docperiodiko n19 12-7-10:Layout 1
download 
Reclamo Transcript
periodiko n19 12-7-10:Layout 1
ISSUE 19 | JULY 2010 | www.pliroforiki.org e-SIGNATURES: A EUROPEAN UNION VISION p.11 PROTECTION OF CRITICAL DATA USING INFORMATION CENTRIC APPROACH p.21 MYTHS ABOUT PASSWORD SETTINGS AND OTHER NONSENSE: HOW INFORMATION SECURITY TORTURES USERS IN THE NAME OF SECURITY p.27 ŒÎ‰ÔÛË ÙÔ˘ ∫˘ÚÈ·ÎÔ‡ ™‡Ó‰ÂÛÌÔ˘ ¶ÏËÚÔÊÔÚÈ΋˜ | Publication of the Cyprus Computer Society | ISSN 1450-152X ΠΕΡΙΕΧΟΜΕΝΑ CONTENTS ISSUE 19 - JULY 2010 Δ∂ÀÃ√™ 19 - π√À§π√™ 2010 π‰ÈÔÎÙ‹Ù˘ ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜ Δ£ 27038 1641 §Â˘ÎˆÛ›· ∫‡ÚÔ˜ ΔËÏ.: 22 460680 º·Í: 22 767349 [email protected] www.ccs.org.cy ™˘ÓÙ·ÎÙÈ΋ ∂ÈÙÚÔ‹ ∫˘ÚÈ¿ÎÔ˜ E. °ÂˆÚÁ›Ô˘ ª›Óˆ˜ °ÂˆÚÁ¿Î˘ °È¿ÓÓÔ˜ ∞ÏÂÙÚ¿Ú˘ º›ÏÈÔ˜ ¶ÂÏÂÙȤ˜ ¶·Ó›ÎÔ˜ ª·ÛÔ‡Ú·˜ 02 ª‹Ó˘Ì· ™˘ÓÙ·ÎÙÈ΋˜ ∂ÈÙÚÔ‹˜ 08 Δ· Ó¤· Ì·˜ 11 e-Signatures: A European Union Vision Christos Ellinides 21 Protection Of Critical Data Using Information Centric Approach Notis Iliopoulos 27 Myths about Password Settings and Other Nonsense: How Information Security Tortures Users in the Name of Security Gene Schultz 32 Teacher Use of ICT in Cyprus Primary Schools Charalambos Vrasidas 37 Knowledge Management In Developing And Delivering Software Products Andreas Hadjioannou 40 How To Share Knowledge Through Product Cross-Evaluation Katerina Neophytou 45 Do you know this man? Philippos Peleties ÀÔ‚ÔϤ˜ ÕÚıÚˆÓ [email protected] ¢È·ÊËÌ›ÛÂȘ ÃÚÈÛÙ›Ó· ¶··ÌÈÏÙÈ¿‰Ô˘ ΔËÏ.: 22 460680 [email protected] ∂È̤ÏÂÈ· - ™ÂÏ›‰ˆÛË - ∂ÍÒÊ˘ÏÏÔ ∂Ï¿ӷ ¡ÈÎÔÏ¿Ô˘ [email protected] ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜ ISSN 1450-152X ª‹Ó˘Ì· Ù˘ ™˘ÓÙ·ÎÙÈ΋˜ ∂ÈÙÚÔ‹˜ πÔ‡ÏÈÔ˜ 2010 ∞Á·ËÙÔ› Ê›ÏÔÈ Î·È Ê›Ï˜, ∂ÈÛ·ÁˆÁ‹ H «¶ÏËÚÔÊÔÚÈ΋» ÂÈÛÙÚ¤ÊÂÈ Û·ÊÒ˜ ·Ó·Óˆ̤ÓË ÌÂÙ¿ ·fi ÌÈ· Ì·ÎÚfi¯ÚÔÓË ÂÚ›Ô‰Ô ÚÔ‚ÏËÌ·ÙÈÛÌÔ‡ ˆ˜ ÚÔ˜ ÙÔ Ì¤ÏÏÔÓ Ù˘ ¤Î‰ÔÛ˘. ∏ ÚfiıÂÛË Ì·˜ ÂÍ·Ú¯‹˜ ‹Ù·Ó Ë ¤Î‰ÔÛË Ó· Â›Ó·È (·) ·˘Ù¿Ú΢ ·fi ÏÂ˘Ú¿˜ ÔÈÔÙÈ΋˜ ıÂÌ·ÙÔÏÔÁ›·˜ Î·È Ó· ·ÔÙÂÏ› ‚‹Ì· ¤ÎÊÚ·Û˘ ÁÈ· fiÏÔ˘˜ ÙÔ˘˜ Û˘Ó·‰¤ÏÊÔ˘˜ Î·È (‚) ÔÈÎÔÓÔÌÈο ‚ÈÒÛÈÌË fiÛÔ ·ÊÔÚ¿ ÙÔ ÎfiÛÙÔ˜ ¤Î‰ÔÛ˘ Î·È Î˘ÎÏÔÊÔÚ›·˜. ŸÌˆ˜ ·Ú’ fiϘ ÙȘ ÚÔÛ¿ıÂȘ ·ÊÂÓfi˜ Ë ÔÈfiÙËÙ· Î·È Ë ÔÛfiÙËÙ· ÙˆÓ ÚÔÛÊÂÚfiÌÂÓˆÓ ¿ÚıÚˆÓ ‰ÂÓ ‹Ù·Ó ·Ú΋˜ ÁÈ· ÙËÓ ¤Î‰ÔÛË 4 ÂÚÈÔ‰ÈÎÒÓ ÙÔ ¯ÚfiÓÔ Î·È ·ÊÂÙ¤ÚÔ˘ Ë ÔÈÎÔÓÔÌÈ΋ ÎÚ›ÛË ¤¯ÂÈ ÂËÚ¿ÛÂÈ ·ÚÓËÙÈο ÙÔ ÂӉȷʤÚÔÓ ÁÈ· ÙÔÔı¤ÙËÛË ‰È·ÊË̛ۈÓ. ∏ ·Á¿Ë fï˜ ÁÈ· ÙÔ ÂÚÈÔ‰ÈÎfi Î·È Ë ˘Ô¯Ú¤ˆÛË Ô˘ ÓÔÈÒıÔ˘Ì ·¤Ó·ÓÙÈ ÛÙÔ ™‡Ó‰ÂÛÌÔ, ÙÔ˘˜ Û˘Ó·‰¤ÏÊÔ˘˜ ·ÏÏ¿ Î·È ÙËÓ Â˘Ú‡ÙÂÚË ÎÔÈÓˆÓ›· ˘ÂÚÓ›ÎËÛ ·˘Ù¤˜ ÙȘ ‰˘ÛÎÔϛ˜ Î·È ¤ÙÛÈ Ë ·Ó·Óˆ̤ÓË 19Ë ¤Î‰ÔÛË ‚Ú›ÛÎÂÙ·È ÂÓÒÈÔÓ Û·˜. ΔÔ ÁÂÁÔÓfi˜ Ô˘ ÛËÌ¿‰Â„ ÙÔÓ πÔ‡ÓÈÔ ÙÔ˘ 2010, ¤Ú· ·fi ÙÔ ªÔ˘ÓÙÈ¿Ï Î·È ÙÔ Û‡ÓÙÔÌÔ ¤Ú·ÛÌ· Ù˘ ∂ÏÏ¿‰·˜ ·fi ÙËÓ ÚÒÙË Ê¿ÛË ÙÔ˘ £ÂÛÌÔ‡, Â›Ó·È ·Ó·ÌÊ›‚ÔÏ· Ë Â›ÛÎÂ„Ë ÙÔ˘ ¶¿· μÂÓ¤‰ÈÎÙÔ˘ ÙÔ˘ 16Ô˘ ÛÙËÓ ∫‡ÚÔ. ∏ ÂÈı˘Ì›· ÙÔ˘ Ó· ÂÈÛÎÂÊÙ› ÙËÓ ∫‡ÚÔ Î·È Ó· ÚÔÛ΢ӋÛÂÈ ÛÙÔ˘˜ ¯ÒÚÔ˘˜ ·fi ¤Ú·ÛÂ Î·È ‰›‰·ÍÂ Ô ∞fiÛÙÔÏÔ˜ ¶·‡ÏÔ˜ Ì·˙› Ì ÙÔÓ ∞fiÛÙÔÏÔ μ·ÚÓ¿‚· ·ÏÏ¿ Î·È ÔÈ Î·Ï¤˜ Û¯¤ÛÂȘ Ù˘ ∫˘Úȷ΋˜ ¶ÔÏÈÙ›·˜ Î·È ∂ÎÎÏËÛ›·˜ Ì ÙÔ μ·ÙÈηÓfi ‰È¢ÎfiÏ˘Ó·Ó ÙÔ Ù·Í›‰È / ÚÔÛ·ÓËÌ·. ∏ ÈηÓÔÔ›ËÛË ÙÔ˘ ¶¿· ·fi ·˘Ùfi ÙÔ Ù·Í›‰È ‹Ù·Ó Ê·ÓÂÚ‹ Î·È ‰È¿¯˘ÙË fiˆ˜ ‰È¿¯˘Ùfi˜ ‹Ù·Ó Î·È Ô Û‚·ÛÌfi˜ ÚÔ˜ ÙÔ ÚfiÛˆÔ ÙÔ˘ Î·È Ë ·Ú·‰ÔÛȷ΋ ÊÈÏÔÍÂÓ›· Ô˘ ÂÂʇϷÍÂ Ë ∫‡ÚÔ˜ Û’ ·˘ÙfiÓ Î·È ÛÙË Û˘Óԉ›· ÙÔ˘. ΔÂÏÈο ÔÈ fiÔȘ ‰È·ÊÔÚ¤˜ ¯ˆÚ›˙Ô˘Ó 2 | www.pliroforiki.org ÙȘ ¯ÚÈÛÙÈ·ÓÈΤ˜ ÂÎÎÏËۛ˜ Â›Ó·È Û˘ÁÎÚÈÙÈο ÌÈÎÚfiÙÂÚ˜ ·fi ·˘Ù¿ Ô˘ ÙȘ ÂÓÒÓÔ˘Ó Î·È ¤ÙÛÈ ı· Ú¤ÂÈ ÔÈ ıÚËÛ΢ÙÈÎÔ› Ù·ÁÔ› Ó· ·ÊÈÂÚÒÛÔ˘Ó ÂÚÈÛÛfiÙÂÚÔ ¯ÚfiÓÔ Î·È ÎfiÔ ÛÙËÓ ÚÔÛ¿ıÂÈ· ÁÂʇڈÛ˘ ÙˆÓ ‰È·ÊÔÚÒÓ Ô˘ ¤¯Ô˘Ó ÚÔ·„ÂÈ ÛÙȘ Û¯¤ÛÂȘ ÙˆÓ ÂÎÎÏËÛÈÒÓ Î·È ÛÙËÓ Â·Ó¤ÓˆÛË Ù˘ «Ì›·˜ ∞ÔÛÙÔÏÈ΋˜ Î·È ∫·ıÔÏÈ΋˜ ∂ÎÎÏËÛ›·˜» ÌÂÙ¿ Ù· ÙfiÛ· Û¯›ÛÌ·Ù·. ∞Í›˙ÂÈ Ó· ÛËÌÂȈı› fiÙÈ Ô ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜, ·Ó·ÁÓˆÚ›˙ÔÓÙ·˜ ÙË ÛËÌ·ÓÙÈÎfiÙËÙ· Ù˘ ›Û΄˘ Î·È ÛÙ· Ï·›ÛÈ· Ù˘ ÎÔÈÓˆÓÈ΋˜ ÙÔ˘ ÚÔÛÊÔÚ¿˜, ¯ÚËÌ·ÙÔ‰fiÙËÛ ÙÔ Û¯Â‰È·ÛÌfi Î·È ÙËÓ ˘ÏÔÔ›ËÛË ÙfiÛÔ Ù˘ ›ÛËÌË ÈÛÙÔÛÂÏ›‰·˜ Ù˘ ›Û΄˘ ÙÔ˘ ¶¿· (www.papalvisit.org.cy) fiÛÔ Î·È Ù˘ ›ÛËÌ˘ ÈÛÙÔÛÂÏ›‰·˜ Ù˘ ª·ÚˆÓÈÙÈ΋˜ ∂ÎÎÏËÛ›·˜ ÛÙËÓ ∫‡ÚÔ (www.maronitearcheparchy.org.cy). ∫·È Ù· ‰‡Ô ¤ÚÁ· ÔÏÔÎÏËÚÒıËÎ·Ó ¤ÁηÈÚ· Ì ÂÈÙ˘¯›· Î·È ¤Ù˘¯·Ó ıÂÙÈÎÒÓ Û¯ÔÏ›ˆÓ ·fi ÙÔ˘˜ ÂÈÛΤÙ˜. ™˘ÁÎÂÎÚÈ̤ӷ Ë ÈÛÙÔÛÂÏ›‰· Ù˘ ›Û΄˘ ÙÔ˘ ¶¿· ‰¤¯ıËÎÂ Û˘ÓÔÏÈο ̤¯ÚÈ Û‹ÌÂÚ· ¤Ú·Ó ÙˆÓ 650 ¯ÈÏÈ¿‰ˆÓ hits, Ì ·ÔÎÔڇʈ̷ ÙËÓ ÚÒÙË Ì¤Ú· Ù˘ ›Û΄˘ fiÔ˘ ηٷÁÚ¿ÊËÎ·Ó 145 ¯ÈÏÈ¿‰Â˜ hits. ΔÔ ·ÚfiÓ ÂÎÙÂÓ¤˜ Ì‹Ó˘Ì·, ˆ˜ ›ıÈÛÙ·È ¿ÏψÛÙ ·Û¯ÔÏÂ›Ù·È Ì ÌÈ· ÛÂÈÚ¿ ·fi η›ÚÈ· ı¤Ì·Ù· Ô˘ ·ÁÁ›˙Ô˘Ó ÙË Î·ıËÌÂÚÈÓfiÙËÙ· Ì·˜ Î·È ·ÊÔÚÔ‡Ó ÙÔ Ì¤ÏÏÔÓ Ì·˜ fiˆ˜ Ë ·ÁÎfiÛÌÈ· ÔÈÎÔÓÔÌÈ΋ ÎÚ›ÛË Ô˘ Û˘Ó¯›˙ÂÙ·È ÁÈ· ÙÚ›ÙÔ ¯ÚfiÓÔ Î·È ¤¯ÂÈ ÂËÚ¿ÛÂÈ Î·È ÙË ¯ÒÚ· Ì·˜, ÙÔ Ó¤Ô Û¯¤‰ÈÔ ÙÔ˘ ∂Δ∂∫ Ô˘ ·ÊÔÚ¿ ÔÏÏÔ‡˜ ·fi ÂÌ¿˜ Î·È Ë ÌÂÙÔ˘Û›ˆÛË ÙÔ˘ ÔÚ¿Ì·ÙÔ˜ ̤ۈ Ù˘ ηÈÓÔÙÔÌ›·˜, Ù˘ ‰‡Ó·ÌË Ù˘ Ù¯ÓÔÏÔÁ›·˜ Î·È ÙÔ˘ “marketing” Û Ӥ· ηÈÓÔÙfiÌ· ÚÔ˚fiÓÙ· Î·È ÙË ‰ËÌÈÔ˘ÚÁ›· Ó¤ˆÓ ·ÁÔÚÒÓ. Δ¤ÏÔ˜ ÙÔ Ì‹Ó˘Ì· Ù˘ Û˘ÓÙ·ÎÙÈ΋˜ ÂÈÙÚÔ‹˜ ÔÏÔÎÏËÚÒÓÂÙ·È Ì ÙË ıÂÌ·ÙÔÏÔÁ›· Ù˘ ¤Î‰ÔÛ˘. ∏ ¶·ÁÎfiÛÌÈ· √ÈÎÔÓÔÌÈ΋ ∫Ú›ÛË Î·È Ô ∞ÓÙ›ÎÙ˘Ô˜ ÛÙË °ÂÈÙÔÓ›· Ì·˜ ¶ÔÏÏ¿ ¤¯Ô˘Ó ÁÚ·Ê› ÁÈ· ÙËÓ ·ÁÎfiÛÌÈ· ÔÈÎÔÓÔÌÈ΋ ÎÚ›ÛË Ô˘ ÂËÚ¿˙ÂÈ Ô˘ÛÈ·ÛÙÈο fiϘ ÙȘ ÂıÓÈΤ˜ ÔÈÎÔÓƠ̂˜ ȉȷ›ÙÂÚ· ‰Â ÙȘ ·ÓÂÙ˘Á̤Ó˜ Î·È ÛÎÔfi˜ ·˘ÙÔ‡ ÙÔ˘ ÎÂÈ̤ÓÔ˘ ‰ÂÓ Â›Ó·È Ó· ÚÔÛı¤ÛÂÈ ÛÙÔ fiÁÎÔ ÙˆÓ ÎÂÈÌ¤ÓˆÓ ·˘ÙÒÓ ·ÏÏ¿ Ó· ÂÈÛËÌ¿ÓÂÈ Î¿ÔÈ· ÛËÌ›· Ô˘ ı· ‚ÔËı‹ÛÔ˘Ó ÛÙËÓ Î·Ù·ÓfiËÛË ÙÔ˘ Ê·ÈÓÔ̤ÓÔ˘ ·ÏÏ¿ Î·È ÛÙËÓ ·ÔÊ˘Á‹ ·ÚfiÌÔÈˆÓ Ï·ıÒÓ ÛÙÔ Ì¤ÏÏÔÓ. ∫·Ù’ ·Ú¯‹Ó Â›Ó·È ÁÂÓÈο ·Ô‰ÂÎÙfi fiÙÈ Ë ·ÚÔ‡Û· ÎÚ›ÛË ÍÂΛÓËÛ ÛÙȘ ∏¶∞ fiÔ˘ ‰˘Ô ÚÔÛˆÈΤ˜ ÔÏÈÙÈΤ˜ ÙÔ˘ Ù¤ˆ˜ ¶Úfi‰ÚÔ˘ Ù˘ ∫ÂÓÙÚÈ΋˜ ΔÚ¿Â˙·˜, Federal Reserve Board (FED) Dr. Alan Greenspan, ÂÓÒ ‚Ú·¯˘ÚfiıÂÛÌ· Ê·ÈÓfiÓÙÔ˘Û·Ó ÂÈÙ˘¯Â›˜ Û ¤Ó· ÌÂÛÔÚfiıÂÛÌÔ ÔÚ›˙ÔÓÙ· ·¤Ù˘¯·Ó ηٷÛÙÚÔÊÈο. √ Dr. Greenspan ıˆÚ›ÙÔ Ô Ì¿ÁÔ˜ Ù˘ ÔÈÎÔÓÔÌ›·˜ Ô˘ ›¯Â ηٷʤÚÂÈ Ó· ÂÈχÛÂÈ ÙÔ Úfi‚ÏËÌ· ÙÔ˘ ÂȯÂÈÚËÌ·ÙÈÎÔ‡ ·ÎÏÔ˘, business cycle, Ì ÙȘ ÂÚÈÔ‰ÈΤ˜ ÌÂÁÂı‡ÓÛÂȘ Î·È ÛÌÈÎÚ‡ÓÛÂȘ Ù˘ ÔÈÎÔÓÔÌ›·˜ Î·È ÙËÓ ·ÔÊ˘Á‹ ÙˆÓ ˘Ê¤ÛˆÓ. ∞˘Ùfi ÙÔ ¤Ù˘¯Â Ì ÙËÓ Û˘Ó¯‹ Ì›ˆÛË ÙˆÓ ÂÈÙÔΛˆÓ Ë ÔÔ›· Ô‰‹ÁËÛ ÛÙËÓ ·ÏfiÁÈÛÙË ÌÂÁ¤ı˘ÓÛË Ù˘ ÔÈÎÔÓÔÌ›·˜ ̤ۈ Ù˘ ·‡ÍËÛ˘ Ù˘ ˙‹ÙËÛ˘ ÁÈ· ηÙÔÈ˘. Δ· ¯·ÌËÏ¿ ÂÈÙfiÎÈ· ¤ÙÚÂ·Ó Û ·ÁÔÚ·ÛÙ¤˜ Ì ÌÂȈ̤ÓË ÔÈÎÔÓÔÌÈ΋ Â˘ÚˆÛÙ›· Ó· ·ÔÎÙ‹ÛÔ˘Ó Î·ÙÔÈΛ· Ì ‰·ÓÂÈÛÌfi ÙȘ ‰fiÛÂȘ ÙˆÓ ‰·Ó›ˆÓ ÛÙÔ Ù¤ÏÔ˜ ‰ÂÓ ÌÔÚÔ‡Û·Ó Ó· ·ÓÙÈÌÂÙˆ›ÛÔ˘Ó Ì ·ÔÙ¤ÏÂÛÌ· ÔÈ ÙÚ¿Â˙˜ Ô˘ ‰·ÓÂÈÔ‰ÔÙÔ‡Û·Ó ÙËÓ ·ÁÔÚ¿ ·˘ÙÒÓ ÙˆÓ Î·ÙÔÈÎÈÒÓ Ó· ‚ÚÂıÔ‡Ó ÂÎÙÂıÂÈ̤Ó˜ Î·È Ó· ·Ó·ÁηÛÙÔ‡Ó Ó· Ï¿‚Ô˘Ó Ì¤ÙÚ· ÁÈ· ÌÂÁ¿ÏÔ ·ÚÈıÌfi ÂÈÛÊ·ÏÒÓ ‰·Ó›ˆÓ. ΔÔ Úfi‚ÏËÌ· ÁÈ· ÙȘ ÙÚ¿Â˙˜ ·Ô‰Â›¯ÙËΠȉȷ›ÙÂÚ· ÌÂÁ¿ÏÔ ˆ˜ Û˘Ó¤ÂÈ· ÙÔ˘ ‰Â‡ÙÂÚÔ˘ ÂÍ›ÛÔ˘ ÎÚ›ÛÈÌÔ˘ Ï¿ıÔ˘˜ ·˘ÙÔ‡ ÙÔ˘ ÌÂȈ̤ÓÔ˘ ÂϤÁ¯Ô˘ ÙˆÓ ÙÚ·Â˙ÒÓ. To FED ·ÔÊ¿ÛÈÛ fiÙÈ Û ÌÈ· ÒÚÈÌË Î·È ·ÓÙ·ÁˆÓÈÛÙÈ΋ ÔÈÎÔÓÔÌ›· fiˆ˜ ÙȘ ∏¶∞ ÙÔ ÙÚ·Â˙ÈÎfi Û‡ÛÙËÌ· ı· ÌÔÚÔ‡Û ӷ Ú˘ıÌ›ÛÂÈ ·fi ÌfiÓÔ ÙÔ˘ Ù· ÙÔ˘ Ô›ÎÔ˘ ÙÔ˘ Î·È Ó· ·Ó·Ï¿‚ÂÈ ÌÂÁ·Ï‡ÙÂÚË Â˘ı‡ÓË ÁÈ· ÙËÓ ·˘ÙÔÚÚ‡ıÌÈÛË ÙÔ˘. ∞˘Ù‹ Ë ÏÔÁÈ΋ ·Ú·ÁÓˆÚ›˙ÂÈ ‚‚·›ˆ˜ ÙË ‚·ÛÈ΋ ·Ú¯‹ ÙˆÓ ÔÈÎÔÓÔÌÈÎÒÓ fiÙÈ ÙȘ ÔÈÎÔÓÔÌÈΤ˜ ‰Ú·ÛÙËÚÈfiÙËÙ˜ ÙˆÓ ·ÓıÚÒˆÓ Î·È ÙˆÓ ÔÚÁ·ÓÈÛÌÒÓ ÙȘ ηıÔÚ›˙ÂÈ ÙÔ ÚÔÛˆÈÎfi Û˘ÌʤÚÔÓ Î·È Î¤Ú‰Ô˜. °È· ·ÎfiÌË ÌÈ· ÊÔÚ¿ ÂȂ‚·ÈÒÓÂÙ·È fiÙÈ Ô ·ÓÂͤÏÂÁÎÙÔ˜ ηÈÙ·ÏÈÛÌfi˜ ‰ÂÓ Â›Ó·È ‚ÈÒÛÈÌÔ˜ Î·È fiÙÈ Ô ÏÂÏÔÁÈṲ̂ÓÔ˜ ¤ÏÂÁ¯Ô˜ Â›Ó·È ··Ú·›ÙËÙÔ˜. ΔȘ Û˘Ó¤ÂȘ ·˘ÙÒÓ ÙˆÓ Î·Ù·ÛÙÚÔÊÈÎÒÓ Ï·ıÒÓ ÙȘ ¤¯Ô˘Ì ˙‹ÛÂÈ Ù· ÙÂÏÂ˘Ù·›· ¯ÚfiÓÈ· Î·È ‰ÂÓ ¯ÚÂÈ¿˙ÂÙ·È Ó· ÂÂÎÙ·ıÔ‡ÌÂ. ∏ ÙÚ·ÁÈ΋ ·Ï‹ıÂÈ· Â›Ó·È fiÙÈ Ù· ÚÔËÁÔ‡ÌÂÓ· ¤ÙË Ë ·ÁÎfiÛÌÈ· ÔÈÎÔÓÔÌ›· ÏÂÈÙÔ˘ÚÁÔ‡Û ̤۷ Û ÌÈ· ¿ÌÂÙÚË ·ÈÛÈÔ‰ÔÍ›· fiÙÈ Ë ÌÂÁ¤ı˘ÓÛË ı· ‹Ù·Ó Û˘Ó¯‹˜ Î·È fiÙÈ Ô ˘ÂÚ‚ÔÏÈÎfi˜ ‰·ÓÂÈÛÌfi˜ ‹Ù·Ó ‚ÈÒÛÈÌÔ˜. ¢˘ÛÙ˘¯Ò˜ ÙÔ ÁϤÓÙÈ ¤¯ÂÈ ÙÂÏÂÈÒÛÂÈ Î·È ı· Ú¤ÂÈ ÙÒÚ· Ó· ÏËÚÒÛÔ˘Ì ÙÔ ÏÔÁ·ÚÈ·ÛÌfi. ∞ÎfiÌË Î·È ÌÂÙ¿ ÙËÓ ÂͿψÛË Ù˘ ‡ÊÂÛ˘ ÔÈ Î˘‚ÂÚÓ‹ÛÂȘ ÙˆÓ ‰È·ÊfiÚˆÓ ¯ˆÚÒÓ ·Ó·ÁοÛÙËÎ·Ó Ó· ·˘Í‹ÛÔ˘Ó ÙȘ ‰·¿Ó˜ ÁÈ· Ó· Û˘ÁÎÚ·Ù‹ÛÔ˘Ó ÙÔ Ú˘ıÌfi ·Ó¿Ù˘Í˘ Ù˘ ÔÈÎÔÓÔÌ›·˜ ÙÔ˘˜, Ó· ÎÚ·Ù‹ÛÔ˘Ó ÂȯÂÈÚ‹ÛÂȘ ˙ˆÓÙ·Ó¤˜ Î·È ÙËÓ ·ÓÂÚÁ›· Û ÏÔÁÈο ›‰·. ŸÌˆ˜ ‰‡Ô ¯ÚfiÓÈ· ÌÂÙ¿ Î·È ·˘Ù¤˜ ¤¯Ô˘Ó Ó· ·ÓÙÈÌÂÙˆ›ÛÔ˘Ó Ù· ÂÏÏ›ÌÌ·Ù· ÛÙÔ ÚÔ¸ÔÏÔÁÈÛÌfi ÙÔ˘˜, ÙÔÓ „ËÏfi ‰·ÓÂÈÛÌfi, ÙËÓ „ËÏ‹ ·ÓÂÚÁ›· Î·È ÙËÓ ˘ÔÙ›ÌËÛË ÙˆÓ ÂıÓÈÎÒÓ ÓÔÌÈÛÌ¿ÙˆÓ. ∏ ÌÂÁ¿ÏË ¤ÁÓÔÈ· fiÏˆÓ Â›Ó·È Ë ÔÚÈÛÙÈ΋ ·ÒÏÂÈ· ̤۷ Û’ ·˘Ù¿ Ù· ‰‡Ô ¤ÙË ÙÔ˘ 25% Ù˘ Ú·ÁÌ·ÙÈ΋˜ ·Í›·˜ Ù˘ ·ÁÎfiÛÌÈ·˜ ÔÈÎÔÓÔÌ›·˜ fiˆ˜ ÌÂÙÚÂ›Ù·È Ì ÙÔ ∞ηı¿ÚÈÛÙÔ ∂Á¯ÒÚÈÔ ¶ÚÔ˚fiÓ (∞∂¶), Ë ÚÔ‚ÏÂfiÌÂÓË ÈÛ¯Ó‹ ·Ó¿Î·Ì„Ë Ù˘ ÔÈÎÔÓÔÌ›·˜ ÁÈ· Ù· ÂfiÌÂÓ· ¤ÙË, ·ÏÏ¿ Î·È Ë ÂӉ¯fiÌÂÓË ÔÚÈÛÙÈ΋ ·ÒÏÂÈ· ı¤ÛÂˆÓ ÂÚÁ·Û›·˜ ÁÈ·Ù› ÔÈ ÂÙ·ÈÚ›˜ Ì ÙËÓ ÈÛ¯Ó‹ ·Ó¿Î·Ì„Ë Ô˘ ÚԂϤÂÙ·È ÁÈ· ʤÙÔ˜ Ê·›ÓÔÓÙ·È ·Úfiı˘Ì˜ Ó· ·˘Í‹ÛÔ˘Ó ÙÔ ÚÔÛˆÈÎfi ÙÔ˘˜. Ÿˆ˜ ¿ÓÙ· Ô ·‰‡Ó·ÙÔ˜ ÎÚ›ÎÔ˜ ˘Ô¯ˆÚ› ¿ÓÙ· ÚÒÙÔ˜ Î·È ÛÙËÓ ÂÚ›ÙˆÛË ·˘Ù‹ ÔÈ ·‰‡Ó·Ù˜ ¯ÒÚ˜ Ù˘ ∂˘Úˆ˙ÒÓ˘ (PIπGS) ¶ÔÚÙÔÁ·Ï›·, πÙ·Ï›·, πÚÏ·Ó‰›·, ∂ÏÏ¿‰·, πÛ·Ó›· ı· ¤¯Ô˘Ó ÙȘ ÌÂÁ·Ï‡ÙÂÚ˜ ÂÈÙÒÛÂȘ. ∞˘Ùfi Ô˘ ‰ÂÓ Ú¤ÂÈ Ó· ·ÁÓÔÔ‡ÌÂ Â›Ó·È fiÙÈ Ë ÎÚ›ÛË ·˘Ù‹ ÂÛÙÈ¿˙ÂÙ·È Î‡ÚÈ· ÛÙ· ‰ËÌfiÛÈ· ÔÈÎÔÓÔÌÈο Ì „ËÏfi ¤ÏÏÂÈÌÌ· ÛÙÔ ÚÔ¸ÔÏÔÁÈÛÌfi Î·È ˘¤ÚÌÂÙÚÔ Î˘‚ÂÚÓËÙÈÎfi ‰·ÓÂÈÛÌfi. ΔÔ ·Ú¿ÍÂÓÔ Î·È Ù·˘ÙfiÛËÌ· ·ÚËÁÔÚËÙÈÎfi ÁÈ· ÙËÓ ÂÚ›ÙˆÛË Ù˘ ∂ÏÏ¿‰·˜ Â›Ó·È fiÙÈ Û ·ÓÙ›ıÂÛË Ì ÙËÓ ∫˘‚¤ÚÓËÛË Ô˘ ¤¯ÂÈ ¤Ó· ¯Ú¤Ô˜ Ù˘ Ù¿Í˘ ÙÔ˘ 120% ÙÔ ∞∂¶ Ù· ÓÔÈÎÔ΢ÚÈ¿ ÛÙËÓ ∂ÏÏ¿‰· ¤¯Ô˘Ó ÂÚÈÔÚÈṲ̂ÓÔ Î·È ÏÔÁÈÎfi ¯Ú¤Ô˜ Ù˘ Ù¿Í˘ ÙÔ˘ 45% ÙÔ˘ ∞∂¶. ◊‰Ë Ë ÙÚ·ÁÈ΋ ηٿÛÙ·ÛË Ù˘ ∂ÏÏ¿‰·˜ ¤¯ÂÈ ÂÈʤÚÂÈ ÛËÌ·ÓÙÈο ÔÈÎÔÓÔÌÈο, ÔÏÈÙÈο Î·È ÎÔÈÓˆÓÈο ÚÔ‚Ï‹Ì·Ù· Î·È Ë ¯ÒÚ· ÌÂÙÚ¿ ÙÚÂȘ ÓÂÎÚÔ‡˜ Ô˘ ¤ı·Ó·Ó ·Ó·›ÙÈ· ÛÙÔ ¯ÒÚÔ ÂÚÁ·Û›·˜ ÙÔ˘˜ ÛÙÔ Î¤ÓÙÚÔ Ù˘ ∞ı‹Ó·˜. ∏ ∂ÏÏ¿‰· ‰˘ÛÙ˘¯Ò˜ ·ÔÙÂÏ› ¤Ó· ηÏfi ·Ú¿‰ÂÈÁÌ·, ÚÔ˜ ·ÔÊ˘Á‹, fiÔ˘ ‰È·‰Ô¯ÈΤ˜ ΢‚ÂÚÓ‹ÛÂȘ ÙfiÛÔ ÙÔ˘ ¶∞™√∫ ·fi ÙËÓ ¿ÓÔ‰Ô ÙÔ˘ ÛÙËÓ ÂÍÔ˘Û›· ÛÙȘ ·Ú¯¤˜ Ù˘ ‰ÂηÂÙ›·˜ ÙÔ˘ 1980 fiÛÔ Î·È Ù˘ ¡¢ Ô˘ ΢‚¤ÚÓËÛ ÂӉȿÌÂÛ· ηٷ۷ٿÏËÛ·Ó ÙËÓ ·Ó·Ù˘Íȷ΋ ‚Ô‹ıÂÈ· Ù˘ ∂∂ Î·È ÌÂÁ¤ı˘Ó·Ó ·Ó‡ı˘Ó· ÙfiÛÔ ÙÔ ¤ÏÏÂÈÌÌ· ÛÙÔ ÚÔ¸ÔÏÔÁÈÛÌfi fiÛÔ Î·È ÙÔ ‰ËÌfiÛÈÔ ¯Ú¤Ô˜. ΔËÓ Î·Îԉȷ¯Â›ÚÈÛË Â¤ÙÂÈÓ·Ó ÔÈ ÂÏ·ÙÂȷΤ˜ Û¯¤ÛÂȘ Ì Ôϛ٘ Î·È Í¤ÓÔ˘˜ ÂÂÓ‰˘Ù¤˜ Î·È ÚÔÌËıÂ˘Ù¤˜ ·ÏÏ¿ Î·È Ë ‰È·ÊıÔÚ¿ Î·È Ô ¯ÚËÌ·ÙÈÛÌfi˜ ÔÏÈÙÈÎÒÓ. μ‚·›ˆ˜ ÙÒÚ· Ô˘ ÙÔ ÁϤÓÙÈ ÙÂÏ›ˆÛÂ Î·È Â›Ó·È Ë ÒÚ· Ó· ÏËÚˆı› Ô ÏÔÁ·ÚÈ·ÛÌfi˜ Ë ∂ÏÏ¿˜ ÎÈÓ‰˘Ó‡ÂÈ ·fi ‰È¿ÊÔÚÔ˘˜ ÎÂÚ‰ÔÛÎfiÔ˘˜ Î·È ÂÚȤگÂÙ·È ÂÓ Â›‰Ë ·›ÙË ÌÂٷ͇ ÙˆÓ ÂÙ·›ÚˆÓ Ù˘ Î·È Ù˘ ‰ÈÂıÓÔ‡˜ ÎÔÈÓfiÙËÙ·˜ ·ÈÙÒÓÙ·˜ ÔÈÎÔÓÔÌÈ΋ ‚Ô‹ıÂÈ· Î·È ÚÔÛÙ·Û›·. ∫¿ÔȘ ·fi ÙȘ ¯ÒÚ˜ Ù˘ ÔÌ¿‰·˜ ÙˆÓ PIπGS fiˆ˜ Ë πÚÏ·Ó‰›· ÂÁη›Úˆ˜ ·ÏÏ¿ Î·È Ë ¶ÔÚÙÔÁ·Ï›· Î·È Ë πÛ·Ó›· ÈÔ ÚfiÛÊ·Ù· ·Ó·ÏÔÁÈ˙fiÌÂÓ˜ ÙÔ˘˜ ÎÈÓ‰‡ÓÔ˘˜ ¤¯Ô˘Ó ÚÔ¯ˆÚ‹ÛÂÈ Ì ÂıÓÈ΋ ÔÌÔʈӛ· ÛÙË Ï‹„Ë ÙˆÓ ·Ó·Áη›ˆÓ ̤ÙÚˆÓ ÁÈ· Ó· ·ÔʇÁÔ˘Ó Ù· ÚÔ‚Ï‹Ì·Ù· Ù˘ ∂ÏÏ¿‰·˜. ¶·ÚfiÌÔÈ· ‰Ú·ÎfiÓÙÂÈ·, ÚÔÏËÙÈο www.pliroforiki.org | 3 ̤ÙÚ· ¤¯Ô˘Ó ˘ÈÔıÂÙ‹ÛÂÈ Î·È ¿ÏϘ ¯ÒÚ˜ fiˆ˜ ÙÔ ∏ӈ̤ÓÔ μ·Û›ÏÂÈÔ, Ë °ÂÚÌ·Ó›·, Ë πÙ·Ï›· Î·È Ë °·ÏÏ›· ¯ˆÚ›˜ ȉȷ›ÙÂÚË ÎÔÈÓˆÓÈ΋ ·ÓÙ›‰Ú·ÛË. ∞ÓÙ›ıÂÙ· ÛÙËÓ ∂ÏÏ¿‰· Î·È Û ¿ÏϘ ÌÂÛÔÁÂȷΤ˜ ¯ÒÚ˜ ˘¿Ú¯ÂÈ ·Û˘Ìʈӛ· ÙˆÓ ÔÏÈÙÈÎÒÓ ˆ˜ ÚÔ˜ ÙÔ ÙÈ ‰¤ÔÓ ÁÂÓ¤Ûı·È Î·È ·Ú·ÙËÚÔ‡ÓÙ·È ‰ËÌfiÛȘ Ì·˙ÈΤ˜ ·ÓÙȉڿÛÂȘ Î·È ÎÈÓËÙÔÔÈ‹ÛÂȘ ÁÈ·Ù› ÛÙÔ Ù¤ÏÔ˜ Ù˘ Ë̤ڷ˜ ÔÈ Ôϛ٘ Ù˘ οı ¯ÒÚ·˜ ı· ÎÏËıÔ‡Ó Ó· ÏËÚÒÛÔ˘Ó ÙÔ ÎfiÛÙÔ˜ Ù˘ ·ÏfiÁÈÛÙ˘ ÔÈÎÔÓÔÌÈ΋˜ ÔÏÈÙÈ΋˜ Î·È Ù˘ ‰È·ÊıÔÚ¿˜. μ‚·›ˆ˜ Ë ∫‡ÚÔ˜ ‰ÂÓ ÂÍ·ÈÚÂ›Ù·È Ô‡Ù ·fi ÙËÓ ÎÚ›ÛË ·ÏÏ¿ Î·È ·fi ÙËÓ ·Û˘Ìʈӛ· ˆ˜ ÚÔ˜ ÙÔ Ú·ÎÙ¤Ô. ∏ ΢‚¤ÚÓËÛË, ·fi ÙËÓ ÏÂ˘Ú¿ Ù˘, ‰ÂÓ Ê·›ÓÂÙ·È Ó· ·ÓÙÈÏ·Ì‚¿ÓÂÙ·È ÙÔ Ì¤ÁÂıÔ˜ ÙÔ˘ ÚÔ‚Ï‹Ì·ÙÔ˜ Î·È ÙËÓ ·Ó¿ÁÎË Ó· ·ÓÙÈÌÂÙˆ›ÛÂÈ Ù· ÛËÌ·ÓÙÈο ‰ÔÌÈο ÚÔ‚Ï‹Ì·Ù· Ù˘ ÔÈÎÔÓÔÌ›·˜ ( ÌÂٷ͇ ¿ÏÏˆÓ ˘ÂÚ‚ÔÏÈο ÌÂÁ¿ÏÔ˜ ‰ËÌfiÛÈÔ˜ ÙÔ̤·˜, ÛËÌ·ÓÙÈΤ˜ ‰È·ÊÔÚ¤˜ ÛÙÔ˘˜ fiÚÔ˘˜ ÂÚÁÔ‰fiÙËÛ˘ ÌÂٷ͇ ÙÔ˘ ‰ËÌfiÛÈÔ˘ Î·È ÙÔ˘ ȉȈÙÈÎÔ‡ ÙÔ̤·, Ì ·ÔÙ¤ÏÂÛÌ· fiÏÔÈ Ó· ı¤ÏÔ˘Ó Ó· ÂÍ·ÛÊ·Ï›ÛÔ˘Ó ÌÈ· ı¤ÛË ÛÙÔ ‰ËÌfiÛÈÔ, ¯·ÌËÏ‹ ·Ú·ÁˆÁÈÎfiÙËÙ· Î·È Î·Ù΄Â¤ÎÙ·ÛË ¯·ÌËÏ‹ ·ÓÙ·ÁˆÓÈÛÙÈÎfiÙËÙ·). √È Û˘ÓÙ¯ӛ˜ ·Ó·ÏÒÓÔÓÙ·È Û ÌÈ· ÌË ‚ÈÒÛÈÌË ÚÔÛ¿ıÂÈ· ‰È·Ù‹ÚËÛ˘ ÙˆÓ ÎÂÎÙËÌ¤ÓˆÓ Î·È ÔÈ ÔÏÈÙÈΤ˜ ËÁÂۛ˜ ÚÔÛÌÂÙÚÔ‡Ó Î·Ù¿ ·ÚÈÔ ÏfiÁÔ ÙÔ ÔÏÈÙÈÎfi ÎfiÛÙÔ˜ Î·È fiÊÂÏÔ˜ Î·È Î·Ù¿ ‰Â‡ÙÂÚÔ ÙȘ ·ÓÙ›ÛÙÔȯ˜ ÔÈÎÔÓÔÌÈΤ˜ ·Ú·Ì¤ÙÚÔ˘˜. ™ÙËÓ Ú¿ÍË ·˘Ùfi ÛËÌ·›ÓÂÈ fiÙÈ Ô Ì¤ÛÔ˜ ∫‡ÚÈÔ˜, fiˆ˜ Î·È Ô ·ÓÙ›ÛÙÔȯԘ ∂˘Úˆ·›Ô˜, ı· Ú¤ÂÈ Ó· Û˘ÓËı›ÛÂÈ Û ¤Ó· ¯·ÌËÏfiÙÂÚÔ ‚ÈÔÙÈÎfi Â›Â‰Ô Ì fiÙÈ ·˘Ùfi Û˘Ó¿ÁÂÙ·È. ΔÔ ‚·ÛÈÎfi Ì¿ıËÌ· Â›Ó·È fiÙÈ fiϘ ÔÈ ÂÓÂÚÁ¿ ÔÈÎÔÓÔÌÈο ÌÔÓ¿‰Â˜ fiˆ˜ ÎÚ¿ÙË, ÂȯÂÈÚ‹ÛÂȘ, ÔÚÁ·ÓÈÛÌÔ› Î·È ¿ÙÔÌ· ı· Ú¤ÂÈ Ó· Ì¿ıÔ˘Ó Ó· ÏÂÈÙÔ˘ÚÁÔ‡Ó Ì¤Û· ÛÙ· Ï·›ÛÈ· ÙˆÓ ‰˘Ó·ÙÔÙ‹ÙˆÓ ÙÔ˘˜ Î·È Ó· Û˘ÌÂÚÈʤÚÔÓÙ·È ·Ó¿ÏÔÁ·. O ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜ Û ÌÈ· ÚÔÛ¿ıÂÈ· Ó· Û˘Ì‚¿ÏÂÈ ÛÙËÓ Ô˘ÛÈ·ÛÙÈ΋ ·ÓÙÈÌÂÙÒÈÛË ÙˆÓ ‰È·ÚıÚˆÙÈÎÒÓ ÚÔ‚ÏËÌ¿ÙˆÓ Ù˘ ÔÈÎÔÓÔÌ›·˜ ¤¯ÂÈ ÔÌfiʈӷ ·ÔÊ·Û›ÛÂÈ, ηٿ ÙË ‰È¿ÚÎÂÈ· Ù˘ ÚfiÛÊ·Ù˘ °ÂÓÈ΋˜ ™˘Ó¤Ï¢Û˘ Î·È ÌÂÙ¿ ·fi ÂÈÛ‹ÁËÛË ÙÔ˘ ¶ÚÔ¤‰ÚÔ˘, ÙË Û‡ÛÙ·ÛË ÌÈ·˜ ‰ÂÍ·ÌÂÓ‹˜ ÛΤ„˘ Ì ·ÓÙÈΛÌÂÓÔ ÙË ÌÂϤÙË, ¤Ú¢ӷ, ·Ú·ÁˆÁ‹ Î·È ‰È¿¯˘ÛË ÁÓÒÛ˘ ÁÈ· ÙÔ Ò˜ ÔÈ Ù¯ÓÔÏÔÁ›Â˜ ÏËÚÔÊÔÚÈ΋˜ ÌÔÚÔ‡Ó Ó· Û˘Ì‚¿ÏÏÔ˘Ó ÛÙËÓ ·Ó¿Ù˘ÍË Ù˘ ΢Úȷ΋˜ ÔÈÎÔÓÔÌ›·˜ Î·È ÛÙË ‚ÂÏÙ›ˆÛË Ù˘ ÏÂÈÙÔ˘ÚÁ›·˜ Î·È Ù˘ ·fi‰ÔÛ˘ ÙÔ˘ ¢ڇÙÂÚÔ˘ ‰ËÌfiÛÈÔ˘ ÙÔ̤·. ∞˘Ùfi Â›Ó·È fiÓÙˆ˜ ¤Ó· ÂÍ·ÈÚÂÙÈÎfi ‚‹Ì· ·Ó Î·È ÔÈ ÈÔ ÌÂÁ¿ÏÔÈ ·fi Ì·˜ ı˘ÌfiÌ·ÛÙ ·ÚÎÂÙ¤˜ ·ÚfiÌÔȘ ÚˆÙÔ‚Ô˘Ï›Â˜ ·fi ÏÂ˘Ú¿˜ ¶ÔÏÈÙ›·˜. ∞˘Ù‹ ÙË ÊÔÚ¿ fï˜ Ë ÚˆÙÔ‚Ô˘Ï›· Â›Ó·È ÛÙ· ¯¤ÚÈ· Ì·˜. 