Identity, addressing, authenticity and audit requirements for trust in ERP, analytics and big/open data in a “Cloud” computing environment : a review and proposal

Enterprises, both public and private, have rapidly commenced using the benefits of enterprise resource planning (ERP) combined with business analytics and “open data sets” which are often outside the control of the enterprise to gain further efficiencies, build new service operations and increase business activity. In many cases, these business activities are based around relevant software systems hosted in a “cloud computing” environment. “Garbage in, garbage out”, or “GIGO”, is a term long used to describe problems in unqualified dependency on information systems, dating from the 1960s. However, a more pertinent variation arose sometime later, namely “garbage in, gospel out” signifying that with large scale information systems, such as ERP and usage of open datasets in a cloud environment, the ability to verify the authenticity of those data sets used may be almost impossible, resulting in dependence upon questionable results. Illicit data set “impersonation” becomes a reality. At the same time the ability to audit such results may be an important requirement, particularly in the public sector. This paper discusses the need for enhancement of identity, reliability, authenticity and audit services, including naming and addressing services, in this emerging environment and analyses some current technologies that are offered and which may be appropriate. However, severe limitations to addressing these requirements have been identified and the paper proposes further research work in the area.

Using a public key registry for improved trust and scalability in national E-health systems

An increasing number of countries are faced with an aging population increasingly needing healthcare services. For any e-health information system, the need for increased trust by such clients with potentially little knowledge of any security scheme involved is paramount. In addition notable scalability of any system has become a critical aspect of system design, development and ongoing management. Meanwhile cryptographic systems provide the security provisions needed for confidentiality, authentication, integrity and non-repudiation. Cryptographic key management, however, must be secure, yet efficient and effective in developing an attitude of trust in system users. Digital certificate-based Public Key Infrastructure has long been the technology of choice or availability for information security/assurance; however, there appears to be a notable lack of successful implementations and deployments globally. Moreover, recent issues with associated Certificate Authority security have damaged trust in these schemes. This paper proposes the adoption of a centralised public key registry structure, a non-certificate based scheme, for large scale e-health information systems. The proposed structure removes complex certificate management, revocation and a complex certificate validation structure while maintaining overall system security. Moreover, the registry concept may be easier for both healthcare professionals and patients to understand and trust.

Trust in merged ERP and open data schemes in the “Cloud”

Enterprise resource planning (ERP) systems are rapidly being combined with “big data” analytics processes and publicly available “open data sets”, which are usually outside the arena of the enterprise, to expand activity through better service to current clients as well as identifying new opportunities. Moreover, these activities are now largely based around relevant software systems hosted in a “cloud computing” environment. However, the over 50- year old phrase related to mistrust in computer systems, namely “garbage in, garbage out” or “GIGO”, is used to describe problems of unqualified and unquestioning dependency on information systems. However, a more relevant GIGO interpretation arose sometime later, namely “garbage in, gospel out” signifying that with large scale information systems based around ERP and open datasets as well as “big data” analytics, particularly in a cloud environment, the ability to verify the authenticity and integrity of the data sets used may be almost impossible. In turn, this may easily result in decision making based upon questionable results which are unverifiable. Illicit “impersonation” of and modifications to legitimate data sets may become a reality while at the same time the ability to audit any derived results of analysis may be an important requirement, particularly in the public sector. The pressing need for enhancement of identity, reliability, authenticity and audit services, including naming and addressing services, in this emerging environment is discussed in this paper. Some current and appropriate technologies currently being offered are also examined. However, severe limitations in addressing the problems identified are found and the paper proposes further necessary research work for the area. (Note: This paper is based on an earlier unpublished paper/presentation “Identity, Addressing, Authenticity and Audit Requirements for Trust in ERP, Analytics and Big/Open Data in a ‘Cloud’ Computing Environment: A Review and Proposal” presented to the Department of Accounting and IT, College of Management, National Chung Chen University, 20 November 2013.)

