Get documents about "Architectural Description of an Automated System for Uncertainty Issues Management in Information Security
Document Sample
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
Architectural Description of an Automated System for
Uncertainty Issues Management in Information
Security
Haider Abbas Christer Magnusson Louise Yngström Ahmed Hemani
Department of Electronic Department of Computer and Department of Computer Department of Electronic
Systems, System Sciences, and System Sciences, Systems,
Royal Institute of Stockholm University, Stockholm University, Royal Institute of
Technology, Sweden Sweden Sweden Technology, Sweden
haidera@kth.se cmagnus@dsv.su.se louise@dsv.su.se hemani@kth.se
Abstract— Information technology evolves at a faster pace giving etc) processes. The objective could be achieved by deploying
organizations a limited scope to comprehend and effectively react to new security methods and by evaluating their validity,
steady flux nature of its progress. Consequently the rapid serviceability and interoperability using re-evaluation. But the
technological progression raises various concerns for the IT system service acquisition and validation process for IT security
of an organization i.e. existing hardware/software obsoleteness, mechanisms is victimized by uncertainty due to new
uncertain system behavior, interoperability of various unforeseen threats and technological advancements appearing
components/methods, sudden changes in IT security requirements from time to time. Also these newly acquired security
and expiration of security evaluations. These issues are continuous services/features may affect other interacting systems, this is
and critical in their nature that create uncertainty in IT
referred to as externalities [1][2]. We addressed three major
infrastructure and threaten the IT security measures of an
organization. In this research, Options theory is devised to address
concerns in information security management due to
uncertainty issues in IT security management and the concepts technological uncertainty i.e. dynamically changing security
have been deployed/validated through real cases on SHS requirements [3], IT security externalities [4] and obsoleteness
(Spridnings-och-Hämtningssystem) and ESAM (E-Society) of security evaluations [5]. We have utilized options theory
systems. AUMSIS (Automated Uncertainty Management System in from corporate finance [6]; known due to significance of
Information Security) is the ultimate objective of this research providing effective guidance during uncertain investments. The
which provides an automated system for uncertainty management options theory has been transformed using adaptability model
in information security. The paper presents the architectural [7] to tailor the IT security processes. The options theory
description of AUMSIS, its various components, information flow, methods were manually applied to illustrate and validate the
storage and information processing details using options valuation concepts using real cases on ESAM (E-Society) [8] and SHS
technique. It also presents heterogeneous information retrieval (Spridnings-och- Hämtningssystem) [9] systems. The ultimate
problems and their solution. The architecture is validated with objective of this research is to develop an automated solution
examples from SHS system. (AUMSIS: Automated Uncertainty Management System in IT
Security) for uncertainty issues management in IT security.
Keywords: Information Security, Uncertainty Issues, The solution can be deployed in an organization and will be
Options Theory capable of providing system generated reports for; i)
requirement change summary and suggested solutions ii)
externalities report and internalization parameters and iii) re-
I. INTRODUCTION evaluation strategy/guidance based on actual system state. In
this paper, we will present the architectural description of the
Technological uncertainty due to rapid development and AUMSIS system which consists of its various components,
innovation in IT, continuously impacts security measures of an architectural styles, information flow between components,
organization. The development is desirable that could facilitate storage details and heterogeneous information processing
business organizations with innovative hardware, novel description.
methods and state of the art technologies. While on the other
hand, technological progression also requires business The paper is organized as follows: Next in section 2, the
organizations to adapt new methods and technologies to secure related work will be highlighted, section 3 presents the holistic
their information system (storage, retrieval, communication view of the IT security uncertainty issues and section 4
59 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
presents the concept of automated uncertainty management An organization continuously has to go through a cumbersome
solutions and elaborates its various constituents. Section 5 procedure to deal with uncertainty issues and to keep their IT
describes the information processing and flow in AUMSIS. system up-to-date and according to new technological
Section 6 elaborates heterogeneous information processing standards. The research aims for an infrastructure that will help
problem and the proposed solution for this issue. Section 7 to avoid the resource-hungry procedures and frame the system
presents the discussion about the analysis and validation of the state, organizational needs, system’s externalities issues and re-
AUMSIS framework using SHS example. Section 8 presents evaluation requirements analysis. The next section presents the
conclusion and the future intention of this research. architectural details of such an automated system (AUMSIS)
II. RELATED WORK that can be deployed in an organization. The system will
automatically generate uncertainty solution reports for the
Automated information processing systems have been issues depicted in Figure 1.
emphasized from various researchers in many domain areas.