4 | www.pliroforiki.org Δ·ÌÂ›Ô ™˘ÓÙ·ÍÈÔ‰ÔÙÈÎÒÓ ¶·ÚÔ¯ÒÓ ÁÈ· Ù· ª¤ÏË ÙÔ˘ ∂Δ∂∫ ªÈ· ·fi ÙȘ ÛËÌ·ÓÙÈÎfiÙÂÚ˜ Ì·ÎÚÔ¯ÚfiÓȘ ÂÈÙÒÛÂȘ ·fi ÙËÓ ·ÁÎfiÛÌÈ· ÔÈÎÔÓÔÌÈ΋ ÎÚ›ÛË Ë ÔÔ›· Û˘ÓÂÈÎÔ˘ÚÂ›Ù·È Î·È ·fi ÙÔ ‰ËÌÔÁÚ·ÊÈÎfi Úfi‚ÏËÌ· Ù˘ ∂˘ÚÒ˘ Â›Ó·È Î·È Ë ÎÚ›ÛË ÙˆÓ Û˘ÓÙ·ÍÈÔ‰ÔÙÈÎÒÓ Ù·Ì›ˆÓ. ΔÔ ‰ËÌÔÁÚ·ÊÈÎfi Úfi‚ÏËÌ· Â›Ó·È ·ÔÙ¤ÏÂÛÌ· ‰‡Ô ‰ËÌÔÁÚ·ÊÈÎÒÓ Ù¿ÛÂˆÓ ÔÈ Ôԛ˜ ÂÍÂÏÈÎÙÈο ÂӉ¯Ô̤ӈ˜ Ó· Ô‰ËÁ‹ÛÔ˘Ó ÙȘ ∂˘Úˆ·˚Τ˜ ¯ÒÚ˜ Û ·‰È¤ÍÔ‰Ô ÔÈÎÔÓÔÌÈÎfi Î·È ÎÔÈÓˆÓÈÎfi. ∞ÊÂÓfi˜ Ë ∂˘ÚÒË ¿Û¯ÂÈ ·fi ˘ÔÁÂÓÓËÙÈÎfiÙËÙ· Ì ÙÔ ‰Â›ÎÙË ÁÔÓÈÌfiÙËÙ·˜ Ôχ ¯·ÌËÏfiÙÂÚ· ·fi ÙÔ Ú˘ıÌfi ·Ó·Ï‹ÚˆÛ˘ ÙˆÓ 2,1 ÁÂÓÓ‹ÛÂˆÓ ÁÈ· οı Á˘Ó·›Î· ÌÂٷ͇ ÙˆÓ ÂÙÒÓ 15 Î·È 49. °È· ·Ú¿‰ÂÈÁÌ· ÛÙËÓ ∫‡ÚÔ Ô ‰Â›ÎÙ˘ ÁÔÓÈÌfiÙËÙ·˜ ÁÈ· ÙÔ 2008, ÁÈ· ÙÔ ÈÔ ÚfiÛÊ·ÙÔ ¤ÙÔ˜ ÁÈ· ÙÔ ÔÔ›Ô ¤¯Ô˘Ó ‰Ôı› ÛÙÔȯ›· (Statistical Service of Cyprus, 2009, 78), Â›Ó·È 1,46 Û ۇÁÎÚÈÛË Ì 1,47 ÁÈ· ÙÔ Û‡ÓÔÏÔ ÙÔ˘ Ï·Ó‹ÙË Î·È 1,51 ÁÈ· ÙÔ Û‡ÓÔÏÔ Ù˘ ∂∂, Û‡Ìʈӷ Ì ÛÙÔȯ›· ·fi ÙËÓ ÈÛÙÔÛÂÏ›‰· Ù˘ CIA (2010). ∞ÊÂÙ¤ÚÔ˘ ÙÔ ÚÔÛ‰fiÎÈÌÔ Â›Â‰Ô ˙ˆ‹˜ ¤¯ÂÈ ·Ó¤ÏıÂÈ ÛÙËÓ ∫‡ÚÔ ÁÈ· ÙÔ 2006/07 ÛÙ· 78,3 ¤ÙË ÁÈ· ÙÔ˘˜ ¿Ó‰Ú˜ Î·È ÛÙ· 81,9 ¤ÙË ÁÈ· ÙȘ Á˘Ó·›Î˜ Û ۇÁÎÚÈÛË Ì 75 ¤ÙË ÁÈ· ÙÔ˘˜ ¿Ó‰Ú˜ Î·È 80 ¤ÙË ÁÈ· ÙȘ Á˘Ó·›Î˜ ÁÈ· ÙÔ 1996/97 (Statistical Abstract 2008, 80). ΔÔ ·ÔÙ¤ÏÂÛÌ· ·˘ÙÒÓ ÙˆÓ ·ÓÙ›ÚÚÔˆÓ Ù¿ÛÂˆÓ Â›Ó·È fiÙÈ ÏËı˘ÛÌfi˜ ‰ÂÓ ·˘Í¿ÓÂÈ Ô˘ÛÈ·ÛÙÈο Ì ·ÔÙ¤ÏÂÛÌ· ¤Ó·˜ ÌÂȈ̤ÓÔ˜ ÏËı˘ÛÌfi˜ ÂÚÁ·˙fiÌÂÓˆÓ Ó· Ú¤ÂÈ Ó· Û˘ÓÙËÚ› ¤Ó· ·˘Í·ÓfiÌÂÓÔ ÏËı˘ÛÌfi ·ÙfiÌˆÓ Ù˘ ÙÚ›Ù˘ ËÏÈΛ·˜. ∞˘Ù‹ Ë ÂͤÏÈÍË Ô‰ËÁ› ·Ó·fi‰Ú·ÛÙ· Ù· ‰ËÌfiÛÈ· Û˘ÓÙ·ÍÈÔ‰ÔÙÈο Ù·Ì›· ·ÏÏ¿ Î·È ÙÔ˘˜ ÎÚ·ÙÈÎÔ‡˜ ÚÔ¸ÔÏÔÁÈÛÌÔ‡˜ Û ·‰È¤ÍÔ‰Ô. °È· ÙËÓ ·ÓÙÈÌÂÙÒÈÛË ÙÔ˘ ÚÔ‚Ï‹Ì·ÙÔ˜ ÙˆÓ Û˘ÓÙ·ÍÈÔ‰ÔÙÈÎÒÓ Ù·Ì›ˆÓ ˘¿Ú¯Ô˘Ó ‰‡Ô χÛÂȘ, ÔÈ Ôԛ˜ Â›Ó·È ÔÈÎÔÓÔÌÈο Î·È ÎÔÈÓˆÓÈο ÂÒ‰˘Ó˜ Î·È ¤¯Ô˘Ó (Ê˘ÛÈο) ÔÏÈÙÈÎfi ÎfiÛÙÔ˜: (·) ÙË ·‡ÍËÛË ÙˆÓ ÂÈÛÊÔÚÒÓ Ì¤Ûˆ ¿ÌÂÛ˘ ·‡ÍËÛ˘ ÙˆÓ ÂÈÛÊÔÚÒÓ ·ÏÏ¿ Î·È ÙˆÓ ÂÙÒÓ ÂÈÛÊÔÚ¿˜ Î·È (‚) ÙË Ì›ˆÛË ÙˆÓ ˆÊÂÏËÌ¿ÙˆÓ. ™ÙËÓ ∫‡ÚÔ Ë ÚÔÛ¿ıÂÈ· ÚÔ˜ ÙÔ ·ÚfiÓ ·ÊÔÚ¿ ÙÔ ÛΤÏÔ˜ ·‡ÍËÛ˘ ÙˆÓ ·ÔıÂÌ·ÙÈÎÒÓ ÙÔ˘ Δ·Ì›Ԣ ∫ÔÈÓˆÓÈÎÒÓ ∞ÛÊ·Ï›ÛÂˆÓ (Δ∫∞) ̤ۈ Ù˘ ·‡ÍËÛ˘ ÙˆÓ ÂÈÛÊÔÚÒÓ Î·È Ù˘ ·‡ÍËÛ˘ ÙÔ˘ ¤ÙÔ˘˜ Û˘ÓÙ·ÍÈÔ‰fiÙËÛ˘ ÛÙ·‰È·Î¿ ÛÙ· 65 Î·È ÂӉ¯Ô̤ӈ˜ ̤¯ÚÈ Î·È Ù· 67 ¤ÙË. ™Â ÁÂÓÈΤ˜ ÁÚ·Ì̤˜ Ë Û‡ÓÙ·ÍË Á‹Ú·ÙÔ˜ ÙÔ˘ Δ∫∞ Â›Ó·È Ù˘ Ù¿Í˘ ÙÔ˘ 60% ÙÔ˘ ̤ÛÔ˘ fiÚÔ˘ ÙˆÓ Û˘ÓÔÏÈÎÒÓ ÂÈÛÊÔÚÒÓ ÔÛÔÛÙfi Ô˘ Ê˘ÛÈο Â›Ó·È Ô˘ÛÈ·ÛÙÈο ¯·ÌËÏfiÙÂÚÔ ·fi ÙÔ Â›Â‰Ô ‰È·‚›ˆÛ˘ ÙˆÓ Û˘ÓÙ·ÍÈÔ‰ÔÙÔ‡ÌÂÓˆÓ. ™‡Ìʈӷ Ì ÙËÓ ÈÛÙÔÛÂÏ›‰· ÙÔ˘ ∂Δ∂∫ (« ∏ ηÙËÁÔÚ›· ÛÙËÓ ÔÔ›· ηٷٿÛÛÔÓÙ·È Ù· ̤ÏË ÙÔ˘ ∂Δ∂∫ ÁÈ· ÛÎÔÔ‡˜ ·ÛÊ¿ÏÈÛ˘ Â›Ó·È ·˘Ù‹ ÙˆÓ ÂÈÛÙËÌÔÓÈÎÒÓ Â·ÁÁÂÏÌ¿ÙˆÓ. ªÂ ‚¿ÛË Ù· ÈÛ¯‡ÔÓÙ· Û‹ÌÂÚ·, ¤Ó· ̤ÏÔ˜ ÙÔ˘ ∂Δ∂∫ Ô˘ ·Ó·Ì¤ÓÂÙ·È Ó· ÂÈÛʤÚÂÈ ÛÙÔ °™∫∞ ÁÈ· 35 ¯ÚfiÓÈ·, ÂÍ·ÛÊ·Ï›˙ÂÈ ÛÙÔ 63Ô ¤ÙÔ˜ Û‡ÓÙ·ÍË Ô˘ ·Ó·ÏËÚÒÓÂÈ ÙÔ 45% ÂÚ›Ô˘ ÙÔ˘ ‰Ëψı¤ÓÙÔ˜ ÂÈÛÔ‰‹Ì·ÙÔ˜ ÙÔ˘». º˘ÛÈÔÏÔÁÈο ·Ó·Ì¤ÓÂÙ·È fiÙÈ ÛÙËÓ ËÏÈΛ· Û˘ÓÙ·ÍÈÔ‰fiÙËÛ˘ Ô Î¿ı ÂÚÁ·˙fiÌÂÓÔ˜ ı· ¤¯ÂÈ ÌÂȈ̤Ó˜ ÔÈÎÔÓÔÌÈΤ˜ ˘Ô¯ÚÂÒÛÂȘ, ı· ¤¯ÂÈ ·ÔÏËÚÒÛÂÈ Ù· ‰¿ÓÂÈ· ÙÔ˘ Î·È ‰ÂÓ ı· ¤¯ÂÈ ÂÍ·ÚÙÒÌÂÓ· Ù¤ÎÓ·. ŸÌˆ˜ ÛÙË ‰È΋ Ì·˜ ÎÔÈÓˆÓ›· Ì ÙȘ ÛÊÈÎÙ¿ ‰Â̤Ó˜ ÔÈÎÔÁ¤ÓÂȘ ÔÈ ÔÈÎÔÓÔÌÈΤ˜ ˘Ô¯ÚÂÒÛÂȘ Î·È Ë ÚÔÛ¿ıÂÈ· ÛÙ‹ÚÈ͢ Ù˘ ÔÈÎÔÁ¤ÓÂÈ·˜ ‰ÂÓ ÔÏÔÎÏËÚÒÓÂÙ·È ÔÙ¤. ™¯¤‰ÈÔ ‰˘Ó·ÙfiÓ Ó· ‰ËÌÈÔ˘ÚÁ‹ÛÂÈ ÂÎÚËÎÙÈΤ˜ ·ÓÙȉڿÛÂȘ. ΔÔ ÁÂÁÔÓfi˜ ‰Â fiÙÈ ÛÙÔ ÚfiÛÊ·ÙÔ ·ÚÂÏıfiÓ Â›‰·Ó ÙÔ Êˆ˜ Ù˘ ‰ËÌÔÛÈfiÙËÙ·˜ ÏËÚÔÊÔڛ˜ fiÙÈ ·ÚfiÌÔÈ· Û¯¤‰È· ¤Ù˘¯·Ó ÂÎÌÂÙ¿ÏÏ¢Û˘ ·fi ÂÈÙ‹‰ÂÈÔ˘˜ ηıÒ˜ ›Û˘ Î·È Ë ÛÔ˘‰‹ Ì ÙËÓ ÔÔ›· ÙÚÔ¯Ô‰ÚÔÌÂ›Ù·È Ë ˘ÏÔÔ›ËÛË ÙÔ˘ ™¯Â‰›Ô˘ ‰˘Ó·ÙfiÓ Ó· ‰ËÌÈÔ˘ÚÁ‹ÛÂÈ Â›Û˘ ·ÓÙȉڿÛÂȘ. ªÂ ‚¿ÛË ·˘Ù¿ Ù· ‰Â‰Ô̤ӷ Â›Ó·È ÛËÌ·ÓÙÈÎfi Ô Î¿ı ÂÚÁ·˙fiÌÂÓÔ˜ Ó· ÚÔÁÚ·ÌÌ·Ù›˙ÂÈ ÁÈ· ÙËÓ ÔÈÎÔÓÔÌÈ΋ ÙÔ˘ ηٿÛÙ·ÛË ÁÈ· Ù· ¤ÙË Ù˘ ¯Ú˘Û‹˜ ÙÚ›Ù˘ ËÏÈΛ·˜ ÌÂٷ͇ ¿ÏÏˆÓ Ì ÙË Û˘ÌÌÂÙÔ¯‹ Û ÚfiÛıÂÙ· Û˘ÓÙ·ÍÈÔ‰ÔÙÈο Ù·Ì›·, Ù·Ì›· ÚÔÓÔ›·˜, ·ÛÊ¿ÏÂȘ ˙ˆ‹˜ Î·È ·ÙÔÌÈο Û¯¤‰È· ·ÔÙ·Ì›Â˘Û˘ Î·È Â¤Ó‰˘Û˘. ™Ù· Ï·›ÛÈ· ·˘Ù¿ ÙÔ ∂Δ∂∫ ÚÔÙ›ÓÂÈ ÙË Û‡ÛÙ·ÛË ˘Ô¯ÚˆÙÈÎÔ‡ ÁÈ· fiÏ· Ù· ̤ÏË Ù·Ì›Ԣ Û˘ÓÙ·ÍÈÔ‰ÔÙÈÎÒÓ ·ÚÔ¯ÒÓ. ∏ ÚˆÙÔ‚Ô˘Ï›· ·ÓÙÈÎÚ›˙ÂÙ·È Ì ÛÎÂÙÈÎÈÛÌfi ȉȷ›ÙÂÚ· fiÛÔ ·ÊÔÚ¿ ÙÔ ˘Ô¯ÚˆÙÈÎfi Ù˘ Û˘ÌÌÂÙÔ¯‹˜, ÙÔ Û˘ÓÔÏÈÎfi ÎfiÛÙÔ˜ ·ÏÏ¿ Î·È ÙË ‰È·ÛÊ¿ÏÈÛË ÙˆÓ ÌÂÏÏÔÓÙÈÎÒÓ ·Ô‰fiÛˆÓ. ΔÔ ¢.™. ÙÔ˘ ™˘Ó‰¤ÛÌÔ˘ ÂÂÍÂÚÁ¿˙ÂÙ·È ÂÈÛÙÔÏ‹ ÛÙË ‚¿ÛË ÙÔ˘ ÈÔ Î¿Ùˆ ÚÔۯ‰›Ô˘ ÁÈ· ·ÔÛÙÔÏ‹ ÛÙÔ ∂Δ∂∫ Ô˘ ·Ú·Ù›ıÂÙ·È ÈÔ Î¿Ùˆ: ∂Âȉ‹ Ù· ̤ÏË Ì·˜ ·Ó·Ê¤ÚÔ˘Ó fiÙÈ ‰ÂÓ ÙÔ˘˜ ˙ËÙ‹ıËΠӷ ÂÎÊÚ¿ÛÔ˘Ó ¿Ô„Ë ‹ Ó· Û˘ÌÌÂÙ¤¯Ô˘Ó Û οÔÈ· ¤Ú¢ӷ Ô˘ Ó· ÙÂÎÌËÚÈÒÓÂÈ ÙËÓ ·Ó¿ÁÎË ÁÈ· ‰ËÌÈÔ˘ÚÁ›· Î·È ÏÂÈÙÔ˘ÚÁ›· ÂÓfi˜ Ù¤ÙÔÈÔ˘ ™¯Â‰›Ô˘ ˘Ô‚¿ÏÏÔ˘Ì ÙËÓ ÂÈÛ‹ÁËÛË fiˆ˜ Ú·ÁÌ·ÙÔÔÈËı› ¤Ú¢ӷ ‹ Î·È ‰ËÌÔ„‹ÊÈÛÌ· ·Ó¿ÌÂÛ· ÛÙ· ̤ÏË ÙÔ˘ ∂ÈÌÂÏËÙËÚ›Ô˘ ÛÙËÓ ÔÔ›· Ó· ÙÂıÔ‡Ó ÂÓÒÈÔÓ ÙÔ˘ ÔÈ ‚·ÛÈΤ˜ ·Ú¯¤˜ ÏÂÈÙÔ˘ÚÁ›·˜, ‰ÈÔÈÎËÙÈΤ˜ Î·È ÔÈÎÔÓÔÌÈΤ˜, ÙÔ˘ ™¯Â‰›Ô˘ ÒÛÙ ӷ ÎÚÈı› ηٿ fiÛÔ ÙÔ Ì¤ÏÔ˜ ı· ÂӉȷʤÚÔÓÙ·Ó Ó· Û˘ÌÌÂÙ¿Û¯ÂÈ Û ¤Ó· Ù¤ÙÔÈÔ ™¯¤‰ÈÔ. ¡ÔÂ›Ù·È fiÙÈ Ù˘¯fiÓ ¤ÁÎÚÈÛË ÙˆÓ ‚·ÛÈÎÒÓ ÚÔÓÔÈÒÓ ÏÂÈÙÔ˘ÚÁ›·˜ ÙÔ˘ ™¯Â‰›Ô˘ ÔÛÒ˜ ‰ÂÓ Ú¤ÂÈ Ó· ÂÎÏËÊı› fiÙÈ ÛÙÔ ™¯¤‰ÈÔ ı· Ú¤ÂÈ Ó· Û˘ÌÌÂÙ¤¯Ô˘Ó Ù· ̤ÏË ˘Ô¯ÚˆÙÈο. ∞ÓÙ›ıÂÙ·, ·Ï¿ ı· ‰ÒÛÂÈ ÌÈ· ¤Ó‰ÂÈÍË ÁÈ· ÙËÓ ÔÈÎÔÓÔÌÈ΋ ‚ȈÛÈÌfiÙËÙ· ÙÔ˘ ™¯Â‰›Ô˘. «∞Ó·ÊÂÚfiÌ·ÛÙ ÛÙÔ ÈÔ ¿Óˆ ı¤Ì· Î·È ÛÂ Û˘Ó¤¯ÂÈ· Û¯ÂÙÈÎÒÓ ÂÓËÌÂÚÒÛÂˆÓ Ô˘ ÚÔ¤‚ËΠÚfiÛÊ·Ù· ÙÔ ∂ÈÌÂÏËÙ‹ÚÈÔ ÚÔ˜ Ù· ̤ÏË ÙÔ˘, ÌÂٷ͇ ¿ÏÏˆÓ ‰ËÏÒıËΠfiÙÈ ÙÔ Û¯¤‰ÈÔ ı· Â›Ó·È ˘Ô¯ÚˆÙÈÎfi ÁÈ· fiÏ· Ù· ̤ÏË ÙÔ˘ ∂Δ∂∫. μ¿ÛÂÈ ÙÔ‡ÙÔ˘ ¤¯Ô˘Ó ÚÔ·„ÂÈ ÔÈΛϘ ·ÓÙȉڿÛÂȘ ·fi ÌÂÚ›‰· ÌÂÏÒÓ ÙÔ˘ ∂Δ∂∫ (ÛÙÔÓ ∫Ï¿‰Ô ¶ÏËÚÔÊÔÚÈ΋˜), ÔÈ Ôԛ˜, ÂÏÏ›„ÂÈ Û˘ÓÙÔÓÈÛÌÔ‡ Î·È Ì˯·ÓÈÛÌÒÓ ¤ÎÊÚ·Û˘ ÙÔ˘ ∫Ï¿‰Ô˘ ÛÙÔ ∂Δ∂∫ ‰ÈÔ¯ÂÙ‡ÔÓÙ·È Ì¤Û· ·fi ÙÔ ™‡Ó‰ÂÛÌfi Ì·˜, ˆ˜ Ë Ì·˙ÈÎfiÙÂÚË ÎÔÈÓfiÙËÙ· ÙˆÓ ∂ÈÛÙËÌfiÓˆÓ ¶ÏËÚÔÊÔÚÈ΋˜. ¶·Ú·Î·Ïԇ̠ÛËÌÂÈÒÛÙ fiÙÈ Ô ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜, ÂÎÚÔÛˆÒÓÙ·˜ ÌÂÁ¿ÏÔ ·ÚÈıÌfi ÌÂÏÒÓ ÙÔ˘ Ô˘ Â›Ó·È ÂÁÁÂÁÚ·Ì̤ӷ ÛÙÔ ∂Δ∂∫, ÙÔÔıÂÙÂ›Ù·È ÂÎ ÚÒÙ˘ ·ÚÓËÙÈο ÚÔ˜ ÙÔ ‰È·ÌÔÚÊÔ‡ÌÂÓÔ Û¯¤‰ÈÔ Î·È ·Ú·Î·Ïԇ̠fiˆ˜ Ì·˜ ·Ú·Û¯Âı› ÚfiÛıÂÙË ÏËÚÔÊfiÚËÛË, ÒÛÙ ӷ ÙÔÔıÂÙËıԇ̠› ÙÔ˘ ı¤Ì·ÙÔ˜ ÙÂÏÂÛ›‰Èη. μ·ÛÈ΋ ı¤ÛË ÙÔ˘ ™˘Ó‰¤ÛÌÔ˘ Ì·˜ Â›Ó·È fiÙÈ ÂÂȉ‹ ÙÔ ™¯¤‰ÈÔ ··ÈÙ› ÙË ÌËÓÈ·›· ηٷ‚ÔÏ‹ Û‚·ÛÙÔ‡ ¯ÚËÌ·ÙÈÎÔ‡ ÔÛÔ‡ ÂΠ̤ÚÔ˘˜ ÙˆÓ ÌÂÏÒÓ ¯ˆÚ›˜ Ù·˘Ùfi¯ÚÔÓ· Ó· ÂÁÁ˘¿Ù·È Î·È Ó· ‰È·ÛÊ·Ï›˙ÂÙ·È Ë ÌÂÏÏÔÓÙÈ΋ ÙÔ˘ ·fi‰ÔÛË Ë Û˘ÌÌÂÙÔ¯‹ Û ·˘Ùfi ı· Ú¤ÂÈ Ó· Â›Ó·È Û ÚÔÛˆÈ΋ Î·È ÂıÂÏÔÓÙÈ΋ ‚¿ÛË. ∂ÎÙÈÌԇ̠fiÙÈ Î·Ó¤Ó·˜ ‰ÂÓ ÌÔÚ› Ó· ÁÓˆÚ›˙ÂÈ Ù· ÚÔÛˆÈο ÔÈÎÔÓÔÌÈο ‰Â‰Ô̤ӷ Î·È ¿ÏϘ ˘Ô¯ÚÂÒÛÂȘ ÙˆÓ ÌÂÏÒÓ ÙÔ˘ ∂ÈÌÂÏËÙËÚ›Ô˘ Î·È ˆ˜ ÂÎ ÙÔ‡ÙÔ˘ Ù˘¯fiÓ ÂÈ‚ÔÏ‹ Ù˘ Û˘ÌÌÂÙÔ¯‹˜ Û ¤Ó· Ù¤ÙÔÈÔ ¶·Ú·Î·Ïԇ̠fiˆ˜ ÔÚ›ÛÂÙÂ Û˘Ó¿ÓÙËÛË Ì·˜ ÁÈ· ÏËÚ¤ÛÙÂÚË ÂÓË̤ڈÛË Ì·˜ ÒÛÙÂ Î·È ÂÌ›˜ Ì ÙË ÛÂÈÚ¿ Ì·˜ Ó· ÂÓËÌÂÚÒÛÔ˘Ì ٷ ÂËÚ·˙fiÌÂÓ· ̤ÏË Ì·˜». ΔÔ ı¤Ì· ‰È·ÛÊ¿ÏÈÛ˘ ÂÓfi˜ ·ÍÈÔÚÂÔ‡˜ ÂȤ‰Ô˘ ‰È·‚›ˆÛ˘ ÛÙËÓ ÙÚ›ÙË ËÏÈΛ· Â›Ó·È ÛËÌ·ÓÙÈÎfi Î·È ·ÊÔÚ¿ fiÏÔ˘˜ Ì·˜ Û˘ÏÏÔÁÈο Î·È ·ÙÔÌÈο. ΔÔ Û¯ÂÙÈÎfi Δ·ÌÂ›Ô ™˘ÓÙ·ÍÈÔ‰ÔÙÈÎÒÓ ¶·ÚÔ¯ÒÓ ªÂÏÒÓ ÙÔ˘ ∂Δ∂∫ ı· ÌÔÚÔ‡Û ÂӉ¯Ô̤ӈ˜ Ó· Â›Ó·È ÌÈ· ηϋ ¤Ӊ˘ÛË ÁÈ· οÔÈÔ˘˜ ·fi ÙÔ˘˜ Û˘Ó·‰¤ÏÊÔ˘˜. ΔÔ ¢™ ÙÔ˘ ™˘Ó‰¤ÛÌÔ˘ ÙÔÔıÂÙÂ›Ù·È Î·Ù’ ·Ú¯‹Ó ·ÚÓËÙÈο Î·È ˙ËÙ¿ ÂÚÈÛÛfiÙÂÚË ÏËÚÔÊfiÚËÛË ÁÈ·Ù› Û’ ·˘Ùfi ÙÔ ÛÙ¿‰ÈÔ Ê·›ÓÂÙ·È Ë Û˘ÌÌÂÙÔ¯‹ Ó· Â›Ó·È ˘Ô¯ÚˆÙÈ΋ ÁÈ· Ù· ̤ÏË ÙÔ˘ ∂Δ∂∫, ÙÔ ÌËÓÈ·›Ô ÎfiÛÙÔ˜ ÌÂÁ¿ÏÔ Î·È ‰È·¯ÚÔÓÈο ·˘Í·ÓfiÌÂÓÔ Î·È ÔÈ ÌÂÏÏÔÓÙÈΤ˜ ·Ô‰fiÛÂȘ ‰ÂÓ ‰È·ÛÊ·Ï›˙ÔÓÙ·È. £ÂÚÌ‹ ·Ú¿ÎÏËÛË Û’ fiÏÔ˘˜ Ó· ·Û¯ÔÏËıԇ̠̠ÙÔ ı¤Ì· ÚÔÛˆÈο Î·È ‰ÈÂÍÔ‰Èο ÁÈ·Ù› Ì·˜ ·ÊÔÚ¿ ¿ÌÂÛ·. ∫·ÈÓÔÙÔÌ›· Δ¯ÓÔÏÔÁ›· Î·È Marketing ™Â Ï‹ÚË ·ÓÙ›ıÂÛË Ì ÙËÓ ÎÚ›ÛË Ô˘ ·ÓÙÈÌÂÙˆ›˙ÂÈ Ë ·ÁÎfiÛÌÈ· ÔÈÎÔÓÔÌ›· ˘¿Ú¯Ô˘Ó ·Ú·‰Â›ÁÌ·Ù· ·ÓıÚÒˆÓ Î·È ÂÙ·ÈÚÂÈÒÓ È‰È·›ÙÂÚ· ÛÙÔ ¯ÒÚÔ Ù˘ Ù¯ÓÔÏÔÁ›·˜ ÔÈ Ôԛ˜ ‰ÂÓ Ê·›ÓÂÙ·È Ó· ÂËÚ¿˙ÔÓÙ·È ·fi ÙËÓ Â˘Ú‡ÙÂÚË Î·Ù¿ÛÙ·ÛË Î·È Â›Ó·È Û ı¤ÛË Ó· ηÈÓÔÙÔÌÔ‡Ó Î·È Ó· ·ÍÈÔÔÈÔ‡Ó ÙË ÁÓÒÛË, ÙËÓ Ù¯ÓÔÏÔÁ›· Î·È ÙÔ marketing ÁÈ· ÙË ‰ËÌÈÔ˘ÚÁ›· Ó¤ˆÓ ÚÔ˚fiÓÙˆÓ, ˘ËÚÂÛÈÒÓ Î·È ·ÁÔÚÒÓ Ô˘ Â͢ËÚÂÙÔ‡Ó Î·ÈÓÔ‡ÚÁȘ ·Ó¿ÁΘ Ô˘ ‰ÂÓ ˘‹Ú¯·Ó ÚÔËÁÔ˘Ì¤Óˆ˜. ™‡Ìʈӷ Ì ÙËÓ ∂˘Úˆ·˚΋ ∂ÈÙÚÔ‹ www.pliroforiki.org | 5 «∏ ηÈÓÔÙÔÌ›· Û˘Ó›ÛÙ·Ù·È ÛÙËÓ ·Ú·ÁˆÁ‹, ÙËÓ ·ÊÔÌÔ›ˆÛË Î·È ÙËÓ ÂÎÌÂÙ¿ÏÏ¢ÛË Ì ÂÈÙ˘¯›· ÙˆÓ Ó¤ˆÓ ÂÈÙ¢ÁÌ¿ÙˆÓ ÛÙÔÓ ÔÈÎÔÓÔÌÈÎfi Î·È ÎÔÈÓˆÓÈÎfi ÙÔ̤·» ( ∂˘Úˆ·˚΋ ∂ÈÙÚÔ‹, 2003). ∏ ηÈÓÔÙÔÌ›· Î·È Ë ·Ú·ÁˆÁÈÎfiÙËÙ·/ ·ÓÙ·ÁˆÓÈÛÙÈÎfiÙËÙ· Â›Ó·È ÔÈ ‰‡Ô ¤ÓÓÔȘ Ë ·ÍÈÔÔ›ËÛË ÙˆÓ ÔÔ›ˆÓ ı· ‚ÔËı‹ÛÔ˘Ó ÙËÓ ∂∂ ÛÙÔ Û‡ÓÔÏÔ Ù˘ ·ÏÏ¿ Î·È Ù· ÎÚ¿ÙË Ì¤ÏË Ó· ·Ó·Ù˘¯ıÔ‡Ó ÔÈÎÔÓÔÌÈο Î·È Ó· ·ÓÙÈÌÂÙˆ›ÛÔ˘Ó Ì ÂÈÙ˘¯›· ÙȘ ¿ÏϘ ‰˘Ó·ÌÈΤ˜ ÔÈÎÔÓƠ̂˜. Δ¤ÙÔÈ· ·Ú·‰Â›ÁÌ·Ù· ÂÚÈÏ·Ì‚¿ÓÔ˘Ó ÂÙ·ÈÚ›˜ fiˆ˜ ÙËÓ ÂÙ·ÈÚ›· ÎÔÈÓˆÓÈ΋ ‰ÈÎÙ‡ˆÛ˘ Facebook, ÙËÓ ÂÙ·ÈÚ›· ·Ó·˙‹ÙËÛ˘ ‰Â‰ÔÌ¤ÓˆÓ Google, ÙË ‰È·‰ÈÎÙ˘·Î‹ ÂÁ΢ÎÏÔ·›‰ÂÈ· Wikipedia, ÙË ‰È·‰ÈÎÙ˘·Î‹ ˘ÂÚ·ÁÔÚ¿ Amazon ‹ Î·È ÙË ‰È·‰ÈÎÙ˘·Î‹ ÂÙ·ÈÚ›· ‰ËÌÔÚ·ÛÈÒÓ ebay. ¶·Ú¿ÏÏËÏ· Ì ·˘Ù¤˜ ÙȘ Ӥ˜ ÂÙ·ÈÚ›˜ Û˘Ó¯›˙Ô˘Ó Ó· ÏÂÈÙÔ˘ÚÁÔ‡Ó Î·È ¿ÏϘ ÈÔ ÁÓˆÛÙ¤˜ ÂÙ·ÈÚ›˜ fiˆ˜ Ë ÂÙ·ÈÚ›· ÏÔÁÈÛÌÈÎÔ‡ Microsoft Î·È Ë ÂÙ·ÈÚ›· Apple Ë ÔÔ›· ¤¯ÂÈ ÂÂÎÙ›ÓÂÈ ÙȘ ‰Ú·ÛÙËÚÈfiÙËÙ˜ Ù˘ Û ÌÈ· ÛÂÈÚ¿ ·fi ·ÁÔÚ¤˜ Î·È ÚˆÙfiÙ˘· ÚÔ˚fiÓÙ· Î·È ˘ËÚÂۛ˜ ÛÙÔÓ Â˘Ú‡ÙÂÚÔ ¯ÒÚÔ Ù˘ ÏËÚÔÊÔÚÈ΋˜, ÙˆÓ ÂÈÎÔÈÓˆÓÈÒÓ Î·È ÙÔ˘ ı¿̷ÙÔ˜. ∫·È ÔÈ ‰‡Ô ÂÙ·ÈÚ›˜ Â›Ó·È ‰ËÌÈÔ˘ÚÁ‹Ì·Ù· ÙÔ˘ ÂÚ·Ṳ̂ÓÔ˘ ·ÈÒÓ· ÛÙ· Ù¤ÏË Ù˘ ‰ÂηÂÙ›· ÙÔ˘ 1970 Î·È ·˘Ù‹ ÙËÓ ÂÚ›Ô‰Ô Î·Ù¤¯Ô˘Ó ÙȘ ‰‡Ô ÚÒÙ˜ ı¤ÛÂȘ ·fi ÏÂ˘Ú¿˜ ÎÂÊ·Ï·ÈÔÔ›ËÛ˘ Ì ÙËÓ Apple Ì¿ÏÈÛÙ· Ó· η٤¯ÂÈ ÙËÓ ÚÒÙË ı¤ÛË. ΔÔ Î˘ÚÈfiÙÂÚÔ ÁÓÒÚÈÛÌ· ·˘ÙÒÓ ÙˆÓ ÂÙ·ÈÚÂÈÒÓ ‰ÂÓ Â›Ó·È ÌfiÓÔ Ë ·fiÏ˘ÙË ÁÓÒÛË Î·È Î·ÙÔ¯‹ ÚÔËÁ̤Ó˘ Ù¯ÓÔÏÔÁ›·˜ ·ÏÏ¿ Î·È Î·Ù¿ÏÏËÏË ·ÍÈÔÔ›ËÛË ÙÔ˘ Marketing Î·È ‹ ¤ÌÊ˘ÙË Ê‡ÛË ÁÈ· ÂÈÙ˘¯›· (drive). Δ· ÚÔ˚fiÓÙ· Ù˘ Apple ‰È·ÎÚ›ÓÔÓÙ·È ¿ÓÙÔÙ ÁÈ· ÙËÓ ÚˆÙÔÙ˘›· ÙÔ˘˜, ÙËÓ Î·ÈÓÔÙÔÌ›· ÙÔ˘˜, ÙÔÓ È‰È·›ÙÂÚÔ Û¯Â‰È·ÛÌfi Î·È Â˘ÎÔÏ›· ¯Ú‹Û˘. Δ· ÈÔ ÚfiÛÊ·Ù· ·Ú·‰Â›ÁÌ·Ù· ·ÊÔÚÔ‡Ó Ù· ηÈÓÔÙfiÌ· ÚÔ˚fiÓÙ· iPod, iPhone Î·È iPad. Δ· ÙÚ›· ÚÔ˚fiÓÙ· ÛÙÚ·ÙËÁÈο ÙÔÔıÂÙË̤ӷ ÌÂٷ͇ ‰È·ÊÔÚÂÙÈÎÒÓ Ù¯ÓÔÏÔÁÈÒÓ Ù˘ ÏËÚÔÊÔÚÈ΋˜, ÙˆÓ ÂÈÎÔÈÓˆÓÈÒÓ, ÙÔ˘ ı¿̷ÙÔ˜ Î·È ÙÔ˘ ˘ÏÈÎÔ‡ „˘¯·ÁˆÁ›·˜ Î·È ÂÓË̤ڈÛ˘ ¤¯Ô˘Ó ÂÓ ÔÏÏÔ›˜ ‰ËÌÈÔ˘ÚÁ‹ÛÂÈ Ó¤Â˜ ·ÁÔÚ¤˜ Î·È ¤¯Ô˘Ó ‰ÒÛÂÈ ÙËÓ Â˘Î·ÈÚ›· Û ¿ÏϘ ÂÙ·ÈÚ›˜ Ó· ·ÚÔ˘ÛÈ¿ÛÔ˘Ó ·Ó¿ÏÔÁ· ÚÔ˚fiÓÙ· Î·È ˘ËÚÂۛ˜. °È· ·Ú¿‰ÂÈÁÌ· ÙÔ iPod ¤¯ÂÈ ‰ÒÛÂÈ Ó¤· ÒıËÛË ÛÙËÓ ÒÏËÛË ÌÔ˘ÛÈ΋˜ Î·È ÚÔÁÚ·ÌÌ¿ÙˆÓ ˘fi ÙË ÌÔÚÊ‹ video ̤ۈ ÙÔ˘ ‰È·‰ÈÎÙ‡Ô˘ Î·È Ù˘ Ó¤·˜ ˘ËÚÂÛ›·˜ iStore ȉÈÔÎÙËÛ›·˜ Ù˘ Apple. H ÂÙ·ÈÚ›· ‚‚·›ˆ˜ ÏËÚÒÓÂÈ ‰ÈηÈÒÌ·Ù· ÛÙÔ˘˜ ·Ú·ÁˆÁÔ‡˜ ÙÔ˘ ˘ÏÈÎÔ‡ ·fi ÙÔ ¤Ó· ‰ÔÏ¿ÚÈÔ ∞ÌÂÚÈ΋˜ Ô˘ ¯ÚÂÒÓÂÈ ÁÈ· οı ÙÚ·ÁÔ‡‰È. ªÈ· ·ÚfiÌÔÈ· ÛÙÚ·ÙËÁÈ΋ ÚÔÒıËÛ˘ ÚÔ˚fiÓÙˆÓ fiˆ˜ ‚È‚Ï›·, ÂÚÈÔ‰Èο ÂÊËÌÂÚ›‰Â˜ Î·È ·ÈÁÓ›‰È· ÚÔˆı› Ë ÂÙ·ÈÚ›· Î·È Ì ÙÔ ÈÔ ÚfiÛÊ·ÙÔ ·Ú¿‰ÂÈÁÌ· ·˘Ù‹˜ Ù˘ ηÈÓÔÙfiÌÔ˘ ‰Ú·ÛÙËÚÈfiÙËÙ·˜ Ì ÙËÓ ·Ú·ÁˆÁ‹ Î·È ‰È¿ıÂÛË ÛÙËÓ ·ÁÔÚ¿ ÙÔ˘ ÚÔ˚fiÓÙÔ˜ iPad. ΔÔ iPad Â›Ó·È ¤Ó·˜ ËÏÂÎÙÚÔÓÈÎfi˜ ˘ÔÏÔÁÈÛÙ‹˜ 6 | www.pliroforiki.org ˘fi ÌÔÚÊ‹ Ù·ÌϤٷ˜ ÙÔ ÔÔ›Ô Û˘Ó‰˘¿˙ÂÈ ÔÏϤ˜ ˘ÊÈÛÙ¿ÌÂÓ˜ ÏÂÈÙÔ˘ÚÁ›Â˜ Û ¤Ó· ÂÚÈÂÎÙÈÎfi Î·È Î·ÏÔۯ‰ȷṲ̂ÓÔ Û‡ÓÔÏÔ. ªÂٷ͇ ·˘ÙÒÓ ÂÚÈÏ·Ì‚¿ÓÔÓÙ·È Ë ·Ó¿ÁÓˆÛË ËÏÂÎÙÚÔÓÈÎÒÓ ‚È‚Ï›ˆÓ, ‰È·‰ÈÎÙ˘·Î¿ ·ÈÁÓ›‰È·, Ë ÏÔ‹ÁËÛË ÙÔ˘ ‰È·‰ÈÎÙ‡Ô˘ Î·È Ë ‰ËÌÈÔ˘ÚÁ›· ˘ÏÈÎÔ‡. ∂›Û˘ ÙÚ¤¯ÂÈ ÔÏϤ˜ ÂÊ·ÚÌÔÁ¤˜ Ô˘ ¤¯Ô˘Ó ‰ËÌÈÔ˘ÚÁËı› ÁÈ· Ù· ÚÔËÁÔ‡ÌÂÓ· ̤ÏË Ù˘ ÔÈÎÔÁ¤ÓÂÈ·˜ i (iPhone Î·È iPod) ∞fi ÙËÓ ÂÈÛ·ÁˆÁ‹ ÙÔ˘ ÛÙËÓ ·ÁÔÚ¿ ÙÔ ∞Ú›ÏÈÔ ÙÔ˘ 2010 ̤¯ÚÈ Î·È ÙËÓ 1Ë πÔ˘Ó›Ô˘ 2010 ¤¯Ô˘Ó ‰È·ÙÂı› ‰‡Ô ÂηÙÔÌ̇ÚÈ·. ªË¯·Ó‹Ì·Ù· ·Ó¿ÁÓˆÛ˘ ‚È‚Ï›ˆÓ, ÂÊËÌÂÚ›‰ˆÓ Î·È ÂÚÈÔ‰ÈÎÒÓ, e-book readers, ¤¯Ô˘Ó ÚÔˆı‹ÛÂÈ ÛÙËÓ ·ÁÔÚ¿ Î·È ¿ÏϘ ÂÙ·ÈÚ›˜ fiˆ˜ ÙËÓ Amazon Ì ÙÔ Kindle, Ë Sony Ì ÙÔ Reader Î·È Ù· ‚È‚ÏÈԈϛ· Barnes & Noble Ì ÙÔ Nook ·ÏÏ¿ ηӤӷ ·fi ·˘Ù¿ Ù· ÚÔ˚fiÓÙ· ‰ÂÓ Î·Ù¿ÊÂÚ ӷ ¤¯ÂÈ ÙËÓ ÂÌÔÚÈ΋ ÂÈÙ˘¯›· ÙÔ˘ iPad, ÙÔ ÔÔ›Ô Ê˘ÛÈο ÂÚÈÏ·Ì‚¿ÓÂÈ Î·È ¿ÏϘ ÛËÌ·ÓÙÈΤ˜ ÏÂÈÙÔ˘ÚÁ›Â˜. Ÿˆ˜ ¤¯Ô˘Ì ‹‰Ë ÛËÌÂÈÒÛÂÈ ·˘Ùfi Ô˘ οÓÂÈ Ù· ÚÔ˚fiÓÙ· Ù˘ Apple ÙfiÛÔ Í¯ˆÚÈÛÙ¿ Î·È ‰ËÌÔÊÈÏ‹ Â›Ó·È Ô ÚˆÙfiÙ˘Ô˜ ۯ‰ȷÛÌfi˜, Ë ÎÔÌ„fiÙËÙ· Î·È Ë Â˘¯ÚËÛÙ›· Î·È Ë ·ÚÌÔÓÈ΋ Û‡˙¢ÍË Ù˘ Ù¯ÓÔÏÔÁ›·˜ Ì ÙÔ Marketing. √È Ú·ÁÌ·ÙÈο ÂÈÙ˘¯Ë̤Ó˜ ÂÙ·ÈÚ›˜ ‰ËÌÈÔ˘ÚÁÔ‡Ó Í¯ˆÚÈÛÙ¿ ÚÔ˚fiÓÙ· ·ÏÏ¿ ¤¯Ô˘Ó ÙËÓ ÈηÓfiÙËÙ· Ó· Ù· ÚÔˆı‹ÛÔ˘Ó ÛÙËÓ ·ÁÔÚ¿ Î·È Ó· ‰ËÌÈÔ˘ÚÁ‹ÛÔ˘Ó ·ÁÔÚ¤˜ Î·È ·Ó¿ÁΘ ÂΛ Ô˘ ‰ÂÓ ˘¿Ú¯Ô˘Ó. ŸÌˆ˜ ÚÔ˜ ÙÈ fiÏ· ·˘Ù¿; ¶ÔÈfi Â›Ó·È ÙÔ Ì¿ıËÌ· ÁÈ· ÙËÓ ∫‡ÚÔ ‹ Î·È ÙËÓ ∂˘ÚÒË ·fi Ù· ÈÔ ¿Óˆ; °È·Ù› Ë ÛÙÚ·ÙËÁÈ΋ Ù˘ §ÈÛÛ·‚fiÓ·˜ ÁÈ· ÙËÓ ·ÓÙ·ÁˆÓÈÛÙÈÎfiÙËÙ· ¤¯ÂÈ Ô˘ÛÈ·ÛÙÈο ·ÔÙ‡¯ÂÈ; ¶fiÛË ÛËÌ·Û›· ¤¯ÂÈ ÙÔ «ÚÔÙÂÛÙ·ÓÙÈÎfi ‹ıÔ˜» Ô˘ ÙfiÛÔ ·Ú·ÛÙ·ÙÈο ¤¯ÂÈ ÂÚÈÁÚ¿„ÂÈ Ô Max Weber; £· ÌÔÚ¤ÛÂÈ Ë ÁËÚ·È¿ ‹ÂÈÚÔ˜ Ó· ·ÓÙ·ÁˆÓÈÛı› Ì ÂÈÙ˘¯›· ÙËÓ ÎÚ·Ù·È¿ ∞ÌÂÚÈ΋ Î·È ÙȘ ·Ó·‰˘fiÌÂÓ˜ ÔÈÎÔÓƠ̂˜ Ù˘ ∫›Ó·˜, Ù˘ πÓ‰›·˜, Ù˘ Taiwan Ù˘ ™ÈÁηԇÚ˘ Î·È Ù˘ μÚ·˙ÈÏ›·˜ ÌÂٷ͇ ¿ÏψÓ; ªÔÚ› ÌÈ· ¯ÒÚ· Ó· ÂÈ‚ÈÒÛÂÈ ¯ˆÚ›˜ ‚ÈÔÌ˯·Ó›· ‚·ÛÈ˙fiÌÂÓË ÌfiÓÔ ÛÙȘ ˘ËÚÂۛ˜; ΔÈ ‰¤ÔÓ ÁÂÓ¤Ûı·È; ŸÏ· ·˘Ù¿ Ù· Ô˘ÛÈ·ÛÙÈο ÂÚˆÙ‹Ì·Ù· ı· Ì›ÓÔ˘Ó ˆ˜ Ù¤ÙÔÈ· ̤¯ÚÈ ÙËÓ ÂfiÌÂÓË ¤Î‰ÔÛË. £· Ú¤ÂÈ Ó· ÛËÌÂȈı› fiÙÈ Û ÔÚÈṲ̂ÓÔ˘˜ ·ÎÏÔ˘˜ ÂÈÎÚ·Ù› ·ÓËÛ˘¯›· fiÙÈ Ë ∂˘ÚÒË ı· Â›Ó·È Ë ÙÂÏÂ˘Ù·›· Û ÛÂÈÚ¿ ÂÈÙ˘¯›·˜ Î·È fiÙÈ ÙÔ Ì¤ÏÏÔÓ ‰ÂÓ Â›Ó·È ‰ÈÎfi Ù˘. ∏ ·ÓËÛ˘¯›· ÙÔ˘˜ ‚·Û›˙ÂÙ·È Û Ù· ÔÏÏ¿ ‰ÔÌÈο ÚÔ‚Ï‹Ì·Ù·, ÛÙȘ ‰È·ÊÔÚ¤˜ ÌÂٷ͇ ÙˆÓ ¯ˆÚÒÓ ÌÂÏÒÓ ÙÔ˘˜ Ô˘ ηıÈÛÙÔ‡Ó ·‰‡Ó·ÙË ÙËÓ Û˘ÓÔ¯‹, Ë ·ÓÙ·ÁˆÓÈÛÙÈÎfiÙËÙ· Â›Ó·È ¯·ÌËÏ‹, ÙÔ ÎÔÈÓfi ÓfiÌÈÛÌ· ηıÒ˜ ¤¯ÂÈ ÔÏÈÙÈÎfi Î·È fi¯È ÔÈÎÔÓÔÌÈÎfi ˘fi‚·ıÚÔ Î¿ı ¿ÏÏÔ ·fi ÛÙ·ıÂÚÔÔÈËÙÈÎfi ÛÙÔÈ¯Â›Ô Â›Ó·È, Ô ÏËı˘ÛÌfi˜ ÁÂÚÓ¿, Î·È ÔÏÏ¿ ¿ÏÏ·. H ıÂÌ·ÙÔÏÔÁ›· Ù˘ ¤Î‰ÔÛ˘ ÂÚÈÏ·Ì‚¿ÓÂÈ ÌÈ· ÛÂÈÚ¿ ·fi ÂӉȷʤÚÔÓÙ· Î·È ÔÈΛϷ ¿ÚıÚ· Ô˘ ηχÙÔ˘Ó ¤Ó· ¢ڇ Ê¿ÛÌ· ıÂÌ¿ÙˆÓ Î·È ÂÚÈÏ·Ì‚¿ÓÂÈ Ù· ·ÎfiÏÔ˘ı· ¿ÚıÚ·: review process). ∏ ™˘ÓÙ·ÎÙÈ΋ ÔÌ¿‰· ÂÓı·ÚÚ‡ÓÂÈ fiÏÔ˘˜ ÙÔ˘˜ Û˘Ó·‰¤ÏÊÔ˘˜ Ó· ·ÍÈÔÔÈ‹ÛÔ˘Ó ÙȘ ‰˘Ó·ÙfiÙËÙ˜ Ù˘ ÏËÚÔÊÔÚÈ΋˜ ÛÙËÓ ¤ÓÙ˘Ë Î·È ËÏÂÎÙÚÔÓÈ΋ ÌÔÚÊ‹ Ù˘ ÁÈ· ÙË ‰È¿¯˘ÛË Ù˘ ·Ú·ÁfiÌÂÓ˘ ÁÓÒÛ˘ ·fi ÂıÓÈο Î·È ‰ÈÂıÓ‹ ÂÚ¢ÓËÙÈο ¤ÚÁ·. √ XÚ›ÛÙÔ˜ ∂ÏÏËÓ›‰Ë˜, Â›Ó·È ¢È¢ı˘ÓÙ‹˜ ÛÙË °ÂÓÈ΋ ¢È‡ı˘ÓÛË ¶ÏËÚÔÊÔÚÈ΋˜ (DIGIT) Ù˘ ∂˘Úˆ·˚΋˜ ŒÓˆÛ˘, ™ÙÔ ¿ÚıÚÔ ÙÔ˘ Ì ٛÙÏÔ “E-SIGNATURES: A EUROPEAN UNION VISION” ·ÚÔ˘ÛÈ¿˙ÂÈ ÙÔ fiÚ·Ì· Ù˘ ∂∂ Û ۯ¤ÛË Ì ÙȘ ËÏÂÎÙÚÔÓÈΤ˜ ˘ÔÁڷʤ˜ Î·È ÂÍ·ÁÁ¤ÏÏÂÈ ÙËÓ ÚfiıÂÛË Ù˘ ∂ÈÙÚÔ‹˜ Ó· ˘ÈÔıÂÙ‹ÛÂÈ ÙË Û¯ÂÙÈ΋ Ú·ÎÙÈ΋ Î·È Ó· ÂÚÁ·ÛÙ› ÁÈ· ÙËÓ Â˘Ú‡ÙÂÚË ·Ô‰Ô¯‹ Ù˘. ∏ ¤Î‰ÔÛË Û˘ÌÏËÚÒÓÂÙ·È Ì ÙË ÌfiÓÈÌË ÛÙ‹ÏË ÙÔ˘ ¢Ú·. º›ÏÈÔ˘ ¶ÂÏÂÙȤ, Ì ¤Ó· ·ÎfiÌË ·ÊȤڈ̷ ÛÙÔ˘˜ ÌÂÁ¿ÏÔ˘˜ ¿Ó‰Ú˜ Î·È ÂÓ›ÔÙ Á˘Ó·›Î˜ ÛÙÔ˘˜ ÒÌÔ˘˜ ÙˆÓ ÔÔ›ˆÓ ·Ùԇ̠ÁÈ· Ó· ÊÙ¿ÛÔ˘Ì „ËÏ¿. ∞˘Ù‹ ÙËÓ ÊÔÚ¿ Ë Î·Ù¿ıÂÛË ÙÈÌ‹˜ ·ÊÔÚ¿ ÙÔÓ Alan Mathison Turing ( 1912 -1954) ÌÈ· ¿ÎÚˆ˜ ÂӉȷʤÚÔ˘Û· Ê˘ÛÈÔÁӈ̛·. £ÂÌ·ÙÔÏÔÁ›·: √ ¡fiÙ˘ πÏÈfiÔ˘ÏÔ˜, Â›Ó·È ÂÈÎÂÊ·Ï‹˜ ÙÔ˘ ΔÌ‹Ì·ÙÔ˜ ∞ÛÊ¿ÏÂÈ·˜ ¶ÏËÚÔÊÔÚÈ΋˜ Î·È ¢ÈÎÙ‡ˆÓ, ÙÔ˘ √Ì›ÏÔ˘ ÂÙ·ÈÚÂÈÒÓ Innova, USA. ΔÔ ¿ÚıÚÔ ÙÔ˘ Ì ٛÙÏÔ “Protection of Critical Data Using Information Centric Approach” ηٷÁÚ¿ÊÂÈ ÙËÓ ·Ó¿ÁÎË ÁÈ· ÌÈ· ÎÂÓÙÚÈÎÔÔÈË̤ÓË ÛÙÚ·ÙËÁÈ΋ ·ÛÊ¿ÏÂÈ·˜ ÛÂ Â›Â‰Ô ÔÚÁ·ÓÈÛÌÔ‡. √ Prof. Emeritus Eugene Schultz Û˘ÌÌÂÙ¤¯ÂÈ Ù·ÎÙÈο ÛÙ· Û˘Ó¤‰ÚÈ· ÙÔ˘ ™˘Ó‰¤ÛÌÔ˘ ÁÈ· ÙË ∞ÛÊ¿ÏÂÈ· Ù˘ ¶ÏËÚÔÊÔÚ›·˜ Î·È ÂÚÁ·Û›Â˜ ÙÔ˘ ¤¯Ô˘Ó ÊÈÏÔÍÂÓËı› ηْ ·ӿÏË„Ë ÛÙË ¶ÏËÚÔÊÔÚÈ΋. ΔÔ ¿ÚıÚÔ ÙÔ˘ Ì ٛÙÏÔ “Myths About Password Settings and Other Nonsense: How Information Security Tortures Users in the Name of Security” Û¯ÔÏÈ¿˙ÂÈ Ì η˘ÛÙÈÎfi ÙÚfiÔ ÙȘ ÌÂıÔ‰ÔÏÔÁ›Â˜ Ô˘ ·ÍÈÔÔÈÔ‡ÓÙ·È ÁÈ· ÙË ‰È·ÌfiÚʈÛË ÎÏÂȉÈÒÓ ·ÛÊ·Ï›·˜. √ ¢Ú. ÷ڿϷÌÔ˜ μÚ·Û›‰·˜, Â›Ó·È ∂ÎÙÂÏÂÛÙÈÎfi˜ ¢È¢ı˘ÓÙ‹˜ ÙÔ˘ CARDET Î·È ∞Ó·ÏËÚˆÙ‹˜ ∫·ıËÁËÙ‹˜ ÛÙÔ ¶·ÓÂÈÛÙ‹ÌÈÔ §Â˘ÎˆÛ›·˜. ™ÙÔ ¿ÚıÚÔ ÙÔ˘ Ì ٛÙÏÔ “Teacher Use Of ICT In Cyprus Primary Schools” ∫·Ù·ı¤ÙÂÈ Ù· ·ÚÈ· ·ÔÙÂϤÛÌ·Ù· ÚfiÛÊ·Ù˘ ¤Ú¢ӷ˜ ·Ó·ÊÔÚÈο Ì ÙË ¯Ú‹ÛË ÙˆÓ Ù¯ÓÔÏÔÁÈÒÓ ÏËÚÔÊÔÚÈ΋˜ Î·È ÂÈÎÔÈÓˆÓÈÒÓ ÛÙË ‰ËÌÔÙÈ΋ Âη›‰Â˘ÛË Ù˘ ∫‡ÚÔ˘. μÈ‚ÏÈÔÁÚ·Ê›·: ETEK (2010). ∂Ù·ÈÚÈ΋ πÛÙÔÛÂÏ›‰· http://www.etek.org.cy/page.aspx?page_id=154 ∞Ó·ÎÙ‹ıËΠ05 πÔ˘Ó›Ô˘ 2010 CIA Fact Book (2010). https://www.cia.gov/library/publications/the-world-factbook/ ∞Ó·ÎÙ‹ıËΠ05 πÔ˘Ó›Ô˘ 2010 ∂˘Úˆ·˚΋ ∂ÈÙÚÔ‹ (2003). «∫·ÈÓÔÙÔÌ›· Î·È ¶ÔÏÈÙÈ΋ Ù˘ §ÈÛÛ·‚fiÓ·˜» (http://europa.eu/legislation_summaries/research_innovation/research_in_support_of_other_policies/n26021_el.htm). ∞Ó·ÎÙ‹ıËΠ05 πÔ˘Ó›Ô˘ 2010 Statistical Service of Cyprus (2009). “STATISTICAL ABSTRACT 2008” General Statistics Series I, Report No. 54, Nicosia, Cyprus ∏ ‡ÏË ÙÔ˘ ÂÚÈÔ‰ÈÎÔ‡ ÔÏÔÎÏËÚÒÓÂÙ·È Ì ÌÈ· ÂÓfiÙËÙ· ‰˘Ô Û‡ÓÙÔÌˆÓ ÎÂÈÌ¤ÓˆÓ Ì ÙÔ˘˜ ·ÎfiÏÔ˘ıÔ˘˜ Ù›ÙÏÔ˘˜ Î·È Û˘ÁÁÚ·Ê›˜ (·) “Knowledge Management in Developing and Delivering Software Products” ÙÔ˘ ∞Ó‰Ú¤· ÷Ù˙Ȉ¿ÓÓÔ˘, (‚) “How to Share Knowledge Through Product Cross-EvaluationÙ˘” Ù˘ ∫·ÙÂÚ›Ó·˜ ¡ÂÔʇÙÔ˘ Ô˘ ·ÔÙÂÏÔ‡Ó Ì¤ÚÔ˜ Ù˘ ‰È¿¯˘Û˘ Ù˘ ÁÓÒÛ˘ ·fi ÙÔ ∂˘Úˆ·˚Îfi ¶ÚfiÁÚ·ÌÌ· “Cornet Extra Project”. ™Ùfi¯Ô˜ ÙÔ˘ Û˘ÁÎÂÎÚÈ̤ÓÔ˘ ÚÔÁÚ¿ÌÌ·ÙÔ˜ Â›Ó·È Ë ‚ÂÏÙ›ˆÛË Ù˘ ·ÓÙ·ÁˆÓÈÛÙÈÎfiÙËÙ·˜ ÙˆÓ ÌÈÎÚÒÓ ÂÙ·ÈÚÂÈÒÓ ÛÙÔ ¯ÒÚÔ Ù˘ ·Ó¿Ù˘Í˘ ÏÔÁÈÛÌÈÎÔ‡. °È· ÂÚÈÛÛfiÙÂÚ· ·Ó·ÊÔÚÈο Ì ÙÔ ÚfiÁÚ·ÌÌ· ÌÔÚ›Ù ӷ ÂÈÛÎÂÊÙ›Ù ÙËÓ ÈÛÙÔÛÂÏ›‰· http://www.cornet-extra.eu/. Δ· ΛÌÂÓ· ·˘Ù¿ ‰ÂÓ ¤¯Ô˘Ó ÂÚ¿ÛÂÈ Ì¤Û· ·fi ÙËÓ ‰È·‰Èηۛ· Ù˘ ·ÍÈÔÏfiÁËÛ˘ ÙˆÓ ÔÌÔÙ›ÌˆÓ (peer www.pliroforiki.org | 7 Δ∞ ¡∂∞ ª∞™ Ο Σύνδεσμος μας το πρώτο εξάμηνο του 2010 έχει αναλάβει τη διοργάνωση και συν-διοργάνωση πολύπλευρων δραστηριοτήτων, επαγγελματικών και κοινωνικών εκδηλώσεων. ∂∫¢∏§ø™∂π™ ∂Ή‹ÏˆÛË ÁÈ· ÙËÓ ÎÔ‹ Ù˘ ‚·ÛÈÏfiÈÙÙ·˜ Ÿˆ˜ οı ÊÔÚ¿, Ô ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜ ÁÈfiÚÙ·Û ÙÔÓ ÂÚ¯ÔÌfi ÙÔ˘ Ó¤Ô˘ ¤ÙÔ˘˜ Ì ÙËÓ Î·ıÈÂڈ̤ÓË ÂΉ‹ÏˆÛË ÁÈ· ÙËÓ ÎÔ‹ Ù˘ ‚·ÛÈÏfiÈÙÙ·˜. ΔÔ ¿ÚÙ˘ Ú·ÁÌ·ÙÔÔÈ‹ıËΠÛÙȘ 20 π·ÓÔ˘·Ú›Ô˘, ÛÙËÓ ∂ÌÔÚÈ΋ ™ÙÔ¿ §Â˘ÎˆÛ›·˜ Î·È ÂÚÈÏ¿Ì‚·Ó ‰Â›ÓÔ, ÌÔ˘ÛÈ΋ Î·È ÎÏ‹ÚˆÛË Ì ÏÔ‡ÛÈ· ‰ÒÚ· ÁÈ· Ù· ̤ÏË, ÙÔ˘˜ Û˘ÓÂÚÁ¿Ù˜ Î·È ÙÔ˘˜ Ê›ÏÔ˘˜ ÙÔ˘ ™˘Ó‰¤ÛÌÔ˘. ∏̤ڷ Ù˘ °˘Ó·›Î·˜ ™Ù· Ï·›ÛÈ· ÙˆÓ ÂÔÚÙ·ÛÌÒÓ ÁÈ· ÙË ‰ÈÂıÓ‹ ∏̤ڷ Ù˘ °˘Ó·›Î·˜ (8/03/2010) Ô ™‡Ó‰ÂÛÌÔ˜ ‰ÈÔÚÁ¿ÓˆÛ ‰‡Ô ‰È·ÊÔÚÂÙÈÎÔ‡ ÂÚȯÔ̤ÓÔ˘ ÂΉËÏÒÛÂȘ: 1. ™˘Ó¤‰ÚÈÔ «Women in ICT – The Way Forward» ™Â Û˘ÓÂÚÁ·Û›· Ì ÙË ¢È‡ı˘ÓÛË Ù˘ ∂˘Úˆ·˚΋˜ ∂ÈÙÚÔ‹˜ ∫ÔÈÓˆÓ›· Ù˘ ¶ÏËÚÔÊÔÚ›·˜ Î·È ª¤ÛˆÓ (European Commission – Information Society and Media), ‰ÈÔÚÁ·ÓÒıËΠ2‹ÌÂÚÔ Û˘Ó¤‰ÚÈÔ ÁÈ· ÙÔ ˙‹ÙËÌ· Ù˘ °˘Ó·›Î·˜ ÛÙËÓ ¶ÏËÚÔÊÔÚÈ΋ Ì ¤ÌÊ·ÛË Ù· ∂˘Úˆ·˚ο ¶ÚÔÁÚ¿ÌÌ·Ù·. ΔËÓ ¤Ó·ÚÍË ÙÔ˘ Û˘Ó‰ڛԢ Ú·ÁÌ·ÙÔÔ›ËÛ Ì ÂÈÛ·ÁˆÁÈ΋ ÔÌÈÏ›· Ô ∫˘‚ÂÚÓËÙÈÎfi˜ ∂ÎÚfiÛˆÔ˜ Ù˘ ∫‡ÚÔ˘ ÎÔ˜ ™Ù¤Ê·ÓÔ˜ ™ÙÂÊ¿ÓÔ˘. 