Why trust the head? Key practices for transformational school leaders to build a purposeful relationship of trust

Trust is widely recognized as one of the key qualities that a successful leader needs to bring about change within his/her organization. Literature has also shown that trust plays a pivotal role in effective school leadership. However, little research has been undertaken to identify specific actions of a transformational school leader enabling him/her to develop purposeful relationships of trust with his/her staff and Chair of the school’s governing body. Using a theoretical framework of transformational leadership in the context of the independent schooling sector in Australia, a multicase study of four highly trusted, transformational school leaders revealed 10 key trust building practices in the Head–staff dyad and three practices in the Head–Chair dyad. These practices were independent of the leader’s personal attributes. The study also revealed an inextricable link between trust and transformational leadership.

Driver’s over-trust on Advanced Driver Assistance Systems on passively protected railway crossings

Passively protected railway crossings are a major rail safety issue in Australia. Such crossings cannot be upgraded as such crossings are too numerous and the cost involved is prohibitive. Advanced Driver Assistance Systems (ADAS) have been shown to improve road safety and are widely used. These systems could be a solution to improve safety of passively protected crossings at a lower cost. Such complementary ADAS could result in driver’s over-trust due to the absence of Humane Machine Interface reflecting the quality of the information or the state of the ADAS (failure status). This paper demonstrates that driver’s exposure to crossing exhibiting fail-safe and non-fail safe properties could result in improperly allocating trust between technologies. We conducted a driving simulator study where participants (N=58) were exposed to three types of level crossing warning system on passive and active crossings. The results show that a significant proportion of participants over-trust the ADAS. Such drivers exhibit the same driving performance with the ADAS as when exposed to infrastructure based active crossing protection. They do not take the necessary safety precautions as they have a faster speed approach, reduced number of gaze toward the rail tracks and fail to stop at the crossing.

Insurance and trust : lessons from the Christchurch Cathedral

This article examines important insurance and trust law issues that may confront trustees charged with the governance and protection of unique properties with broad community and heritage significance. Often trustee roles are assumed by community leaders without full appreciation of the potential difficulties and consequences when unforeseen circumstances arise. Three recent New Zealand court decisions in relation to the deconstruction and repair of the Christchurch Cathedral and to the interim construction of a transitional"cardboard Cathedral" highlight how difficult - and legally exposed - the role of trustee can be. The Cathedral cases go to the heart of defining the core purpose for which a Trust is created and examine the scope of discretion in fulfilling this charge its Trustees carry. Arising in the wake of the devastating Christchurch earthquakes, the Cathedral's Trustees were called upon to consider the best directions forward for a criplled and dangerous building subject to potential demolition, the wellbeing of the Cathedral's direct community, and the broader heritage and identity factors that this 'heart' of Christchurch represented. In the context of a seemingly grossly underinsured material damage cover - and faced with broader losses across the Diocese's holdings - the Trustees found that their sense of mission failed to gel with that of a community-based heritage buildings preservation trust. The High Court had to consider how monies received under the material damage policy could be applied by the Trustee in deconstructing, reinstating or repairing the Cathedral and if monies could be partly deployed to create an interim solution in the former of a transitional cathedral - all this in the context of the site-specific purpose of the Cathedral trust. The cases emphasise further the need to assess professionally the nature and quantum of cover effected to protect against various risks. In addition, in the case of historic or unusual buildings extra care must be exercised to take account additional costs associated with reinstatement so as to substantially retain the character and intrinsic value of such properties.

Boosting the effects of a curriculum based injury prevention program through a school connectedness intervention : final report to NRMA-ACT Road Safety Trust

Injury is the leading cause of death among young people (AIHW, 2008). A primary contributing factor to injury among adolescents is risk taking behaviour, including road related risks such as risky bicycle and motorcycle use and riding with dangerous or drink-drivers. Injury rates increase dramatically throughout adolescence, at the same time as adolescents are becoming more involved in risk taking behaviour. Also throughout this period, adolescents‟ connectedness to school is decreasing (Monahan, Oesterle & Hawkins, 2010; Whitlock, 2004). School connectedness refers to „the extent to which students feel personally accepted, respected, included, and supported by others in the school‟ (Goodenow, 1993, p. 80), and has been repeatedly shown to be a critical protective factor in adolescent development. For example, school connectedness has been shown to be associated with decreased risk taking behaviour, including violence and alcohol and other drug use (e.g., Resnick et al., 1997), as well as with decreased transport risk taking and vehicle related injuries (Chapman et al., accepted April 2011). This project involved the pilot evaluation of a school connectedness intervention (a professional development program for teachers) to reduce adolescent risk taking behaviour and injury. This intervention has been developed for use as a component of the Skills for Preventing Injury in Youth (SPIY) curriculum based injury prevention program for early adolescents. The objectives of this research were to: 1. Implement a trial School Connectedness intervention (professional development program for teachers) in ACT high schools, and evaluate using comparison high schools. 2. Determine whether the School Connectedness program impacts on adolescent risk taking behaviour and associated injuries (particularly transport risks and injuries). 3. Evaluate the process effectiveness of the School Connectedness program.