For example, Wilson, D. et al. has discussed various issues in
IV. AUTOMATED UNCERTAINTY MANAGEMENT SOLUTIONS
automated inspection and representation of uncertainty for the
real world issues [10]. McVicker, M. et al. has presented the IN INFORMATION SECURITY
infrastructure that collects statements of security-related
statistics from the World Wide Web for source reliability AUMSIS is aimed to provide system-generated strategic
verifications [11]. The work presented in this paper addresses guidance for above-mentioned issues described in section III.
the automated solution of uncertainty issues that might Decision-makers can use this information to formalize current
suddenly appear during IT security requirements/evaluation and future IT security management strategies based on actual
management and require a cumbersome solution exploration system state, which consists of organizational policies, up-
process with significant resources [12]. The ultimate outcome coming technologies, vulnerability logs, attack history and
of this research will benefit organizations to have system- available budget. Figure 2 depicts the abstract view of the
generated reports for IT security management i.e. i) changing AUMSIS architecture as follows:
requirements solutions ii) internalization guidance, iii) re-
evaluation strategies and iv) security investment related
System generated
suggestions/decisions. Internet
reports
III. INFORMATION SECURITY AND UNCERTAINTY ISSUES
Most of the businesses today rely on IT infrastructures and
have to deploy various security mechanisms to protect their Organizational Software
Up-coming
Technologies
work processes. Technological uncertainty strongly impacts Policies/ Budget Agent
Information
those security mechanisms, which become obsolete with the
rapid technological progression. The research emphasizes three
critical concerns caused by technological uncertanity for an
organization in IT security perspective as depicted in Figure 1. Knowledgebase
Problems Caused by Technological Uncertainty
1- Dynamically Changing Security Requirements
Security Attack Externality Option Security
System Histories Reports Analysis Requirements
2- IT Security System’s Externalities Vulnerability Data
Reports
3- Continuous Security Evaluation /Re-evaluation of IT
products/Mechanisms Figure 2. AUMSIS Architecture
The various components of AUMSIS architecture depicted in
Figure 1. Uncertainty issues addressed in AUMSIS Figure 2 are elaborated as follows:
60 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
A. Knowledgebase and extract information from Internet and organization’s
Information related to system state during a specified time policy database. These factors are considered as a separate
period is named as historical data and organized in a component in AUMSIS due to their evolving nature during
structured repository; knowledgebase. It consists of following analysis.
components: Above-mentioned historical data, information about
upcoming-technologies and organizational policies/budget are
i) System vulnerability reports accumulated over time and readily available for options
It contains malfunctioning reports of the security system and analyst agent (OAA) for processing.
the corresponding affected security components. The
information can be used to track the actual service/component C. Options Analyst Agent (OAA)
causing vulnerability and provides details to determine system Options analysis agent is a piece of software [13] that
state. formalizes requirement solutions, internalization results and
ii) Attack history evaluation strategy using options technique. It extracts system
Attack history data contains information about the state from knowledgebase, Internet (for up-coming
exploitation of a particular security service/component by technologies) and organizational policy/budget database.
authorized/unauthorized sources. It will reveal shortcomings OAA generates the strategic information for decision makers
in existing security mechanisms that need to be factored in. i.e.
i) Analyze alternative solutions for a security requirement and
iii) Externality reports provides recommendations based on contemporary system
IT security system of an organization may also leave positive state.
or negative effects to other interacting systems/sub-systems ii) Internalizing solutions for externalities according to
referred to as externalities [1]. Externalities of a security organizational policies.
system [2] can be identified by internal/external iii) Deterministic test plans strategies for the evaluation
malfunctioning reports from affected systems/partners. process of each security service considering its
Externality reports provide a holistic view of the IT security malfunctioning report and service exploitation history.
system and help to determine system’s desired functionality.
AUMSIS provides up-to-date strategic guidance for the
iv) Options analysis data uncertainty issues in information security management
AUMSIS generates results using options technique that are process. It considers uncertainty elements caused by changing
reusable by subsequent analysis. Options analysis data environment and helps to devise respective optimal IT
contains information about already executed options and security strategy. Next section describes the information
results from a previous analysis. Option cards were used to processing and flow in AUMSIS system.
store data about the options analysis outcomes [3].