8 | www.pliroforiki.org 2. ¢È¿ÏÂÍË ™Ù¤Ê·Ó˘ ™ÔψÌÔÓ›‰Ô˘ ΔÔ CCS ÛÙ‹ÚÈÍ ¤ÌÚ·ÎÙ· ÙËÓ ÚÔÛ¿ıÂÈ· Ù˘ ÚÒÙ˘ ∫‡ÚÈ·˜ Ô˘ ¤ÊÙ·Û ÛÙÔ ¡fiÙÈÔ ¶fiÏÔ ™Ù¤Ê·Ó˘ ™ÔψÌÔÓ›‰Ô˘ Î·È ¤ÙÛÈ ÌÂÙ¿ ÙÔ Ù¤ÏÔ˜ Ù˘ ·ÔÛÙÔÏ‹˜ Ù˘ ‰ÈÔÚÁ¿ÓˆÛ ‰È¿ÏÂÍË fiÔ˘ Ë ›‰È· ÂÚ›ÁÚ·„ ÙȘ ÂÌÂÈڛ˜ Ù˘ ÛÙÔ ÎÔÈÓfi. ¶¤Ú·Ó ·fi 200 ·Ú¢ÚÈÛÎfiÌÂÓÔÈ ·Ú·ÎÔÏÔ‡ıËÛ·Ó Ì ÌÂÁ¿ÏÔ ÂӉȷʤÚÔÓ ÌÈ· Ôχ ˙ˆÓÙ·Ó‹ ·ÚÔ˘Û›·ÛË Ì ÔÙÈÎÔ·ÎÔ˘ÛÙÈÎfi ˘ÏÈÎfi Î·È ÌfiÚÂÛ·Ó Ó· ÂÎÙÈÌ‹ÛÔ˘Ó ÙËÓ ÙÂÚ¿ÛÙÈ· ÚÔÛ¿ıÂÈ· ÙˆÓ Á˘Ó·ÈÎÒÓ Ô˘ ‰È¤Ó˘Û·Ó ÂηÙÔÓÙ¿‰Â˜ ¯ÈÏÈfiÌÂÙÚ· Û ·ÓÙ›ÍÔ˜ Û˘Óı‹Î˜ ÛÙËÓ ∞ÓÙ·ÚÎÙÈ΋ ÁÈ· Ó· ÊÙ¿ÛÔ˘Ó ÙÔ ¢ÂΤ̂ÚÈÔ ÙÔ˘ 2009 ÛÙÔ ÁˆÁÚ·ÊÈÎfi ¡fiÙÈÔ ¶fiÏÔ. ECDL ™˘ÌÌÂÙÔ¯‹ ÛÙËÓ ∂Î·È‰Â˘ÙÈ΋ ŒÎıÂÛË 2010 ΔÔ ECDL ∫‡ÚÔ˘ Ô˘ ·ÓÙÈÚÔۈ‡ÂÙ·È ·fi ÙÔÓ ∫˘ÚÈ·Îfi ™‡Ó‰ÂÛÌÔ ¶ÏËÚÔÊÔÚÈ΋˜, Û˘ÌÌÂÙ›¯Â ÛÙËÓ ∂Î·È‰Â˘ÙÈ΋ ŒÎıÂÛË Ô˘ Ú·ÁÌ·ÙÔÔÈ‹ıËΠÛÙÔ˘˜ ¯ÒÚÔ˘˜ Ù˘ ∫Ú·ÙÈ΋˜ ŒÎıÂÛ˘ ∫‡ÚÔ˘ ÙÔÓ ºÂ‚ÚÔ˘¿ÚÈÔ 2010. ΔÔ ÂÚ›ÙÂÚÔ ÙÔ˘ ECDL ÓÙ‡ıËΠ̠ٷ ÏÔÁfiÙ˘· Î·È Ù· ¯ÚÒÌ·Ù· ÙÔ˘ ÔÚÁ·ÓÈÛÌÔ‡ ÁÈ· Ó· ˘Ô‰Â¯Ù› ¯ÈÏÈ¿‰Â˜ Ì·ıËÙ¤˜ Ô˘ ÂÈÛΤÊÙËÎ·Ó ÙËÓ ŒÎıÂÛË. ∫·Ù¿ ÙË ‰È¿ÚÎÂÈ· Ù˘ ŒÎıÂÛ˘ ÔÈ Ó·ÚÔ› ›¯·Ó ÙËÓ Â˘Î·ÈÚ›· Ó· Û˘ÌÌÂÙ¤¯Ô˘Ó ÛÙÔÓ ÚˆÙfiÙ˘Ô ‰È·ÁˆÓÈÛÌfi ÌÂ Û˘ÌÏ‹ÚˆÛË ÂÓfi˜ ÛÙ·˘ÚÔϤÍÔ˘ Î·È Ó· ÎÂÚ‰›ÛÔ˘Ó ÏÔ‡ÛÈ· ‰ÒÚ· Ù¯ÓÔÏÔÁ›·˜. ∂ÈϤÔÓ, Û fiÏÔ˘˜ ÙÔ˘˜ ÂÈÛΤÙ˜ ‰fiıËÎ·Ó ·Ó·ÌÓËÛÙÈο ‰ˆÚ¿ÎÈ· ·fi ÙÔ ECDL Î·È ÙÔ CCS. ™À¡∂ƒ°∞™π∂™ ∏̤ڷ ηÚȤڷ˜ ΔÔ ΔÌ‹Ì· ¶ÏËÚÔÊÔÚÈ΋˜ ÙÔ˘ ¶·ÓÂÈÛÙËÌ›Ô˘ ∫‡ÚÔ˘ ‰ÈÔÚÁ¿ÓˆÛ ∏̤ڷ ηÚȤڷ˜ ÁÈ· Ì·ıËÙ¤˜ Ï˘Î›Ԣ Ô˘ ÂӉȷʤÚÔÓÙ·È Ó· ·ÎÔÏÔ˘ı‹ÛÔ˘Ó ÙÔ Â¿ÁÁÂÏÌ· Ù˘ ¶ÏËÚÔÊÔÚÈ΋˜. ΔÔ CCS ˘ÔÛÙ‹ÚÈÍ ·˘Ù‹ ÙËÓ ÚÔÛ¿ıÂÈ·, ·Ú·ı¤ÙÔÓÙ·˜ ‰È¿ÏÂÍË ÛÙÔ˘˜ Ì·ıËÙ¤˜ Î·È ÚÔÛʤÚÔÓÙ·˜ ‰ÒÚ· Î·È ÂÓËÌÂÚˆÙÈÎfi ˘ÏÈÎfi Û fiÏÔ˘˜ ÙÔ˘˜ Û˘ÌÌÂÙ¤¯ÔÓÙ˜. www.pliroforiki.org | 9 E-Skills Week ΔÔÓ ÂÚ·Ṳ̂ÓÔ ª¿ÚÙÈÔ, Ì·˙› Ì ÙÔÓ ¶·Á·ÚÈÔ ™‡Ó‰ÂÛÌÔ ∂ȯÂÈÚ‹ÛÂˆÓ ¶ÏËÚÔÊÔÚÈ΋˜ (CITEA) ÙÔ CCS Û˘ÌÌÂÙ›¯Â ÛÙÔ ∂˘Úˆ·˚Îfi ¤ÚÁÔ «E-Skills Week 2010» Ì ÛÙfi¯Ô ÙËÓ ÚÔÒıËÛË ÙˆÓ „ËÊÈ·ÎÒÓ ‰ÂÍÈÔÙ‹ÙˆÓ ÛÙÔ˘˜ Ó¤Ô˘˜. ΔÔ ¤ÚÁÔ ÂÚÈÏ¿Ì‚·Ó ÙË ‰ÈÔÚÁ¿ÓˆÛË Î·È ÂÎÙ¤ÏÂÛË ÔÈÎ›ÏˆÓ ‰Ú¿ÛÂˆÓ Î·È ‰Ú·ÛÙËÚÈÔÙ‹ÙˆÓ fiˆ˜ Û˘ÌÌÂÙÔ¯‹ ÛÙËÓ ∂Î·È‰Â˘ÙÈ΋ ŒÎıÂÛË, ¤Î‰ÔÛË ÂÓËÌÂÚˆÙÈÎÔ‡ Ê˘ÏÏ·‰›Ô˘ ÁÈ· top ·ÁÁ¤ÏÌ·Ù· ÏËÚÔÊÔÚÈ΋˜, ™˘˙‹ÙËÛË ™ÙÚÔÁÁ˘Ï‹˜ ΔÚ·¤˙˘ Ì ı¤Ì· ÙËÓ Î·ÙÔ¯‡ÚˆÛË ÙÔ˘ ·ÁÁ¤ÏÌ·ÙÔ˜, ËÌÂÚ›‰Â˜ ηÚȤڷ˜ Û ¶·ÓÂÈÛÙ‹ÌÈ· Î·È ÂÚÈԉ›· Ì ÙÔ Virtual Bus Û ¯ˆÚÈ¿ Ù˘ ∫‡ÚÔ˘. §ÔÁÈ·›ÁÓÈÔÓ °È· ‰Â‡ÙÂÚË Û˘Ó¯fiÌÂÓË ¯ÚÔÓÈ¿ Ú·ÁÌ·ÙÔÔÈ‹ıËÎÂ Ô ‰È·ÁˆÓÈÛÌfi˜ ·È¯ÓȉÈÒÓ ÁÈ· ËÏÂÎÙÚÔÓÈÎÔ‡˜ ˘ÔÏÔÁÈÛÙ¤˜ «§ÔÁÈ·›ÁÓÈÔÓ» ÁÈ· Ì·ıËÙ¤˜ Î·È ÊÔÈÙËÙ¤˜ ·fi ÙÔ ΔÌ‹Ì· ¶ÏËÚÔÊÔÚÈ΋˜ ÙÔ˘ ¶·ÓÂÈÛÙËÌ›Ô˘ ∫‡ÚÔ˘ fiÔ˘ ‹Ù·Ó Û˘Ó‰ÈÔÚÁ·ÓˆÙ‹˜ ÙÔ CCS Î·È ¯ÔÚËÁfi˜ ÙÔ ECDL. ™ÙÔ ‰È·ÁˆÓÈÛÌfi Û˘ÌÌÂÙ›¯·Ó ÂηÙÔÓÙ¿‰Â˜ Ó·ÚÔ› Î·È ÂÈ‚Ú·‚‡ÙËÎ·Ó ÔÈ Î·Ï‡ÙÂÚÔÈ ÛÙËÓ ÙÂÏÂÙ‹ Ï‹Í˘ Ô˘ Ú·ÁÌ·ÙÔÔÈ‹ıËΠÙÔÓ ∞Ú›ÏÈÔ ÛÙÔ ¶·ÓÂÈÛÙ‹ÌÈÔ ∫‡ÚÔ˘. √ ¶Úfi‰ÚÔ˜ ÙÔ˘ CCS ÎÔ˜ ∫ÒÛÙ·˜ ∞ÁÚfiÙ˘ ·Ú¤‰ˆÛ ٷ ¤·ıÏ· –¯ÚËÌ·ÙÈο ÔÛ¿ ·fi ÙÔ ECDL- ÛÙȘ ÓÈ΋ÙÚȘ ÔÌ¿‰Â˜. ∞§§∞°E™ ™Δ∞ ™Δ√πÃ∂I∞ ∂¶π∫√π¡ø¡I∞™ ™∞™; ∂¡∏ª∂ƒø™Δ∂ ª∞™! °È· Ó· ÂÍ·ÎÔÏÔ˘ı›Ù ӷ Ï·Ì‚¿ÓÂÙ ÙÔ ÂÚÈÔ‰ÈÎfi ¶ÏËÚÔÊÔÚÈ΋ Î·È ¿ÏϘ ÏËÚÔÊÔڛ˜ ÙÔ˘ ∫˘.™˘.¶. ·Ú·Î·ÏÒ ÂÓËÌÂÚÒÛÙ ̷˜ ÁÈ· Ù˘¯fiÓ ·ÏÏ·Á¤˜ ÛÙË ‰È‡ı˘ÓÛË, ÙËϤʈÓÔ Î·È ËÏÂÎÙÚÔÓÈ΋ ‰È‡ı˘ÓÛË Û·˜. CHANGE OF YOUR CONTACT DETAILS? LET US KNOW! To make sure you continue receive Pliroforiki Magazine and other CCS information, please inform us of any changes in your address, telephone and email. 10 | www.pliroforiki.org E-SIGNATURES: A EUROPEAN UNION VISION Christos Ellinides The need to rely on a document's authenticity (origin and integrity) is stronger than ever in today’s electronic business environment. Electronic signature capabilities enable information systems to deliver important documents and information inside and outside an organization with added assurances that the information arrives exactly as it was intended, with certification of its origin. An electronic signature simplifies business processes, cuts delays, risks of fraud and physical document handling costs. For this purpose, and thanks to a rich palette of supporting technologies available in today's market, businesses and administrations adopt electronic signature solutions in their operational environment. The European Commission is committed to pursue the adoption of eSignatures, internally within the organisation, and to lead by example on the road towards an open and transparent eGovernment. www.pliroforiki.org | 11 WHAT IS AN ELECTRONIC SIGNATURE? An electronic signature simplifies business processes, cuts delays, risks of fraud and physical document handling costs. For this purpose, and thanks to a rich palette of supporting technologies available in today's market, businesses and administrations adopt electronic signature solutions in their operational environment. A handwritten signature gives legal value to a paper document as a means to ensure the identity of the signatory, the authenticity of the document, and to prevent the signatory from denying later having signed the document. An electronic signature gives the same legal value to an electronic document. An electronic signature is data in electronic form logically associated with other electronic data serving as a method of authentication. A simple electronic signature may thus be a name at the bottom of an e-mail. By contrast, an advanced electronic signature is strongly linked to the signatory and guarantees the integrity of the signed document, even long time after the signature. If any bit of the signed document is changed, the advanced signature breaks like a seal. The only existing technology able to produce electronic signatures matching this definition today is called public key infrastructure or PKI because it is based on public key cryptography. Advanced electronic signatures work in four essential steps: 1. An "electronic identity" or eID i.e. a public digital certificate associated to a private key is issued to the signer. 2. The signer creates a signature with his/her private key. 3. The relying party verifies the signature with validation software. 4. The signature may be extended to ensure the protection of validating evidence for use even after a long period of time. 12 | www.pliroforiki.org The fact that advanced electronic signatures use cryptography, could mislead some to believe that signing a document leads to its encryption with the signer's private key. This is indeed false, as a signed document is not encrypted, anyone can still read it. A signed document may additionally be encrypted if needed, but this is another process that has nothing to do with its signature. Encryption is actually another application of public key cryptography which ensures confidentiality between a sender and a receiver by encrypting the document with its receiver's public key. A signed electronic document comes instead in clear text, along with a signature as accompanying metadata; it is signed by the signer's private key. Signing is therefore not encrypting. Nevertheless, both applications rely on the same PKI principle of disclosing, for example in the organisation's directory, a digital certificate associating its owner's identity information to a "public" key, while a mathematically corresponding private key is kept as a secret by the owner. In a signature key pair, the private key signs and the public key verifies the signature. Conversely, in an encryption key pair the public key encrypts, and the private key decrypts. We do not need to examine here the maths behind the generation of such public/private key pairs, nor the inner processes of encryption/decryption or signature/verification. A wide range of specialised products is available today, which encapsulate the corresponding cryptographic processes in dedicated software libraries, services and equipment for integration in applications. Measures taken to guarantee the authenticity of the certificate information and the exclusive control of the corresponding signing key by its legitimate owner typically vary from one organisation to another. Indeed, these measures reflect the specific risks and trust model prevailing in the organisation's activity sector and legal context, as embodied in its Public Key Infrastructure. In accordance with the European Union (EU) Directive on e-signature [1], one cannot deny the legal effect of any signature just because it is electronic. Furthermore, legal equivalence with a handwritten signature is to be presumed for an advanced e-signature if the private key and corresponding certificate abide by additional rules. These rules are set in the Directive [2] in the form of definitions for qualified certificates, and secure signature-creation devices. Advanced esignatures based on a qualified certificate and created with a secure-signature creation device are thus by definition legally equivalent to handwritten signatures all across EU member states. Such signatures are usually called qualified e signatures. SUCCESS OF PKI PKI, the technology behind advanced electronic signatures was instigated some 30 years ago! The hype surrounding it in the late 1990's resulted into a negative perception: PKI ended up appearing too complex, not integrated into applications, facing an issue with smartcard readers, too expensive, and not really needed. Nevertheless, it is now enjoying a slow but sure recovery from this "trough of disillusionment", as per Gartner's coined term, which is typical of new technologies. Truly, deployments of national electronic identity cards (eID) benefit from economies of scale. Governments deliver eIDs, health cards, government employee cards, and driver licences. All EU member states have plans for citizen eID; these are already deployed in Belgium, Estonia, Italy and Austria, just like in Australia and Asia. In the short term, a theoretical potential of 95% of EU population will be covered by an eID scheme. International initiatives like ICAO-conformant electronic passport, digital tachograph, and eID harmonization address cross-border deployments. The requirements for qualified signatures eliminate a number of implementation choices compared to advanced signatures. Using today's technology, they mandate for instance the reliance on a secure smartcard at the exclusion of any other type of private key. This contrasts with the multiple possible implementations variants for "non-qualified advanced signatures" as these may be using regular smartcards, but also USB sticks, server signing controlled via one-time-passwords on SMS, tokens or even less securely protected "software" certificates. The certificate issuance process is likewise specifically constrained for qualified certificates, e.g. requiring a face-to-face encounter of the applicant with a representative of the registration authority. The Directive declares this set of additional measures necessary and sufficient to ensure legal presumption of equivalence of such electronic signatures with handwritten signatures all throughout EU. While the requirements for qualified signatures are accepted in EU to provide a very high degree of security for natural persons in a general and open context, this does not mean that an advanced signature which is not qualified cannot be secure enough against the risks of a specific application domain and the business context of the given deploying organisation. However, an interesting aspect of the qualified signature definition is that it provides a standard level of trust across EU, therefore a sound legal and technical basis for interoperable signatures, across applications, but also across EU borders. PKI complexity is being taken away from many business and corporate authentication and e-signature projects