Regulating audit quality : restoring trust and legitimacy

The global financial crsis, corporate failures and scandals in amny countries raise significant questions audit quality. In the UK, the FRC took the unprecedented step of codifying audit quality in its ‘Audit Quality Framework’. We analyze the extent to which audit firms, professional bodies, and investors considered the FRC proposals sufficient for addressing concerns about audit quality. Using impression management and legitimacy as a framework to analyze stakeholder responses we go beyond audit quality drivers identified by the FRC. In contrast to the drivers identified by the FRC, our focus on transparency, expertise, professionalism and commercialization of the audit shows that FRC, audit firms and professional bodies have mainly focused on issues which possibly do not pose a threat to the commercial interest of audit firms. Overall, our analysis shows that regulatory and professional bodies engaged in image management and the promotion of audit quality in an attempt to remedy tarnished image and augment their legitimacy and standing. In attempting to restore trust and legitimacy regulatory bodies, such as the FRC, have to reconcile complex often contradictory stakeholder demands.

Gossip we can trust: Defamation law and non-fiction

Drawing on two case studies, this article considers the allegation of a disgruntled author: ’Defamation was framed to protect the reputations of 19th century gentlemen hypocrites'. The first case study considers the litigation over Bob Ellis' unreliable political memoir, ’Goodbye Jerusalem', published by Random House. The second case study focuses upon the litigation over the allegation by Media Watch that Richard Carleton had plagarised a documentary entitled ’Cry from the Grave'. The article considers the meaning of defamatory imputations, the range of defences, and the available remedies. It highlights the competing arguments over the protection of reputation and privacy, artistic expression, and the freedom of speech. This article concludes that defamation law should foster ’gossip we can trust'.

"You must trust somebody" : Valtio, liberalismi ja sotatarviketeollisuus Britanniassa 1884-1905