V. AUMSIS INFORMATION PROCESSING AND FLOW
v) Security Requirements
Security requirement change reports from various AUMSIS provides strategic guidance for three main areas of
stakeholders or security requirements from any external information security management affected by uncertainty
enforcing authority. This is continuously updated to factor in issues. The uncertainty management process using AUSMIS
new/changed requirements. for these issues follows slightly different mechanism due to
the nature of problems. But the data are maintained in a single
B. Up-coming Technology and Organizational repository i.e. knowledgebase. As the AUMSIS addresses
policies/Budget information
three uncertainty concerns in IT security, each one is
It is the prime objective of AUMSIS to provide contemporary elaborated individually in Module 1, Module 2 and Module 3.
guidance about requirement solutions, internalization factors Figure 3 below depicts the information flow of these three
and evaluation strategy. Therefore the AUMSIS has to interact modules using information flow diagram as follows:
61 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Start Vol. 8, No. 3, 2010
Module 1 Module 2 Module 3
Dynamic Requirements Externality Re-evaluation of
Management Management Security System
Identification
Stakeholders/Requirements/Internalization Parameters/Security system
Formulation in Options Theory Context
(Data from Knowledgebase)
Options Analysis for alternative solutions
Each Selected Solution
Up-coming Organizational Test Results
technologies/Budget Strategy/ Interdependence/
information/Uncerta Uncertainty Uncertainty
inty Revelation Revelation Revelation
Option Selection
Opt/Delay/Abandon/Switch
End Yes NO Yes NO Yes NO
OK OK OK
Figure 3. Information flow for Module 1, Module 2 and Module 3
62 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
i) Module 1: Information processing flow of dynamic in a security system or already evaluated components that
security requirements management need to be re-evaluated. Tests are classified according to the
nature of the system under consideration. Uncertainty issues
Dynamically changing security requirement management during re-evaluation are dealt using options technique in
process starts with the identification of requirement change in AUMSIS as tests are prioritized based on pervious evaluation
an organization. It proceeds with examining all possible results and vulnerability reports from knowledgebase.
solutions for this particular requirement. Each solution is
divided into parts and analyzed/compared with system state
(determined by the data from knowledgebase), organizational VI. HETEROGENEOUS INFORMATION ISSUE
policies/budget and up-coming technologies. The significance
of the approach followed by AUMSIS for solution exploration As the AUMSIS retrieves information from various
is the options theory. That concurrently analyzes all solutions information sources (i.e. knowledgebase, Internet,
and decides about each solution to delay, abandon or opt in organization’s policies database) and therefore varies in their
existing scenario. It provides decision makers analysis reports structure, syntax and semantics. It is not directly
for the requirement under-consideration, its possible solutions comprehendible by the Option Analyst Agent (OAA).
and the pros and cons of each solution according to their Therefore it is desirable to store information in uniformly
organization’s information system state. accessible and extractable manner. Without considering the
operating systems used and the hardware running these
ii) Module 2: Externality management information softwares. To overcome the issue of heterogeneous
processing and flow information retrieval we have proposed the use of ontologies
[14][15] that provide a shared conceptualization of a system or
AUMSIS generates internalization recommendations for the domain. The language used will be Web Ontology Language
externalities caused by a security system. The security system (OWL) for the development of ontologies. Which is based on
is already described in knowledgebase according to security strong constructs of description logic and is thus useful to
mechanisms/services it offers. Internalization process starts represent any set of rules that are options concepts,
with identifying externalities by analyzing system data (from organizational policies, internalization parameters etc in case
knowledgebase). The next phase is to list all possible solutions of AUMSIS.
(internalization parameters) according to organizational
policies and available budget/resources. Each solution is then With the help of the options analyst agent these ontologies can
divided into parts and analyzed using options technique to be traversed to find the useful information models and to
build organization’s internalization strategy considering resolve the semantic heterogeneity issues in AUSMIS
current system state and organization’s future plans. AUMSIS components. These issues are raised due to the merger of
generates internalization results for each internalization information from various domains i.e. policy database,
parameter to delay, opt and abandon according to existing technological information and vulnerability/malfunctioning
scenarios as depicted in Figure 3. reports. It is worth mentioning here that the knowledgebase
contains all the organizational polices and rules. This
iii) Module 3: Re-evaluation of security services information plays a key role when OAA accesses information
/mechanisms information processing and flow from various information sources and formalizes
decisions/strategy. Figure 4 depicts the heterogeneous
AUMSIS helps to build re-evaluation strategy for IT security information retrieval framework as follows:
services/mechanisms considering the uncertain factors i.e.
