publications

D. W. Chadwick, C. Carroll, S. Harvey, J. New, A. J. Young. (2002). Experiences of Using a Public Key Infrastructure to Access Patient Confidential Data over the Internet. Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICCS 2002). Ed. Ralph H. Sprague, Jr.

Abstract

A project to enable health care professionals (GPs, practice nurses and diabetes nurse specialists) to access, via the Internet, confidential patient data held on a secondary care (hospital) diabetes information system, has been implemented. We describe the application that we chose to distribute (a diabetes register); the security mechanisms we used to protect the data (a public key infrastructure with strong encryption and digitally signed messages, plus a firewall); the reasons for the implementation decisions we made; the validation testing that we performed and the results of the first set of user trials. From a user acceptance perspective, we conclude that perceived usefulness and perceived ease of use on their own, are insufficient to guarantee that a new application will be used extensively in its new environment. Other domain specific factors, such as the compatibility and integration of the new computing system with the old, the working practices of the clinicians, the costs of using the new system compared to the old, and the actual location of the computing equipment all need to be taken into account when establishing untried information technology in ‘real world ’ settings.

Download Paper

Wilson, I.E., Harvey, S., Rezgui, Y. & Cooper, G.S. (2001). A Generic Process Model For Managing The Virtual Enterprise: The OSMOS Approach. In Proceedings of the 1st International Conference on INNOVATION IN ARCHITECTURE, ENGINEERING AND CONSTRUCTION (AEC). 18-20th July, 2001, Loughborough University, UK.

Abstract

 

Harvey, S.C., Wilson, I.E., Rezgui, Y. & Cooper, G.S. (2001). A Comprehensive Description Of The Human, Process And Technical Requirements Of A Construction Virtual Enterprise: The OSMOS Project. In Proceedings of the 1st International Conference on INNOVATION IN ARCHITECTURE, ENGINEERING AND CONSTRUCTION (AEC). 18-20th July, 2001, Loughborough University, UK.

Harvey, S.C., Rezgui, Y., Zarli, A. & Kazi, A.S. (2001). Services for Inter-enterprise Information Management in Dynamic Virtual Enterprises. 2nd Worldwide ECCE Symposium: Information and Communication Technology in the Practice of Building and Civil Engineering. June 6-8, 2001, Espoo, Finland.

Abstract

State of the art research in Construction IT reveals that integration has been achieved, mostly, on static models that define the structure of shared information in the form of files or databases. This paper advocates that integration should be made through frameworks that define the semantic relationships between the interfaces of separate distributed components (and the way to make those relationships evolve in the course of a project/process). Based on a requirements analysis of industrial partners, the OSMOS specification was made in the form of a set of information models and a set of required services packaged in the form of an OSMOS API. This paper focused on: e- mail based communication service, document cross-referencing/information management service, virtual enterprise manager, and information browser.

Download Paper

Harvey, S., Zarli, A., Rezgui, Y., Cooper, G.S. & Kazi, A.S. (2001). OSMOS Base Technology Selection. OSMOS Project Deliverable (D2.1). Europe: OSMOS Project Consortium. Available on the World Wide Web: (URL: http://cic.vtt.fi/projects/osmos/d21.pdf)

Summary

Harvey, S. contributed to The GUIDES Consortium (2000). Guidelines, Methodologies and Standards to set up a CA for Digital Signatures. Version 1.0 (Draft). Available on the World Wide Web: (URL: http://www.regione.emilia-romagna.it/guides/)

Summary

These Guidelines are being developed in the framework of the project GUIDeS1. GUIDeS overall goals are:

1. to improve emerging practices in the setting up of certification services,
   particularly within the public sector, by providing Guidelines to set up a CA for digital signatures, based on state-of-the-art technical and legal standards and requirements, and on the direct experience of the project partners in this field;
2. to validate and demonstrate the Guidelines within the broader EU context;
3. to disseminate improved practices, thus stimulating a wider diffusion of CA
   services;
4. to provide feedback to the institutions which are defining, both at national and at
   European level, the requirements and standards for the provision of digital
   certification services.

This document provides a set of Guidelines for establishing a public key infrastructure (PKI). The guidelines follow a procurement model that involves issuing a Request for Information (RFI) to vendors followed by a Request for Proposal (RFP). The guidelines focus on the technical contents of these documents rather than the business and legal aspects of tendering. An organisation using these guidelines may decide that it is best to outsource the service to a trusted third party, or may decide to purchase hardware and software and establish its own certification service. Guidelines for both procurement models are provided, as well as a set of decision criteria that will be helpful in deciding whether to in- or out-source. The Guidelines cover the process up to the issuance of the first public key certificate, and do not provide guidance on the day-to-day operations and ongoing support of the certification service.

Download (Local Mirror)