Search results

Most automated library systems include a transaction logging component. Yet this fact may be among the best kept secrets in the automated library arena. Often only a few people within a library are aware of its existence, and even fewer have access to the transaction log data. This is unfortunate, since the concrete data garnered by transaction logs can provide bibliographic instructors, reference staff members, systems librarians, and system designers with unique and valuable insights into the patron/system interaction.

With the explosive growth of information available on the World Wide Web, it has become much more difficult to access relevant information from the Web. One possible approach to solve this problem is web personalization. In this paper, we propose a novel WUL (Web Usage Lattice) based mining approach for mining association access pattern rules for personalized web recommendations. The proposed approach aims to mine a reduced set of effective association pattern rules for enhancing the online performance of web recommendations. We have incorporated the proposed approach into a personalized web recommender system known as AWARS. The performance of the proposed approach is evaluated based on the efficiency and the quality. In the efficiency evaluation, we measure the number of generated rules and the runtime for online recommendations. In the quality evaluation, we measure the quality of the recommendation service based on precision, satisfactory and applicability. This paper will discuss the proposed WUL‐based mining approach, and give the performance of the proposed approach in comparison with the Apriori‐based algorithms.

The purpose of this paper is to present how the JISC Usage Statistics Review Project aims to formulate a fundamental scheme for recording usage data and to propose a standard for its aggregation to provide meaningful and comparable item‐level usage statistics for electronic documents such as, for example, research papers and scientific resources.

A core element of the project has been a stakeholder workshop. This workshop was held in Berlin, 7/8 July 2008. Representatives of key stakeholder groups (repositories, libraries, COUNTER, IRStats, JISC, LogEc, MESUR, OA‐Statistics and other Open Access projects) were invited. During the workshop a fundamental scheme for the recording and the exchange of log files was discussed as well as the normalization of data collected.

The following mandatory elements describing usage events were agreed during the stakeholder workshop: Who – identification of user/session, What – item identification and type of request performed (e.g. full‐text, front‐page, including failed/partially fulfilled requests), When – date and time, usage event ID. The following elements were regarded as optional: From where – referrer/the referring entity and identity of the service. Usage events should be exchanged in the form of OpenURL Context Objects using OAI. Automated access (e.g. robots) should be tagged. The definition of automated access has to be straightforward with an option of gradual refinement. Users have to be identified unambiguously, but without recording personal data to avoid conflicts with privacy laws. Policies on statistics should be formulated for the repository community as well as the publishing community. Information about statistics policies should be available on services like OpenDOAR and RoMEO.

The paper is based on the detailed project report to the JISC, available at http://ie‐repository.jisc.ac.uk/250/

This paper aims to propose a mobile agent-based security information and event management architecture (MA-SIEM) that uses mobile agents for near real-time event collection and normalization on the source device. The externalization of the normalization process, executed by several distributed mobile agents on interconnected computers and devices, proposes a SIEM server dedicated mainly for correlation and analysis.

The architecture has been proposed in three stages. In the first step, the authors described the different aspects of the proposed approach. Then they implemented the proposed architecture and presented a new vision for the insertion of normalized data into the SIEM database. Finally, the authors performed a numerical comparison between the approach used in the proposed architecture and that of existing SIEM systems.

The results of the experiments showed that MA-SIEM systems are more efficient than existing SIEM systems because they leave the SIEM resources primarily dedicated to advanced correlation analysis. In addition, this paper takes into account realistic scenarios and use-cases and proposes a fully automated process for transferring normalized events in near real time to the SIEM server for further analysis using mobile agents.

The work provides new insights into the normalization security-related events using light mobile agents.

An electronic health record (EHR) enables clinicians to access and share patient information electronically and has the ultimate goal of improving the delivery of healthcare. However, this can create security and privacy risks to patient information. This paper aims to present a model for securing the EHR based on role-based access control (RBAC), attribute-based access control (ABAC) and the Clark-Wilson model.

A systematic literature review was conducted which resulted in the collection of secondary data that was used as the content analysis sample. Using the MAXQDA software program, the secondary data was analysed quantitatively using content analysis, resulting in 2,856 tags, which informed the discussion. An expert review was conducted to evaluate the proposed model using an evaluation framework.