requirements/polices change, vulnerability appearance and
interoperability issues that adversely impact evaluation
process. The process starts with identifying the boundaries of
system for evaluation. It could be the newly adapted solutions
63 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
Information Source 1 Information source 2 Information source n i) Data collection
AUMSIS decides about the optimal solution for a requirement
change based on actual system state and within existing
circumstances. Knowledgebase provides data to determine
Domain Ontology Domain Ontology Domain Ontology system state using vulnerability/malfunctioning reports and
system exploitation history with respect to affected SHS
services. Dynamic factors like uncertainty revelation, budget
Resolving semantic
information and up-coming technology information are also
heterogeneity
continuously accessed/considered in solutions formulation
process as described in next section.
Option analyst agent
Retrieve information
ii) Options analysis
processing rules
Knowledgebase
OAA retrieves information about input data of requirement
change for SHS and lists all available solutions for the certain
requirement. Each solution is then assigned priorities
Figure 4. Option analyst agent’s communication with ontologies and
determined by the up-coming technology, budget information
knowledgebase
and uncertainty involved in current state. Options theory
VII. AUMSIS ANALYSIS AND VALIDATION provides various alternatives to opt, delay or abandon a
solution based on uncertainty revelation; also during solution
AUMSIS architecture presented in previous sections is based formulation process. AUMSIS analyzes each possible solution
on an in-depth study of its methodological details and manual by staging its deployment process and wait for additional
deployment to SHS and ESAM system in past [2][3][4]. The information that becomes available with the time during
current AUMSIS design/information flow is about the exploration and analysis. This additional information normally
automated version of options technique’s concept for requires altering the requirement selection strategy; and this
uncertainty management in information security. The facility is factored in as a core feature of AUMSIS. Thus it
architecture currently addresses three main uncertainty issues provides optimal solution about a requirement considering all
but is flexible to opt any other problem’s mechanism for possible factors that cause uncertainty in determining a
uncertainty management in information security. Example solution. The output information of a solution evolution
given below presents the SHS uncertainty management process is stored in knowledgebase that can be used later and
process using AUMSIS in a nutshell. It is worth mentioning provides guidance to examine future strategy.
here that AUMSIS will be deployed into the organization that
interacts and extracts required information about the target The newly opted solutions for SHS from a requirement
system i.e. SHS in this example. management process may cause positive or negative effects
for other interacting partners. Next phase elaborates how these
A) Changed requirement request effects are addressed as externalities in AUMSIS.
The process is initiated when a change requirement is B) Externality management process
identified for SHS system. This could be initiated by an
internal source (stakeholders, management and implicit Externalities are the effects borne by the systems that are not
system’s request) or by some external source (government involved in a direct communication with the SHS security
enforcing authority) to adapt new standards. Once a change system. These effects could be positive (that might bring in
request is identified; it acts as a stimulus to AUMSIS process benefits) or negative (that might cause vulnerabilities) and
for the SHS system. may appear anytime during the life cycle of SHS system.
AUMSIS initiates externality management process by
64 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
specifying internalization parameters that describes solutions i) Options Analysis
in case of externality occurrences due to SHS system.
Organizations (responsible for controlling security system) OAA customizes and organizes evaluation strategy for a
specify possible internalization parameters according to their particular service of SHS based on its history of service
security objectives and are stored in knowledgebase. failure, vulnerability reports and exploitation history. The
information is extracted from the stored data from
i) Options Analysis knowledgebase; which becomes readily available to OAA.