as they pick up on National eID schemes, and benefit from a wide offer for outsourcing the implementation of new applications. Software editors like Adobe or Microsoft integrate now this technology in their applications to secure electronic documents. Smartcard readers benefit from more standards and off the shelf support and eID schemes will drive suppliers towards interoperable smartcard solutions. With the legal framework mandated by the EU Directive, existing and future legislation will drive the adoption of PKI and advanced signature in Europe. Governments therefore find themselves in the driver's seat. INTEROPERABLE ELECTRONIC SIGNATURES Electronic signature is a key enabler for a trusted information society, conditioning the advent of e-government, and an efficient Single Market. Through the 1999 Directive the European Commission provided a common legal framework, and made provision for the designation of a list [3] of generally recognised standards for electronic-signature products. European Standardisation Organisations (ESOs) like CEN and ETSI provided such standards. As discussed above, technical solutions are now deployed in various countries. However, these solutions generally fail to support cross-border interoperability. Indeed, the business case www.pliroforiki.org | 13 for interoperable eSignatures is often unclear at the level of a single application, and a number of legal, technical or organisational issues make these hard to deploy. To address these issues and give a new political impetus to interoperable electronic signature and eID, the Commission adopted an action plan in November 2008 [4], with an explicit goal of facilitating the provision of cross-border public services in the Single Market. One of the flagship actions of this plan mandates ESOs to rationalise the eSignature standardisation framework to make related standards more open and inclusive, presented in comprehensive but user-friendly documentation, oriented on business practices, and adequately promoted and maintained. Another flagship action aims at the publication of a "Trusted list" of qualified certificate providers to facilitate the practical recognition of signatures based on these certificates across borders. Other actions concern eSignature format, minimum requirements for the supervision of qualified certificate providers by member states, and eID interoperability. Studies on crossborder interoperability of eSignatures, mutual recognition of eSignatures for eGovernment applications, on a European federated validation service and on eID solutions in member states are included in this action plan of the European Commission. ESIGNATURE FOR AN ECOMMISSION As a public administration, the European Commission (EC) is also working on its own internal project to facilitate the introduction of electronic signatures in its own internal and external exchanges. This project is called “Electronic Signature Service Infrastructure” (ESSI) and constitutes a key requirement for the dematerialisation of its processes. 14 | www.pliroforiki.org Within the framework of the eCommission strategy [5] in 2005, the Commission confirmed the need to rely on electronic documents authenticity and to guarantee the same level of security and access control as for physical documents. Moreover, the Commission's own provisions on electronic and digitised documents [6] and Implementing Rules [7] determine the conditions of validity of electronic and digitised documents and define the framework of the electronic signature at the Commission. The Commission declared recently in the Digital Agenda [8] that it will "lead by example on open and transparent eGovernment by creating in 2010 and implementing an ambitious eCommission 2011-2015 action plan including full electronic procurement". The Commission thus adopts e-Signature for efficiency as well as political reasons. The Commission will implement eSignature both internally and with its external partners. While only a few isolated ad-hoc initiatives were deployed until now, a Commission-wide eSignature infrastructure is now being progressively deployed with the ESSI project, to enable the systematic integration of eSignature into the Commission's information systems and processes. It is based on the legal framework mentioned above and on an in-depth requirements study including usability and interoperability across applications but also across borders. ESSI therefore supports qualified as well as advanced (and simple) eSignatures. ESSI considers the following two elements as independent deliverables for organisational purposes: - a public key infrastructure (PKI) service that issues, delivers and manages the certificates, and - an application platform that supports the actual eSignature creation and verification. Regarding the PKI, an ad-hoc study showed that the most efficient solution for EC to provide qualified certificates for its staff is to limit its own role to that of a local registration authority in a scheme where qualified certificates are actually bought from an existing qualified certification service provider that will be contracted at EC level. Regarding the application platform, a market solution based on interoperability standards is being deployed. A first real-life application integrating this solution and service was deployed within the context of the implementation of the Service Directive. Since January 2010, this application enables the Commission for the first time ever to guarantee the authenticity of information published on the Europa web site via the use of an electronic signature. Conformance to the European standards of this particularly visible signature was confirmed by ETSI. CONCLUSION In conclusion, the need to rely on a document's authenticity (origin and integrity) is stronger than ever in today’s electronic business environment. Electronic signature capabilities enable information systems to deliver important documents and information inside and outside an organization with added assurances that the information arrives exactly as it was intended, with certification of its origin. Electronic signatures also increase the signatory's control of his/her electronic transactions with an information system, thus raise the trust that the organisation has in the corresponding process. The European Commission is committed to pursue the adoption of eSignatures, internally within the organisation, and to lead by example on the road towards an open and transparent eGovernment. The ESSI application platform offers signature creation, validation and extension services including trusted time-stamping to EC applications for standard Directive-conformant and interoperable signature formats. It is technically agnostic to the origin of certificates used for signing, i.e. to the particular authorities and PKI managing them, leaving it to each application to constrain these as desired by a signature or validation policy of its choice. REFERENCES 1. Directive of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures http://eurlex.europa.eu/LexUriServ/site/en/oj/2000/l_013/l_01320000 119en00120020.pdf 2. See Annexes I, II and III of the Directive 3. http://eurlex.europa.eu/LexUriServ/site/en/oj/2003/l_175/l_17520030 715en00450046.pdf on the publication of reference numbers of generally recognised standards for electronic signature products in accordance with Directive 1999/93/EC. 4. Action Plan on e-signatures and e-identification to facilitate the provision of cross border public services in the Single Market http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2008:07 98:FIN:EN:PDF 5. Section 3.1 "e-Commission 2006-2010: enabling efficiency and transparency" http://www.cc.cec/home/dgserv/digit/ict_strategy/e_comm/ docs/doc/eComm-2006-2010_CS_EN_V414_PostCIS.pdf 6. Commission decision of 7 July 2004 amending its Rules of Procedures http://eurlex.europa.eu/LexUriServ/site/en/oj/2004/l_251/l_25120040 727en00090013.pdf 7. Implementing rules for the provisions on electronic and digitised documents http://www.cc.cec/sg_vista/cgi-bin/repository/getdoc/COMM_PDF_SEC_2005_1578_1_EN.pdf 8. "A Digital Agenda for Europe", http://ec.europa.eu/information_society/digital-agenda/documents/digital-agenda-communication-en.pdf , 19 May 2010. www.pliroforiki.org | 15 AUTHOR Christos Ellinides is currently responsible for the provision of high quality corporate I.T. support services, infrastructure solutions, I.T. training, and corporate infrastructure solutions for information systems to the European Commission, and whenever pertinent to other European Institutions and Members States. He has delivered lectures and presentations on I.T. and Business matters on a pan-European level and is an active member in several I.T. and Management professional bodies. He has been a director and board member in a number of organisations with substantial international exposure. Previous to his current position, Mr. Ellinides held a number of posts in the I.T. industry including the functions of CIO and CEO in a variety of business industries located mainly in Cyprus and Greece. À¶√μA§∂Δ∂ Δ√ Aƒ£ƒ√ ™∞™ ™Δ∏¡ ¶§∏ƒ√º√ƒπ∫H! √ ∫˘.™˘.¶. ηÏ› Ù· ̤ÏË ÙÔ˘ Î·È ¿ÏÏÔ˘˜ ·ÁÁÂÏ̷ٛ˜, ÂȯÂÈÚË̷ٛ˜, ÂÚ¢ÓËÙ¤˜ Î·È ·Î·‰ËÌ·˚ÎÔ‡˜ ÙÔ˘ ÎÏ¿‰Ô˘ ¶ÏËÚÔÊÔÚÈ΋˜ Ó· ˘Ô‚¿ÏÔ˘Ó Ù· ¿ÚıÚ· ÙÔ˘˜ ÁÈ· Ù· ÂfiÌÂÓ· Ù‡¯Ë ÙÔ˘ ÂÚÈÔ‰ÈÎÔ‡! Δ· ¿ÚıÚ· ÌÔÚÔ‡Ó Ó· ·Ó·Ê¤ÚÔÓÙ·È Û ÔÔÈ·‰‹ÔÙÂ Ù˘¯‹ ÙÔ˘ ÙÔ̤· Ù˘ ¶ÏËÚÔÊÔÚÈ΋˜, Î·È Ó· ˘Ô‚¿ÏÏÔÓÙ·È ÛÂ Û˘Ó¯‹ ‚¿ÛË ÛÙË Û˘ÓÙ·ÎÙÈ΋ ÂÈÙÚÔ‹ Ë ÔÔ›· ı· ÂÓËÌÂÚÒÛÂÈ ÁÈ· ÙËÓ ·Ú·Ï·‚‹ ÙÔ˘ ÎÂÈ̤ÓÔ˘ ηıÒ˜ Î·È ÁÈ· ÙËÓ ·Ô‰Ô¯‹ (‹ ·fiÚÚÈ„Ë) ÙÔ˘ ÎÂÈ̤ÓÔ˘ Î·È ÙÔ ÚÔ‚ÏÂfiÌÂÓÔ ¯ÚfiÓÔ ‰ËÌÔÛ›Â˘Û˘. ¶·Ú·Î·ÏÒ ÂϤÁÍÙ ÙȘ Û¯ÂÙÈΤ˜ ÏÂÙÔ̤ÚÂȘ Î·È Ô‰ËÁ›Â˜ ̤ۈ Ù˘ ÈÛÙÔÛÂÏ›‰·˜ Ì·˜ www.pliroforiki.org Î·È ˘Ô‚¿ÏÂÙ ٷ ΛÌÂÓ¿ Û·˜ ̤ۈ ËÏÂÎÙÚÔÓÈÎÔ‡ Ù·¯˘‰ÚÔÌ›Ԣ ÛÙË ‰È‡ı˘ÓÛË [email protected] . SUBMIT YOUR ARTICLE AT PLIROFORIKI! The CCS invites articles from CCS Members, other IT and business Professionals, researchers, academics and the IT Industry for the next issues! Articles and papers may deal on any aspect of Information Technology and submitted on a continuous basis to the editorial committee who will acknowledge receipt of the paper or article and notify the author(s) about the acceptance (or rejection) of the paper and the planned publication time. Please review the details and instructions through our website www.pliroforiki.org and submit your articles/papers via email to [email protected] . 16 | www.pliroforiki.org PROTECTION OF CRITICAL DATA USING INFORMATION CENTRIC APPROACH Notis Iliopoulos Technology and business models are changing and the main focus is openness, collaboration and convergence of technologies. This new ecosystem brings new threats regarding information security. All these threats targeting critical corporate information and not the underline technology which host the information. In order to protect critical information there is a need for a information centric approach regarding information security. A first step towards the adoption of the information centric approach is the effective implementation of a Data Protection Strategy. The article proposes a data protection strategy and outlines the steps towards the effective implementation of the strategy. www.pliroforiki.org | 21 Always have on mind that you cannot implement everything at once. This is why you need a plan, you need to set your priorities, and you need to know where to begin. THE NEW PLAYGROUND While technology and business models change the way we work, perimeters, borders, or boundaries may be shrinking or maybe still exist, but they traverse across traditional borders of enterprises and systems. This new business / technology ecosystem, reflects the loss of the traditional shape of enclosing an entity with traditional forms, such as the enterprise perimeter, or host platform system. Instead, this shapeless perimeter surrounds the information, from wherever it is to wherever it is going. Add to this the ever-changing mix of customers, business partners and suppliers and the fact that at any given time an organization can have all of these relationships with another organization, leaves us with the inescapable conclusion that it is the information that needs protection, not just the infrastructure that houses and transports the information throughout its lifecycle. In this new Corporate reality we need to emphasize on the power of the end user. Since the traditional perimeter does not exist and the intellectual property of the Company is digitalized, it’s relatively easy to gain access to product plans, marketing strategies, business processes, and technology innovations. Furthermore it’s also easy to share Corporate intellectual, assets since technology makes it easy. Technology advancements for the next years also include applications with social collaboration features (partners, customers). As a