAC pour les environnements localisés, Integrity-OrBAC (I-OrBAC), qui tient compte de contraintes réelles liées à l’intégrité pour statuer sur les requêtes d’accès. I-OrBAC intègre des paramètres issus de l’application de méthodes d’analyse de risques pour refléter les besoins des ressources passives et apprécier, à leur juste valeur, les habilitations des sujets. Cela nous a orientés vers une modélisation en multi-niveaux d’intégrité qui favorisera la priorisation des biens sensibles, comme la stipule les programmes de protection des IC. Dans I-OrBAC, les niveaux d’intégrité servent aussi bien à contraindre l’attribution des privilèges qu’à la rendre plus flexible : ces niveaux restreignent les accès pour garantir que seuls les utilisateurs chevronnés accèdent aux ressources sensibles, mais permettent aussi aux sujets de différents rôles de réaliser une même tâche, étant bien sûr assujettis à des niveaux seuils différents. Pour rendre I-OrBAC proactif - non limité à statuer uniquement sur les requêtes d’accès - nous avons proposé un algorithme qui vise à déterminer le sujet le plus adéquat, parmi les rôles prioritaires, pour la réalisation d’une tâche sans attendre que les sujets n’en fassent la requête. L’algorithme est décrit par un système d’inférence pour faciliter sa compréhension tout en favorisant la conduite de raisonnements logiques et la dérivation de conclusions. Nous avons proposé une implémentation de notre modèle dans le cadre d’une étude de cas tirée du projet européen FP7 CRUTIAL relatif aux réseaux de transport et de distribution d’électricité. Finalement, pour pallier les problèmes issus des collaborations, nous avons fait appel aux contrats électroniques pour étendre I-OrBAC aux environnements distribués - l’extension Distributed IOrBAC (DI-OrBAC). Ces pactes servent non seulement à définir le contexte, les clauses ainsi que les activités à réaliser mais aussi à prévenir l’occurrence de litiges et à les résoudre. Toutefois, nous avons dû concevoir des mécanismes adaptés à notre modèle I-OrBAC pour leur négociation et leur application. / Nations stability and development depend deeply on their Critical Infrastructures (CI). Given their importance, many threats target their information systems - also called Critical Information Infrastructures (CII) -, among them: the attacks against integrity of their data and computerized processes and the abuses that may occur during the collaborations with other parties. Information integrity, that is its property of not being corrupted, is paramount to the CII as they manipulate and generate information that must necessarily be correct and reliable. In the context of globalization and openness, CI cannot evolve without collaborating with their environment. However, this is not without risks, since their resources can be targets of corruptions and sabotages. Trying to reduce corruption risks that may occur both from inside and outside, we focused on improving the access control mechanism. Being necessary, it aims to limit the actions of the system legitimate users in accordance with the organization security policy. The relevance and the fine-grained property of the policy impact the effectiveness of the mechanism. Therefore, access control models are used to facilitate the expression and the administration of such policies. OrBAC is a rich and dynamic model, satisfying several CII needs; however it remains limited as to the support of integrity, both in local and distributed environments. Thus, we proposed an OrBAC extension for local environments, Integrity-OrBAC (IOrBAC), which takes into account real integrity constraints to rule on access requests. I-OrBAC includes some parameters extracted from the application of risk analysis methods to reflect passive resources needs and appreciate pertinently subjects’ clearances. This led us to a multi integrity levels modeling, that promotes the prioritization of sensitive resources just like the CI protection programs do. In I-OrBAC the integrity levels are used both to constraint the assignment of privileges and to make it more flexible: these levels restrict access to ensure that only experienced users access sensitive resources but also allow subjects of different roles to perform the same task, of course being subject to different threshold levels. To make IOrBAC proactive - not only being limited to ruling on access requests - we proposed an algorithm that aims to determine the most appropriate subject, among the priority roles, for achieving a task without waiting for subjects to request it. The algorithm is described by an inference system to ease its understanding while promoting the conduct of logical reasoning and deriving conclusions. We proposed an implementation of our model through a case study drawn from the FP7 European project (CRUTIAL) on electrical energy transmission and distribution. Finally, to address problems that arise from collaborations, we used electronic contracts to enrich and extend IOrBAC to serve in distributed environments - the extension is called Distributed I-OrBAC (DI-OrBAC). These agreements aim, on the one hand, to define the context, terms and activities to be achieved and serve, on the other hand, to prevent and resolve the disputes. However, we had to design appropriate mechanisms for our I-OrBAC model in order to lead correct negotiations and rigorous enforcement of these contracts.

Infrastructures critiques

Infrastructures d'informations critiques

IOrBAC

Niveaux d'intégrité

Criticité

Crédibilité

DI-OrBAC

Contrats électronique

Critical infrastructures

Critical information infrastructures

I-OrBAC

Integrity levels

Criticality

Credibility

DI-OrBAC

Electronic contracts