The study found that a combination of RBAC, ABAC and the Clark-Wilson model may be used to secure the EHR. While RBAC is applicable to healthcare, as roles are linked to an organisation’s structure, its lack of dynamic authorisation is addressed by ABAC. Additionally, key concepts of the Clark-Wilson model such as well-formed transactions, authentication, separation of duties and auditing can be used to secure the EHR.

Although previous studies have been based on a combination of RBAC and ABAC, this study also uses key concepts of the Clark-Wilson model for securing the EHR. Countries implementing the EHR can use the model proposed by this study to help secure the EHR while also providing EHR access in a medical emergency.

Investigates the information needs of marketers on the WWW for consumer analysis purposes, and examines how these can be met. Begins by briefly highlighting the attractiveness of the Web as a medium for communication. Next, summarizes the bases for consumer analysis and segmentation in the context of the traditional marketing communication media. Based on this framework, examines consumer analysis needs in the context of the WWW medium and proposes analysis variables relevant to this medium. Finally, discusses how the information needs for consumer analysis may be met from the different information sources available to a marketer, including the Web logfiles which are generated as a result of tracking the interactions of visitors accessing information from a company’s Web site.

The one area in accounting that shows the sign of volatility, unsettlement, and continuous change is accounting information systems. While textbooks have been revised and updated in line with the change in technology, the auxiliary teaching materials do not seem to have kept pace. Professors teaching the course may be handicapped by their own shortcomings as well as the inadequacy of the supplementary material. The emphasis on database and database management should be supplemented with relevant software and teaching material to make the course more meaningful and the efforts more fruitful. One easily available tool is Access. Incorporation of Access into the course provides an excellent demonstration into application and utility of database management systems.

The purpose of this paper is to shed light on the particular information needs of external auditors performing information technology (IT) audits at service providers in cross-organizational settings and to promote a software-based approach towards their satisfaction. The approach is intended to supplement the manual approaches currently adopted by auditors to procure information in such settings.

The authors analyzed data collected by means of a series of 16 interviews and four think-aloud sessions with experienced professionals.

Information procurement is perceived as tedious by auditors and largely relies on repeat interviews and perusal of documents. Given the growing complexity of cross-organizational settings, manual approaches to information procurement are reaching their limits. A considerable portion of the information required is often stored by service providers using software that is inaccessible to auditors. The authors argue that a software-based approach providing an interface for auditors to access relevant information held by such software presents an avenue worth exploring.

The authors outline how the information stored by service providers using software can be made accessible with reasonable effort. Complementing manual approaches to information procurement with an audit interface would reduce workload and increase quality.

The concept of an audit interface represents a novel and promising approach to meeting the information needs of auditors performing IT audits in cross-organizational settings more effectively. Both auditors and service providers would benefit from its implementation.

The number and range of organisations developing a Web site is growing rapidly. Many of these Web sites are developed in‐houseeven though the skills and resources required for developing a successful site may not be available. It is argued that some of the limitations in terms of resources and skills inherent in the small‐scale in‐house development environment can be overcome through the adoption of an informal Web site development model and suitable usability methods. Presents an informal development model synthesised from a review of development case studies and published Web research literature. This model identifies the main stages and tasks of development. A review of information gathering and usability methods currently being employed is integrated into the model. The importance of understanding user and information provider needs is discussed. A number of common usability methods are then examined in greater detail. The appropriateness of the model and methods for the small‐scale in‐house development environment is considered.

By reviewing different information visualization techniques for securing web information systems, this paper aims to provide a foundation for further studies of the same topic. Another purpose of the paper is to discover directions in which there is a lack of extensive research, thereby encouraging more investigations.

The related techniques are classified first by their locations in the web information systems architecture: client side, server side, and application side. Then the techniques in each category are further classified based on attributes specific to that category.

Although there is much research on information visualization for securing web browser user interface and server side systems, there are very few studies about the same techniques on web application side.

This paper is the first published paper reviewing extensively information visualization techniques for securing web information systems. The classification used here offers a framework for further studies as well as in‐depth investigations.