consequence, Corporate competitive advantage could be on your screen everywhere you are. NEW THREATS AND CHALLENGES FOR INFORMATION SECURITY A number of new threats and challenges regarding information security have been introduced, due to the adoption of new technology and business models, which require openness and collaboration. The following are considered as the most important sources of threats: o Mobility and Convergence of technologies. o Leakage of critical Corporate information. o Computer crime and Electronic fraud. o Software Applications Security. o Legal and Regulatory requirements. o Personal Data Handling by third parties. o Critical Infrastructure dependency on technology. o Virtualization. All of the above are also “side effects” of the new systems and software development technologies, which are widespread in order to support the new technology and business models. These new technologies are developed without having adopted information security principles. Furthermore, their early wide spread adoption can result in serious data leakages. Examples of such technologies are the following: o Virtualization and fabric computing. o Social networks and social software. o Cloud computing and cloud platforms. o Web mashups. o Augmented reality. o Contextual computing. o Semantics. The combination of new business requirements and the technology used in order to implement them, posses new data 22 | www.pliroforiki.org protection challenges which are summarized in the following bullet points: o Need to protect shared infrastructure and data in the extended ecosystem. Ex: Tighter integration with suppliers/customers. o Distributed data makes data discovery, protection and disposal difficult. o Globally distributed operations means distributed threats. o Multiple communication channels such as email, IM, Web, Voice, Video pose unique mitigation challenges. o Technologies such as Web 2.0 pose unique challenges of integration and control. Step 1: Risk Assessment o Identification of existing counter-measures. DATA PROTECTION STRATEGY o Identify business processes that create high risks of critical information loss. o Risk estimation and determination of acceptable level of risk. o Determination of required counter-measures. In order to protect critical intellectual assets (usually called information) there is a need to adopt a specific data protection strategy. The proposed strategy is comprised by the following steps: o Risk Assessment – Protection of Confidential Information. o Identification and Classification of Critical information. o Development of information protection policies and procedures. o Deploy technologies that enable policy compliance and automatic enforcement. o Communicate with and educate stakeholders to create a compliance culture. o Integrate information protection practices into businesses processes. o Continues audit to ensure that the information protection procedures and practices adopted by the organization are being implemented consistently and effectively. As in every information security initiative, risk assessment is the first step. In this case it’s targeting critical data and the required outcome of the risk assessment process is to define specific strategy with specific Protection Requirements and Priorities towards the execution of the strategy. In order to meet the expected results the risk assessment process should be comprised by the following activities: o Identification of critical information. As an outcome the following should be among the expected deliverables or the risk assessment process: o Identification of critical information. o Access privileges to critical information. o Internal flow of information. o Flow of critical information to third parties. o Risks and countermeasures for critical data. www.pliroforiki.org | 23 Step 2: Identification and Classification of Critical information During that step, it is expected to really focus on the information considered as Critical for the Organization. The first activity will be to adopt and start using a specific Classification and Management scheme. The particular scheme will provide the guidelines on the Classification usage and the process to be followed in order to classify the critical data. Furthermore, for each level of the scheme in use (e.g. top secret, confidential, public) will be specific guidelines concerning the handling, sharing and disposal of the information. Information ownership scheme is another important issue of the process. This is because the owner of the information is the one to decide upon the classification level of the information. Usually, information owners are the heads of the business units of the Organization and not the technical managers. Further to the adoption of a classification scheme, it is very important to establish specific Protection requirements for each information classification level. This will indicate the level of protection should be maintained. Enforcement of the whole process requires specific Responsibilities for Management and Employees. Those responsibilities need to be documented and become part of employee’s job profiles. Each critical data classification category requires different management processes. These processes – requirements is recommended to be documented and become part of the Organization’s Information Security Management System. The classification process it self, need to be enforced not only through a policy, but through a procedure that will guide the Organization. The procedure should also define the requirements as well as the time interval of it’s execution. Step 4: Deployment of policy compliance and enforcement technologies In order to maximize the effectiveness of the critical data protection strategy, we could adopt technology advancements in the areas of policy compliance and enforcement. As far as the critical data policy enforcement concerns, we should look for technology capable of performing the following: o Transparent operation for the end user. Another important issue is the adoption of Information exchange requirements. Since openness and tele-working are becoming commodity, same holds for specific requirements regarding the exchange of critical data. o Policy enforcement. o Monitoring of information usage and end user behavior. o Capable to protect critical information at the end point, network and storage level. One last important point for information classification is that the process as well as the protection and exchange requirements is not an once off process. It is a repeatable process in order to keep up to date with the various types of information that flows o Enforce access control policies. in and out of the Organization, and the classification of them. Step 3: Development of protection policies and procedures Having assess the risk and classify the critical information, it Is time to document the appropriate policies in order to enforce the classification process as well as the critical information protection and exchange requirements. Primarily it is recommended to begin with the documentation of the Information Classification Policy adopted in the previous step. The policy will set the requirements regarding when and by whom the classification will take place. Following the policy, the specific Protection controls for each classification category should be documented as well. 24 | www.pliroforiki.org Regarding Compliance monitoring, the technology should automate the process of auditing against policy conformance. In order to achieve that, the technology should supports the following points: o Map policy and compliance requirements, transform them to management and technical requirements. o Configuration analysis for the systems with critical data. o Self assessment tool. Step 5: Communicate with and educate stakeholders Step 7: Continues Audit and Conformance assessment Technology is not 100% effective, so if we really want to strengthen the protection of our critical information, we should rely on people who are using them. The effective implementation as well as the adequacy of the strategy should be audited. People can be transformed to the most effective security control, but in order to do so we need to educate them. The target is to create corporate culture for critical data protection. One important audit point is the assessment of existing protection controls adequacy. The controls identified should be assessed for effectiveness and conformance with policy and procedures for critical data protection. Furthermore, we need to communicate the corporate procedures, roles and responsibilities relevant to critical data. Emphasis should be given to compliance requirements related to critical data. We can also use automated compliance assessment tools, but we need to primarily specify the audit process as well as the audit points. Training is also a tool towards the protection of critical data. Training should focus on relevant procedures, protection controls, classification process, audit process and requirements, monitoring and protection tools, regulatory requirements. KEEPIT WORKING … Step 6: Integrate information protection practices into businesses processes Information protection should be an integral process to the way the organization operates and does business. As first step to provide value to the business is to identify the key business processes where information is at risk. This is where you should focus on the beginning of the critical data strategy implementation. This is where should make use of technical controls to control the use and flow of critical information. In addition to that monitoring technologies could be used to ensure automated integration of information protection procedures into the work flows involving electronically stored or transmitted data. Successful critical data protection is about having a strategy and effectively implementing it. So, do adopt a critical data protection strategy and implement it. Not necessarily a perfect one, since there not a perfect one. Establish a strategy good enough for your security needs. At a first place we need to adopt an Information centric approach and decision-making, meaning that we follow and protect the information and not the underline infrastructure where the information lives in. Another important issue is to always have on mind that you cannot implement everything at once. This is why you need a plan, you need to set your priorities, and you need to know where to begin. The strategy should be audited. Continues follow up and audit is among the most important tools to effective implementing your strategy. The automation of policy enforcement & conformance monitoring is a nice tool to have. Be careful there, set your requirements before you invite the vendors. Don’t you ever forget that Information Security is a Management tool aiming to support Corporate Objectives. Treat it as so if you want the management to pay attention to your strategy. www.pliroforiki.org | 25 REFERENCES 1. Information Security Strategy, A Framework for InformationCentric Security Governance, A White Paper by: The Open Group Security Forum and Cyberspace Law Committee, Business Law Section, American Bar Association, October 2007. 2. SA Comments to Hathaway on Improving Information Security Architecture, Carnegie Mellon CyLab, Information Security for the Next Century, Why we need an information-centric approach to data protection, Dr. Pradeep Khosla. 3. White Paper: The Information-Centric Security Architecture, By: Jon Oltsik Enterprise Strategy Group, July 2007. 4. New Technology Prevents Data Leakage – [George Lawton, IEEE Computer Magazine, 2008]. 5. 7 Steps to information protection [Naomi Fine, Esq., President and CEO of Pro-Tec Data (www.pro-tecdata.com), 2008]. AUTHOR Notis Iliopoulos is the head of the Information and Networks Security Division, of Innova Group of Companies. He works in the information security sector for 13 years having experienced both the service provision as well as the security officer positions. His professional experience includes implementation of various information security projects in many different operational environments. His research interests include Risk Assessment Methods and Techniques, Protection of Privacy and personal data, Methods and Techniques for user authentication. ¢π∞º∏ªπ™Δ∂IΔ∂ ™Δ∏¡ ¶§∏ƒ√º√ƒπ∫H! ¢È·ÊËÌ›˙ÔÓÙ·˜ ÛÙÔ ÂÚÈÔ‰ÈÎfi ¶ÏËÚÔÊÔÚÈ΋ ÚÔˆı›Ù ÙȘ ˘ËÚÂۛ˜ Î·È Ù· ÚÔÈfiÓÙ· Û·˜ Û ÂÚÈÛÛfiÙÂÚÔ˘˜ ·fi 1000 ·Ó·ÁÓÒÛÙ˜, ·ÁÁÂÏ̷ٛ˜ ÂȉÈÎÔ‡˜ Î·È Ê›ÏÔ˘˜ Ù˘ ¶ÏËÚÔÊÔÚÈ΋˜, Ù˘ Δ¯ÓÔÏÔÁ›·˜ Î·È ÙˆÓ ∂ÈÎÔÈÓˆÓÈÒÓ ÛÙËÓ ∫‡ÚÔ! °È· ÏËÚÔÊÔڛ˜ Û¯ÂÙÈο Ì ÙÈ̤˜ Î·È ÎÚ·Ù‹ÛÂȘ ÁÈ· Ù· ÂfiÌÂÓ· Ì·˜ Ù‡¯Ë, ÂÈÎÔÈÓˆÓ‹ÛÙ Ì ÙËÓ À‡ı˘ÓË ¢ËÌÔÛ›ˆÓ ™¯¤ÛÂˆÓ ÙÔ˘ ∫˘ÚÈ·ÎÔ‡ ™˘Ó‰¤ÛÌÔ˘ ¶ÏËÚÔÊÔÚÈ΋˜ ÃÚÈÛÙ›Ó· ¶··ÌÈÏÙÈ¿‰Ô˘ ÙËÏ. 22460680, email: [email protected] . ADVERTISE IN PLIROFORIKI! By advertising in Pliroforiki you are promoting your services and products to more than 1000 readers, professionals, specialists and friends of Computers, Information, Technology and Communications Industry in Cyprus! For information regarding prices and reservations you can contact the Cyprus Computer Society Public Relations Officer Christina Papamiltiadou at tel. 22460680, email: [email protected] . 