Tutkielmassa on tarkasteltu Britannian sotilasviranomaisten ja maan sotatarviketeollisuuden välisiä suhteita vuosina 1884-1905. Kiihtyvän kilpavarustelun myötä Britannian sotilasbudjetit kasvoivat nopeasti, mikä johti maan sotatarviketeollisuuden saamien tilausten määrän nopeaan kasvuun samalla kun tuotteiden teknologinen kehitys oli nopeaa. Sotilasmenojen nopea kasvu antoi sotamateriaalihankinnoista vastaaville viranomaisille mahdollisuuden vaikuttaa yksityisen teollisuuden kehitykseen. Keskittämällä tilaukset vain luotettavina pitämilleen yrityksille viranomaiset loivat näiden kanssa puolivirallisia yhteistyösuhteita ja edistivät samalla voimakkaasti alan keskittymistä. Toisaalta muutamien suuryritysten hallitsemasta sotatarviketuotannosta muodostui yksi niistä harvoista teollisuuden aloista, joilla Britannian nopeasti kasvavat kilpailijat eivät pystyneet ohittamaan sitä enempää tuotteiden teknologisessa tasossa kuin markkinaosuuksien suuruudessakaan. Tiettyjen yritysten suosimisen taustalla ei ollut vain maanpuolustuksen kannalta rationaalinen pyrkimys hankkia riittävän laadukasta ja kehittynyttä sotamateriaalia, vaan asiaan vaikutti myös upseerien ja sotilasministeriöiden siviilivirkamiesten perinteiset aristokraattiset ajattelu- ja toimintamallit. Taloudellisen liberalismin hengessä tapahtuneet pyrkimykset uudistaa hankintamenettelyä vastaamaan enemmän vapaan kilpailun ja taloudellisuuden ihanteita jäivät yleensä tuloksettomiksi. Sotamateriaalihankintoihin liittyvä päätöksenteko vaati suurta asiantuntemusta, mikä johti sotaministeriön ja amiraliteetin virkamiesten vaikutusvallan kasvamiseen. Sotateollisuuden laajeneminen kytkeytyy läheisesti 1900-luvun alussa Britannian yhteiskunnallisessa elämässä tapahtuneeseen muutokseen, jota yleensä on luonnehdittu laissez fairen lopuksi. Jo 1880-luvulla alkaneella puuttumisellaan yksityisten sotateollisuusyritysten kehitykseen viranomaiset olivat alkaneet harjoittaa suunniteltua teollisuuspolitiikkaa, jonka tuloksena syntynyt puolivirallinen sotilasteollinen sektori oli aatteellisesti liberaaliin yhteiskuntaan soveltumaton ilmiö. Aseteollisuudessa Britannian valtio oli siten joutunut ensimmäisen kerran läheiseen vuorovaikutussuhteeseen modernien suuryritysten kanssa. Kytkentä, joka 1900-luvun kuluessa levisi yhä uusille aloille samalla kun valtion roolia talouselämässä alettiin vahvistaa. Tutkimuksen varsinaisen lähdemateriaalin muodostavat Britannian parlamentin pöytäkirjat ja sen komiteoiden raportit Niiden ohella on käytetty päätöksien tekemiseen osallistuneiden tai niihin vaikuttamiseen pyrkineiden poliitikkojen ja sotilaiden painettuja puheita, kirjekokoelmia, päiväkirjoja ja muistelmia sekä eräitä aikakauden historiaa koskevia dokumenttikokoelmia ja tilastojulkaisuja. Oleellista valaistusta asiaan tuovat osaltaan aikalaisten kirjoittamat teokset sekä lehdistö, joista kuvastuu ajalle ominainen ajattelutapa. Aihetta suoranaisesti koskevaa, tieteellisen tutkimusten kriteerit täyttävää aikaisempaa tutkimusta on vähän, mutta aihetta sivuavien tutkimusten määrä on erittäin suuri. Sotamateriaalihankintoja ja niiden taustalla olevia syitä voidaan tarkastella niin talous-, sota- aate-, kuin poliittisen historiankin näkökulmista, mutta yksinään mikään niistä ei ole riittävä tämän tutkimuksen kysymyksenasettelun kannalta. Siten tutkielmaa varten on perehdytty laajasti aikakautta koskevaan tutkimuskirjallisuuteen.

Fostering interpersonal trust on social media: Physicians' perspectives and experiences

Background The problem of developing and sustaining mutual trust is one of the main barriers to knowledge sharing on social media platforms such as blogs, wikis, micro-blogs and social networking websites. While many studies argue that mutual trust is necessary for online communication and knowledge sharing, few have actually explored and demonstrated how physicians can establish and sustain trusted relationships on social media. Objectives To identify approaches through which physicians establish interpersonal trust on social media. Methods Twenty-four physicians, who were active users of social media, were interviewed using a semi-structured approach between 2013 and 2014. Snowball sampling was employed for participant recruitment. The data were analysed using a thematic analysis approach. Results Physicians trust their peers on social media in a slightly different way than in face-to-face communication. The study found that the majority of participants established trust on social media mainly through previous personal interaction, authenticity and relevancy of voice, professional standing, consistency of communication, peer recommendation, and non-anonymous and moderated sites. Conclusions Healthcare professionals need to approach social media carefully when using it for knowledge sharing, networking and developing trusted relations with like-minded peers.

Public trust in Australian charities: Accounting for cause and effect

This paper reports on a study of the key determinants of public trust in charitable organisations, using survey data commissioned by the Australian Charities and Not-for-profits Commission. Data analysis used partial least squares structural equation modelling to examine both antecedents of trust and the influence of trust on charitable donative intentions. We found that people tend to trust charities with which they are familiar, and which are transparent in their reporting. Organisational size, importance, reputation and national significant were also antecedents of trust. People are more likely to volunteer or donate to charities they trust. The practical implications of this are that charities seeking to enhance their volunteer and donation base should pay attention to their marketing, reputation and disclosure activities, as well as to doing good work on an ongoing basis in the community. Theoretically, the implications are that transparency and reputation do not result directly in donations and volunteering, but they do create trust, and it is trust which then leads to donations and volunteering.