Tests are prioritized based on this information and system
When an externality is reported/detected for SHS either state. AUMSIS using options theory; provides a deterministic
positive or negative, OAA lists possible internalization approach to generate evaluation strategy and the ability to
parameters for each externality and compares with alter the evaluation directions. It helps to avoid unnecessary
organizational constraints, which include budget information tests that can be determined by the information from uncertain
and organizational policies. These factors are uncertain that outcomes and uncertainty revelations.
may change and affect externality management process. It is
also uncertain if a solution will work appropriately. OAA VIII. CONCLUSION & FUTURE WORK
stages each solution into sections and analyzes them
individually. All solutions for the externalities of SHS are Organizations need to overcome uncertainty issues in their
decided using various options to delay, abandon or alter information security management progress due to obvious fact
decision with respect to uncertainty revelation, rational of rapid technological development. They continuously
analysis, budget and organizational policies. These factors can require significant changes in their existing security
be determined using the data from knowledgebase. AUMSIS infrastructure to meet the organizational security objectives
mechanism of externality management helps to and security standards. Organizations also have to invest huge
deterministically consider variable factors and to respond resources and have to go through a cumbersome procedure to
accordingly for a specific scenario. keep their system up-to-date. The paper introduced AUMSIS,
the infrastructure of an automated system for uncertainty
System up-gradation in case of newly installed services for management issues at organizational level based on an in-
requirement management or externalities solutions (that depth study and manual validation of these concepts in past.
recommended modifications) requires to re-evaluate the The system is capable of managing dynamic issues using
security system to test individual functionality and as a whole options theory mechanism from corporate finance that helps to
interoperability. This factor is also addressed in AUMSIS as a generate appropriate strategies according to system state. The
part of a complete solution and described in following section: paper presented the architectural details and information flow
for AUMSIS system and its various components. The future
C) Initiation of Re-evaluation process intention of this research is the deployment of AUMSIS
framework into a software architecture style.
Re-evaluation is performed particularly when new solutions
are devised. For example in case of SHS system when the
existing system was reconfigured/modified. It is also REFERENCES
recommended as periodically scheduled analysis for the [1] Richard Cornes, Todd Sandler, “The Theory of Externalities, Public Goods and
complete system. AUMSIS classifies evaluation tests into two Club Goods”, Cambridge University Press, June 1996
major categories i.e. assurance and criticality [7]. Assurance [2] Ann Cavoukian, “Privacy as a Negative Externality The Solution: Privacy by
class contains tests to validate performance, serviceability and Design” Workshop on the Economics of Information Security, London, June 24,
functionality. Criticality class contains tests that may alter 2009
testing strategy and are directly affected by uncertain [3] Abbas Haider, Yngström Louise and Hemani Ahmed, “Empowering Security
outcomes/uncertainty issues those are interoperability, Evaluation of IT Products with Options Theory”, in 30th IEEE Symposium on
technological innovation and budget. Security and Privacy 2009, Oakland, California, USA
65 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
[4] Abbas Haider, Magnusson Christer, Yngström Louise and Hemani Ahmed, “A been working for various governmental and private projects in
Structured Approach for Internalizing Externalities Caused by IT Security
Mechanisms”, In Proceesdings of IEEE International Workshop on Education
Pakistan and Sweden.
Technology and Computer Science (ETCS 2010), March 2010, Wuhan, China
Christer Magnusson is Senior Lecture at the Department of
[5] Abbas Haider, Yngström Louise and Hemani Ahmed, “Option Based Computer and Systems Sciences, Stockholm University,
Evaluation: Security Evaluation of IT Products Based on Options Theory”, In
Proceddings of IEEE Eastern European Regional Conference on the Engineering
specialized in IS/IT Security and IS/IT Risk Management.
of Computer Based Systems 2009, Novi Sad, Serbia, Pages.134-141 Before joining SecLab, Christer was Head of Corporate
Security and Risk Manager at Sweden Post and CEO of
[6] J. Mun, “Real Options Analysis - Tools and Techniques for Valuing
Strategic Investments and decisions”, Wiley, Finance, 2002 Sweden Post Insurance AB and Sweden Post Reinsurance
S.A. He has also held the position as Head of Corporate
[7] Abbas Haider, Yngström Louise and Hemani Ahmed, (2009), “Adaptability Security in the Ericsson group. In 1999, Christer was awarded
Model Development for IT Security Evaluation Based On Options Theory” in the SIG Security Award by the Swedish Computer Society
proceedings of IEEE/ACM 2nd International Conference on Security of
Information and Networks (SIN 2009), North Cyprus and in 2000 the Security Award by the Confederation of
Swedish Enterprise as recognition of the models and the
[8] Abbas Haider, Raza Asad , Louise Yngström, Ahmed Hemani, “Evaluation of integrated processes regarding IS/IT Risk Management, that
ESAM using Architectural Tradeoff Analysis Method”, Project Report -VERVA,
December 2008 he developed as a part of his research studies. Dr. Christer is a
[9] Kurt Helenelund, Stephan Urdell, Bo Sehlberg, Anders Bremsjö, Anders
member of the advisory committee of the Swedish Emergency
Lindgren, Jan Lundh, Christer Marklund, “SHS Version 1.2 Protocols”, VERVA - Management Agency. He serves on the risk and security board
Swedish Administrative Development Agency, 2007
of the Confederation of Swedish Enterprise (NSD). He is also
[10] Wilson, D. ; Greig, A. ; Gilby, J. ; Smith, R., “Intelligent automated
an adviser in Corporate Governance, Compliance, Risk
inspection, representing the uncertainty of the real world”, IEE Colloquium on Management, and Information and ICT Security to
Intelligent Sensors (Digest No: 1996/261), 19 Sep 1996, pages 11/1 - 11/6
government agencies as well as trade and industry.