26 | www.pliroforiki.org MYTHS ABOUT PASSWORD SETTINGS AND OTHER NONSENSE: HOW INFORMATION SECURITY TORTURES USERS IN THE NAME OF SECURITY E. Eugene Schultz Typical organizations have information security standards that require a certain password length, password expiration every 30 to 90 days, password complexity, and more. Information security staff members who routinely prescribe these settings might believe that their organization is meeting “best practice” standards. Research on password settings over the past years, however, suggests that many widely accepted and used settings do not help security appreciably. Instead, many of these settings not only inconvenience users, but in many cases make them less able to remember their passwords. The problem is not limited to passwords, either. Third-party authentication and other technology designed to improve security too often are not at all user friendly. This paper discusses how information security tortures users in the name of security and suggests solutions. www.pliroforiki.org | 27 INTRODUCTION The major goals of information security are to protect the confidentiality of information, integrity of information, systems, and applications, and availability of information, systems, and applications. In the pursuit of these goals information security practices select and implement three major types of controls, technical, physical and administrative. Despite attempts to automate these controls as much as possible to avoid the need for human intervention, some controls invariably require interaction with users. Having users enter passwords, one of the most common types of controls, is, in fact, the most common authentication-related user task. Provided that the interaction sequence for password entry is reasonably simple and intuitive, users can accomplish this task rapidly and easily. But restrictions with respect to passwords that users can select based on certain settings or parameters— password length, age, combinations of characters that are allow, and more—are another entirely different matter. This paper explores the nature of these restrictions with the goal of weighing the costs versus benefits of each and also reviews research studies to determine whether empirical support for widely held preconceptions concerning the value of certain restrictions are in fact true. If not, information security may in effect be torturing users—forcing them to engage in actions that are difficult for humans to perform—in the name of security, even though these actions are of little or no benefit from a security perspective. THE “STRAW MAN”—BENCHMARKS FOR PASSWORDS A good starting point in examining the issue whether widely prescribed and used password settings are effective from a security perspective is to look at commonly used benchmarks for passwords. One of the most widely used password benchmarks have been developed by the Center for Computer Security (www.cisecurity.com). For example, consider the following Windows XP Windows benchmarks published by this organization: - Minimum password age - 1 day - Maximum password age - 90 days - Minimum password length: 8 characters - Password complexity - Enabled - Password history - 24 - Store passwords using reversible encryption – Disabled The first setting affects how long a user must keep the current password before the user is allowed to change it. The major reason for recommending a value other of 0 is to prevent users from changing their passwords when the are required to do so, 28 | www.pliroforiki.org then changing their passwords right back to the ones they had previously. The second setting requires users to change their passwords a minimum of once every 90 days. The third requires users to have at least eight characters in their passwords. In a Windows system that uses English, password complexity requires that a password contain at least three of the four following types of characters: an uppercase English alphabet character, a lowercase English alphabet character, a number and a special character such as % or &. Finally, reversible encryption means encryption based on the Data Encryption Standard (DES) for which encryption is incredibly easy to break. Disabling reversible encryption is thus critical from a security point of view (although disabling it may break compatibility with older Windows systems and applications). Each of these settings except for minimum password age and reversible encryption, neither of which has been the focus of any usability research, will now be analyzed. PASSWORD AGE Research shows that frequent password changes are not good from a memorability standpoint. Bunting found that “proactive interference” from older passwords creates difficulty for users trying to remember their current passwords [2]. When users feel that they cannot remember their passwords, they write them down, thereby often violating their organization’s security policy. A survey of 3,050 Web users performed by Rainbow Technologies discovered that 55 percent of those surveyed confessed to writing down at least one password [6]. Eight percent of survey respondents indicated that they wrote down every password that they had. A subsequent survey showed that 50 percent of users surveyed reported that they had written down at least one password, 10 percent reported that they always wrote their passwords down, and approximately 50 percent revealed that they frequently needed to have their passwords reset because they forgot them. The point here is that requiring users to change passwords frequently (e.g., once every 30 days, as is often required by banks) causes proactive interference, a form of memory interference, that results in failure to remember passwords. Users then turn to prohibited procedures, such as writing down passwords, thereby compounding the problem. Another line of evidence concerning password age is less direct, but nevertheless very applicable. Today’s password cracking tools (e.g., Cain and Able) are incredibly fast, so fast that the attempted cracking rate of Windows password cache password files (which are .PWL Files) on a Pentium 100 is 1,000,000 passwords per second [3]. In other words, 1,000,000 candidate passwords can be compared to entries in .PWL files every second to determine if any candidate password matches any entry in .PWL files. A typical recovery rates for ZIP or ARJ passwords on a Pentium 100 is 10,000,000 passwords per second on a fast or dual Processor PC [3]. Perhaps most astounding is the fact that Distributed.net's Project Bovine RC5-64 computer can try 76.1 Billion passwords per second [3]! Given the speed with which passwords can now be cracked and given that someone (such as an attacker) who cracks a password is likely to use it right away to verify that it is valid, the difference between a password ago of 30 and 90 days, or even between 15 and 120 days, is now really quite inconsequential. MINIMUM PASSWORD LENGTH A very short password, e.g., five characters in length, is an easy target for password crackers. But given the incredible speed of brute force password cracking, a password that is nine characters long is functionally no stronger than one that is eight characters long. Although the time difference depends on the amount of memory and processor speed on the computer on which a password cracking program runs, the time difference to crack a password consisting of one additional character is likely to be in seconds. The same applies to comparing a ten character long password to a nine character long one. There is, however, a huge exception to the rule that increased password length does not make that much difference as far as time needed to crack passwords using modern password cracking tools. They tools, as good as they are, do not even attempt to crack Windows passwords that are at least 15 characters long. So a user who selects a horrible password such as “AAAAAAAAAAAAAAA” would at least survive even the most proficient password cracking tool’s attempts to crack that password. PASSWORD FILTERING/ PASSWORD COMPLEXITY Windows XP’s password complexity setting is more properly known as a “password filtering” setting. Password filters restrict the choice of characters that can be used in a password in an attempt to reduce the problem of users selecting passwords that are otherwise too easy to crack. Filtering rules usually impose restrictions on user-generated passwords, such as the previously described restrictions that the Windows XP’s password complexity setting imposes. To test the notion that password filters help passwords resist cracking attempts, Vu, Proctor, Bhargay-Spanzel, Tai, Cook and Schultz conducted an experiment in which seven password restrictions were imposed upon users who had to create passwords for their accounts [8]. The restrictions were that the password must: ñ ñ ñ ñ ñ ñ Be at least 6 characters long Contain at least one uppercase letter Contain at least one lowercase letter Contain at least one digit Contain a special character (e.g., ! or #) Be unique from the passwords generated for the other accounts ñ Not contain the user’s username or any variant of it Users had to choose and remember passwords for 1, 3 or 5 accounts. The lc5 password cracking tool was used to attempt to crack all passwords for a total of four hours. Significantly fewer of the passwords from the 5-accounts group were cracked than for the 3-accounts group (40 percent versus 60 percent, respectively), but there the difference between these groups and the 1-account group was not statistically significant. There was no significant difference between groups in terms of the time needed to create each password and the login time. Forgetting was significantly highest for the 5-accounts group, e.g., 69 percent of the 5-accounts group was unable to recall the password for at least one of the five accounts, in contrast to 19 percent for the 3-accounts group and 15 percent for the 1account group. Furthermore, passwords that users created had to satisfy seven password criteria, yet about half of these passwords were cracked within four hours The results of this study have important implications for password settings, one of the most fundamental of which is that proactive password restrictions do not necessarily result in more crackresistant passwords. The fact that such a high percentage of passwords were cracked by a password cracker (lc5), one that is by today’s standards not all that powerful is additional support for this conclusion. Furthermore, having to remember more passwords that have been created under restrictions resulted in greater forgetting. The cost-benefit ratio of password filtering is thus questionable. A good way to generate a password that fulfills complexity restrictions, but it potentially easier to remember is to create a passphrase. For example, the first characters in each word in “These are the times that try men’s souls” can be used to create a password, “Tattttms.” Do passphrases improve memory when filtering rules are used? Vu, Proctor, Bhargav-Spantzel, Tai, Cook, and Schultz undertook a study in which one group of participants had to create a passphrase that conformed to complexity restrictions [8]. Another group had to create passphrases under the same restrictions, but also had to insert one digit and one special character into the passphrase. Results indicated that creating passphrases yielded more crack-resistant passwords only when users were also told to embed a digit and special www.pliroforiki.org | 29 character into the passphrase. Embedding a digit and special character also resulted in less ability to remember passwords during both short-term and long-term recall. Embedding digits and special characters resulted in significantly more time needed to generate and recall passwords and almost twice as many errors before they could recall the password. These results suggest that the widely held assumption that requiring users to create passphrases to improve both resistance to cracking and password memorability is more myth than fact. controls selection process, but it is generally not. Instead, too often information security professionals develop a negative attitude towards the user community and then prescribe more security awareness and training for users as the solution to the problem. Unfortunately, “user resistance to security” is too often in reality “user resistance to user-unfriendly security tasks!” OTHER SECURITY METHODS Users also have numerous problems with other security methods that many information security professionals think are perfectly fine. For example, Proctor, Lien, Salvendy and Schultz conducted research on usability considerations in third-party authentication methods, methods that require something besides passwords during the authentication process [5]. These researchers conducted task analyses, breaking down users’ tasks into individual, sequential steps to evaluate the number of task required in biometric-, smart card- and password-based authentication. In general, the greater number of steps needed to complete a task, the more difficult the task is for users—more time is likely to be required, and the number of errors is likely to increase. Proctor et al. discovered that in comparison to password authentication, biometric devices necessitated 10 additional task steps. Compared to password-based authentication, smart cards required 14 additional task steps. Results suggest an explanation concerning why third-party authentication methods have not gained in popularity as much as security needs would appear to mandate. Having to perform numerous additional steps in third-party authentication presents a significant usability hurdle to users, one that in all likelihood produces a great deal of user frustration and ultimately resistance to this type of authentication. In addition, certain steps identified in the task analyses were much more likely to result in user errors than others. For instance, inserting a smart card correctly into the card reader necessitated a series of steps that required exact orientation and manipulation of the smart card so that it could be put directly into the reader. Failure to orient and manipulate the smart card precisely resulted in errors on users’ part. USER RESISTANCE TO SECURITY MEASURES Tasks and systems that have poor usability design cause users to resist them (e.g., [1]). Resistance can manifest itself if numerous ways—negative statements, hostile behaviors, passiveness, failure to pay attention, circumventing security controls altogether, and in numerous other ways. Minimizing or eliminating altogether user resistance by considering the impact of human usability design should be a major part of the security 30 | www.pliroforiki.org A REALISTIC ASSESSMENT OF PASSWORDRELATED RISKS Finally, it is important to consider the threats associated with password-related risks. Many information security professionals believe that password cracking tools lead to the greatest password-related risks. Although this used to be the case, most current attack methods do not involve password cracking, because it is not all that efficient— it almost always entails brute force password attacks—and also because gaining access to a password file requires superuser privileges, something that is not always easy to do if one is not a system administrator. Writing down passwords on slips of paper occurs even less than does password cracking nowadays. Currently, keystroke and tty sniffers are the major threat vectors for password-related risk. Attackers perform reconnaissance activity that includes discovering individuals who frequently send email to each other and then craft special messages that appear to come from someone with whom one user frequently exchanges email messages. These messages either contain malware embedded within an Abode Reader attachment or a URL, which if clicked causes the browser to be redirected to a malicious Web site. Ultimately, perpetrators take control of targeted machines and then plant keystroke or tty sniffers to capture passwords and other credentials such as banking PIN numbers [7]. By now it should be apparent that the quality of passwords as well as other password characteristics and rules (such as forbidding users to write down their passwords) make little difference in terms of the likelihood of success with today’s password attacks. Why then do we fight such well-meaning, but ill-advised battles with users over password settings such as the length, age, and complexity of passwords, or whether or not passwords can be written down? CONCLUSION In many ways, we torture users. Many of our beliefs and practices concerning passwords (and also other forms of authentication) clash with empirical research results. We have in reality invented our own “folklore” and then somehow labeled it “best practices.” It is also extremely unlikely that many commonly used password policy settings produce anything close to a favorable cost-tobenefit ratio when the lost productivity of users who have to enter one password after another to satisfy password restrictions and also call the help desk when they cannot remember their difficultto-crack, but also difficult-to-remember passwords. So why do we not instead switch to the use of one-time passwords, passwords that users do not have to create according to often difficult restrictions and that if captured during a login attempt, do attackers no good whatsoever? REFERENCES 1. Al-Ghatani, S. S., & King, M. (1999). Attitudes, satisfaction and usage: Factors contributing to each in the acceptance of information technology. Behaviour & Information Technology, 18, pp. 277-297. 2. Bunting, M (2006). Proactive interference and item similarity in working memory. Journal of Experimental Psychology: Learning, Memory & Cognition, 32(2), pp. 83-96. 3. Lockdown.co.uk (2009). Password Recovery Speeds: How long will your password stand up? July 10, 2009 from http://passwordresearch.com/stats/statindex.html 4. Proctor, R. W., Lien, M. C., Vu, K.-P. L., Schultz, E. E., & Salvendy, G. (2002). Improving computer security for authentication of users: Influence of proactive password restrictions. Behavior Research Methods, Instruments, & Computers, 34, pp 163-169. AUTHOR Dr. Eugene Schultz, CISM, CISSP, is the Chief Technology Officer at Emagined Security, an information security consultancy based in California. He has authored numerous books and published papers, on information security matters, incident response, and intrusion detection and prevention. Gene was the Editor-in-Chief of _Computers and Security_ from 2002 - 2007, and is currently an associate editor of _Network Security_. Gene is a SANS instructor, he is on the technical advisory board of 3 companies and has also been 5. Proctor, R.W., Lien, M., Salvendy, G. & Schultz, E.E. (2000). A task analysis of usability in third-party authentication. Information Security Bulletin, 5 (3), pp. 49 – 56. 6. Rainbow Technologies, 2003. Password survey results (June 2003). Retrieved November 14, 2005, from /http://mktg.rainbow.com/mk/get/pwsurvey03S. 7. Schultz, E.E. (2009). The new intrusion detection. Presentation at the SoCal Security Forum, Long Beach, CA, October 29, 2009. 8. Vu, K.-P. L., Proctor, R. W., Bhargav-Spanzel, A., Tai, B.-L., Cook, J., & Schultz, E. E. (2007). Improving password security and memorability to protect personal and organizational information. International Journal of HumanComputer Studies, 65, pp 744-757. professor of computer science at several universities. He has received the NASA Technical Excellence Award, the Department of Energy Excellence Award, the ISACA John Kuyers Best Speaker/Best Conference Contributor Award, the Vanguard Conference Top Gun Award, the Vanguard Chairman's Award, the National Information Systems Security Conference Best Paper Award, and the ISSA's Professional Achievement and Honor Roll Awards. He founded and managed the U.S. Department of Energy's Computer Incident Advisory Capability (CIAC) and he is a co-founder of FIRST, the Forum of Incident Response and Security Teams. He is currently a member of the accreditation board of the Institute of Information Security Professionals (IISP). www.pliroforiki.org | 31 TEACHER USE OF ICT IN CYPRUS PRIMARY SCHOOLS Charalambos Vrasidas This paper presents findings from a large-scale evaluation of teachers using technology in Cyprus public schools. A questionnaire was sent to 1051 teachers through stratified sampling procedures, in order to examine how teacher use technology and what barriers do they face. The findings shed light to the complexities of integrating ICT in teaching and learning. The research reported is the first of its kind to be conducted in the Cyprus context. Teachers are willing to integrate technology into their teaching. However, even though they realize the benefits of ICT integration, a lot of teachers today seem resistant to integrating technologies and using online learning environments. Data collected and analyzed, illustrate that this is due to several factors, such as lack of time, the ill-structured design of the school curriculum, the lack of infrastructure and tools to better support teachers and learners. 32 | www.pliroforiki.org INTRODUCTION RESEARCH METHODS Attempts to integrate technology in education provoke a variety of responses from teachers that range from enthusiasm and skepticism to fear and uncertainty. A long history of technology use in education reveals that the first reaction is to use new technology in the same traditional ways as the old technology. Old curricula and pedagogical approaches should be reformed, and if necessary replaced, to take advantage of the affordances of the new media. Research has shown that computers are used less often in the classroom than in other organizations. In order for education innovations to succeed, systemic approaches and the collaboration of all stakeholders, including teachers, are required [3,7,9]. The study investigated the following two key questions: 1. How do teachers use ICT? A major issue emanating from research on teacher preparation has to do with the provision of ongoing teacher support to continue integrating technology into their teaching. Ongoing professional development is essential for school improvement, and it can empower teachers to address the challenges they face in their everyday teaching [4,5,6]. Professional development is a growing need as schools attempt to reform themselves and as new policies are established for teacher certification and school accountability. Teachers do not just need support in the form of workshops, but instead they need to have access to support throughout their careers as they try to integrate technology into the curricula and seek to improve their teaching. One-time workshops and teacher preparation during the course of one semester are not sufficient [1,8,10]. Data for this project were collected and analyzed using both quantitative and qualitative methods. In order to develop the survey instrument, we conducted qualitative research in four schools. We collected participant observation data from teachers using technology in the classroom, interviews with teachers and interviews with administrators. In order to develop the 8-page instrument for the survey, we relied heavily on the findings from the qualitative data (e.g. interviews and observations). In addition, we reviewed other instruments, and consulted with experts in the field. A first draft instrument was developed and pilot-tested with 10 teachers and 4 experts. Following the pilot, we finalized the instrument and administered it to a sample of 1051 teachers using stratified sampling procedures. The total population of primary school teachers in Cyprus, during 2008-2009 was 4150. We ensured that all counties and regions of Cyprus were represented from both rural and urban settings. The response rate of the questionnaire was 50.5% (531 out of 1051). CONTEXT During the last five years, the international R&D center CARDET led several large scale evaluations and developmental research programs supported by the Cyprus Research Promotion Foundation, the Republic of Cyprus, EU Structural Funds, and the European Commission. The focus of these projects was on the use of technology by teachers and the effectiveness of existing professional development programs offered. One of the key issues that came out was the importance of both formal and informal ways for teacher lifelong learning, and the role that online environments can play to support them. In this brief paper we present the summary of findings from evaluation work conducted to investigate the issues and the effectiveness of teacher use of technology. The ideas presented come from 2 projects: ñ A Framework for Preparing Teachers to Teach with ICT (Partly supported by the Life Long Learning Programme, Leonardo Da Vinci, Transfer of innovation) ñ Development of an e-learning model for teacher professional development (Partly supported by the Cyprus Research Promotion, Republic of Cyprus, and EU Structural Funds) 2. What barriers do teachers face in using technology in the classroom? The project research