[11] McVicker, M.; Avellino, P.; Rowe, N.C., “Automated Retrieval of Security
Louise Yngström is a professor in Computer and Systems
Statistics from the World Wide Web” IEEE SMC Information Assurance and
Security Workshop, 2007, 20-22 June 2007, pages 355 - 356 Sciences with specialization in Security Informatics in the
department of Computer and Systems Sciences at Stockholm
[12] Abbas Haider, Yngström Louise and Hemani Ahmed, “Security Evaluation of University. Her research base is Systems Science which she
IT Products: Bridging the Gap between Common Criteria (CC) and Real Option
since 1985 has applied within the area of ICT security forming
Thinking” in proceedings of World Congress on Engineering and Computer
Science (WCECS 2008), 22-24 October, 2008, San Francisco, USA holistic approaches. Her research focuses various aspects on
how ICT security can be understood and thus managed by
[13] Nick Jennings, Michael Wooldridge, “Software Agents”, IEE Review, people in organizations, but also generally on criteria for
January 1996, pp 17-20
control. She has been engaged in various activities of the
[14] Thomas R. Gruber: Automatically Integrating Heterogeneous Ontologies International Federation of Information Processing, IFIP, since
from Structured Web Pages. Int. J. Semantic Web Inf. Syst. 3(1): 1-11 (2007) 1973; the Technical Committee 3(TC3) with an educational
[15] Xiaomeng Su, Mihhail Matskin and Jinghai Rao. “Implementing
scope, the TC9 with focus on social accountabilities of ICT
Explanation Ontology for Agent System”. In Proceedings of the 2003 structures and the TC11 with focus on ICT security. She
IEEE/WIC International Conference on Web Intelligence, WI’2003, Halifax, founded the biannual conference WISE (World Conference on
Canada, October, 2003. IEEE Computer Society Press Security Education) in 1999. She was engaged in European
networking for curricula developments within ICT security
and the Secured Electronic Information in Society working for
AUTHORS PROFILE e-Identities during the 1990’s. Since 2000 Dr. Louise is
Haider Abbas has been working as doctoral student at involved in introducing ICT security in academic and business
Department of Electronic Systems, KTH, Sweden. Mr. Abbas life in African countries through her research students who
has authored more than 10 international publications and has simultaneously with their research are academic teachers in
their home countries. Over the years she has traveled and
66 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 3, 2010
networked extensively with international peers. Presently she Sweden. Dr. Hemani has authored more than 100 international
is the principal advisor of seven PhD students. publications. He is participating in and leading some national
and EU projects.
Ahmed Hemani has been working as professor and head of
post-graduate studies at Dept. of ES, School of ICT, KTH,
67 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
Related docs
Other docs by ijcsis
Comparative Analysis between Split and HierarchyMap Treemap Algorithms for Visualizing Hierarchical Data
Views: 15 | Downloads: 0
Non-Preemptive Multi-Constrain Scheduling for Multiprocessor with Hopfield Neural Network
Views: 5 | Downloads: 0
Reliable Multipath Routing Protocol (RMRP) For Mobile Ad Hoc Networks Using Adaptive Video Compression
Views: 10 | Downloads: 1
Single CCTA-Based Four Input Single Output Voltage-Mode Universal Biquad Filter
Views: 36 | Downloads: 0
A Cloud Computing Architecture for E-Learning Platform, Supporting Multimedia Content
Views: 42 | Downloads: 0