team that investigated and evaluated the case studies was led by the international Research Center CARDET. Partners for different parts of the research presented here were the Open University of Cyprus, the Open University of the UK, the University of Piraeus, the International Council for Educational Media, the University of Nicosia, the Cyprus Pedagogical Institute, and INNOVADE LI LTD. During data analysis, we followed the inductive and deductive stages used in interpretive and case study research. Interview transcripts, class documents, meeting minutes, memos, observation notes, student artifacts, and survey results were all analyzed. Upon entering the inductive stage, we organized all the transcripts, field notes, and documents. We used data displays, concept maps, and tables to illustrate findings of the evaluation. After we collected and organized all the data, we read through the data three times and generated assertions. Once we generated assertions from the data as a whole, we entered the deductive stage. In this stage, we engaged in detailed examination of the data corpus and looked for data to confirm or disconfirm our assertions. Moreover, statistical analysis of quantitative data included tables and diagrams, whereas authentic excerpts were extracted from the qualitative data. www.pliroforiki.org | 33 RESULTS Even though the authors have studied all research questions related to this study, this section discusses only findings on the factors that affect teachers’ efforts in technology integration and the challenges they face. Findings revealed two kinds of factors affecting teachers’ efforts of technology integration: 1) factors that facilitate teachers’ efforts, such as teacher professional development and support, and 2) factors that suspend or prevent their efforts, such as lack of infrastructure. Emerging assertions from data analysis are discussed in the sub-sections below. With respect to the use of technology, teachers indicated that they used ICT daily (or almost daily), as follows: ñ 72.3% for preparing educational material, ñ 67.7% for preparing tests and assignments, ñ 44.8% for preparing lesson plans, ñ 35.4% used ICT in the classroom. However, the interesting finding is that very few teachers prepared activities for students to use ICT. The findings showed that teachers asked students to use ICT almost daily, as follows: ñ 15% for playing educational games, Teachers are willing to integrate technology into their teaching. However, even though they realize the benefits of ICT integration, a lot of teachers today seem resistant to integrating technologies and using online learning environments. ñ 13.9% for working collaboratively on assignments in the classroom, ñ 12.9% for using internet for completing school work, ñ 12.4% for working individually on the computer in order to complete school work, ñ 6.1% for working in the classroom on word processing tasks. Regarding barriers to ICT integration, the findings are in alignment with the findings from the 24 case studies. According to the survey results, teachers cited the factors below as important barriers in using ICT: ñ 81.4% the length of the curriculum that needs to be covered during the year, ñ 71,7% time constraints for ICT integration in the classroom, ñ 60.4% time required for preparing ICT-based activities, ñ 53.5% availability of infrastructure, ñ 50.7% lack of quality content, ñ 50.2% lack of in classroom support for teachers, ñ 43.4% lack of participation of teachers in decision making, ñ 37% need for professional development. 34 | www.pliroforiki.org The amount of content and the length of the Curriculum to be covered during a school year The most important barrier that emerged from these studies was the curriculum. A total of 81.4% of the teachers indicated the length of the curriculum as one of the most important barriers in integrating ICT in the classroom. This explains the challenges that numerous teachers encounter in their efforts to integrate technology in the classroom. The pressure to cover the required content and the limited timeframe were two factors that concerned participating teachers, especially in the final grade of high school. One of the teachers stated during the interview: “It is impossible to be able to cover all the content and curriculum requested by the ministry in a school year.” Furthermore, since the current curriculum and school manuals do not include ICT integration, there is lack of supporting material for each learning unit. Teachers therefore, need to spend excessive amounts of time to find, assess, revise and adjust learning materials, activities and tools to fit the needs of their students and the curriculum. The Importance of Time for Planning and Implementation Time was one of the factors mentioned by all teachers in several occasions. In the large scale survey, 71,7% teachers cited the time required for integrating ICT in the classroom as an important barrier, and 60.4% cited the time required for preparing ICT-based activities as barrier. Planning for lessons that integrate ICT is a time consuming activity from the teachers’ perspective. This is one of the main reasons that teachers do not use technologies in their classroom. As one teacher stated during the qualitative part of the study, Collaborative and Situated Professional Development Good professional development is both situated in teachers’ everyday practice, and distributed across communities, tools, and contexts [2]. Therefore, professional knowledge is distributed among learners, teachers, and their physical and socio-political and historical worlds. Building one-size-fits-all models is a typical error made by professional development program designers. Schools, teachers, and students do not come in standard forms; they are irreducibly unique. It is therefore important that programs be planned taking into account teachers’ individual needs and experiences, their learning styles, the contexts of their schools, and the stage they have reached in their career. One of the key issues that came out of the interviews and survey data was the need to move professional development activities closer to the school. Teachers expressed the need for having frequent support at the school level. Another issue was the need to support collaborative and informal professional development. An interesting finding from this survey is that 70% of teachers expressed the importance of collaboration and informal learning for professional development and the ways in which online communities and social networking (both face to face and online) help them grow as professionals. Collaborative work among teachers and experts anchors the process of learning to use technology in an exploration of what it is to teach and learn the subject. The design teams connect teacher educators, technology experts, and K-12 teachers in schools, with the goal of developing curricula in specific content domains which make good use of ICT. RECOMMENDATIONS “These lessons with the use of technology require too much time…I can’t just prepare them like that…I need at least 1-2 days and I only have time in the afternoons. I need to find materials, websites, check them thoroughly… are they going to work out well with my students or not?” In addition, teachers mentioned that the implementation of ICTrelated activities requires a lot of time. The curriculum and the evaluation system are designed in such a way that they do not allow for teachers to have time to use ICT since they have to focus on covering the required content. This is one of the main reasons that teachers avoid to experiment with ICT integration and engage in reflective activities on the benefits of technology. For example, a teacher mentioned that even though she realizes the benefits of using simulations with her students, they take too much time to complete; time which is beneficial for her students to experiment and engage in inquiry-based learning, yet leaving her with even less time to cover the required content. The findings from this survey shed light to the complexities of integrating ICT in teaching and learning. The research reported is the first of its kind conducted in the Cyprus context. Findings reveal that teachers are willing to integrate technology into their teaching practices. However, even though they realize the benefits of ICT integration, a lot of teachers today seem resistant to integrating technologies. This is due to several factors that were revealed through the findings, such as lack of time, the illstructured design of the school curriculum, and lack of infrastructure. In order to aid the endeavors of teachers in integrating technologies, more robust professional development programs need to be developed that would continuously provide support in order for teachers to be able to overcome the aforementioned problems and challenges faced when attempting to integrate technology. Moreover, better coordination and organization of the professional development programs is necessary, as well as improvements in the school curriculum, infrastructure upgrades, and availability of software programs and supporting learning materials. www.pliroforiki.org | 35 ACKNOWLEDGEMENTS The research presented in this paper is partially supported by the following projects: ñ “A Framework for Preparing Teachers to Teach with ICT” (EUPT3) (Partly funded by the European Commission Lifelong Learning Programme, Leonardo da Vinci- Transfer of Innovation, grant contract: LLP-LdV-TOI-09-CY-167918). ñ “Development of an e-learning model for teacher professional development” (Partly supported by the Cyprus Research Promotion, Republic of Cyprus, and EU Structural Funds, contract: ∞¡£ƒø¶π™Δπ∫∂™/¶∞π¢π(μπ∂)/0308/06). REFERENCES 1. Borko, H. (2004). Professional development and teacher learning: Mapping the terrain. Educational Researcher, 33(8), 3-15. 2. Chitpin, S. & Evers, C. W. (2005). Teacher professional development as knowledge building: A Popperian analysis. Teachers and Teaching: Theory and Practice, 11(4), 419-433. 3. Cuban, L. (2001). Oversold and underused: Computers in the classroom. Cambridge, MA: Harvard University Press. 4. Gross, D., Truesdale, C. & Bielec, S. (2001). Backs to the Wall: Supporting teacher professional development with technology. Educational Research and Evaluation, 7(2-3), 161-183. 5. Manke, M. P., Ward, G., Lundeberg, M. A. & Tikoo, S. (2005). An effective model of professional development in technology for multiple constituencies: The Technology Leadership Cadre. In C. Vrasidas and G. V. Glass (Eds). Preparing teachers to teach with technology (pp. 343-358). Greenwich, CT: Information Age Publishing, Inc. 6. Radinsky, J., Smolin, L. & Lawless, K. A. (2005). Collaborative curriculum design as a vehicle for professional development. In C. Vrasidas and G. V. Glass (Eds). Preparing teachers to teach with technology (pp. 369-380). Greenwich, CT: Information Age Publishing, Inc. 7. Vrasidas, C. & Glass, C V. (2004). (Eds.). Online professional development for teachers. Greenwich, CT: Information Age Publishing, Inc. 8. Vrasidas, C. & Glass, C V. (2005). (Eds.). Online professional development for teachers. Greenwich, CT: Information Age Publishing, Inc. 9. Vrasidas, C., Zembylas, & Glass, C V. (2009). (Eds.). ICT for education, development, and social justice. Greenwich, CT: Information Age Publishing, Inc. 10. Ball, D. L. & Cohen, D. K. (1999). Developing practice, developing practitioners: Toward a practice-based theory of professional education. In L. Darling-Hammond and G. Sykes (Eds). Teaching as the learning profession (pp. 3-31). San Francisco, CA: Jossey-Bass. AUTHOR Dr. Charalambos Vrasidas is co-founder and Executive Director of CARDET – Centre for the Advancement of Research & Development in Educational Technology (http://www.cardet.org), a non-profit research and development centre based in Cyprus. 36 | www.pliroforiki.org He is also Associate Professor of Learning Technologies and Innovation at the University of Nicosia. He currently serves on the Executive Committee of the International Council for Educational Media, an UNESCO affiliated organization. He is currently the Editor-n-Chief of Educational Media International, a peer-reviewed scholarly journal published by Taylor and Francis. KNOWLEDGE MANAGEMENT IN DEVELOPING AND DELIVERING SOFTWARE PRODUCTS Andreas Hadjioannou Knowledge acquisition involves complex cognitive processes: perception, learning, communication, association and reasoning. Knowledge Management comprises a range of practices used in an organization to identify, create, represent, distribute and enable adoption of insights and experiences. There are a number of techniques that can be employed by a software development department or company that can foster knowledge and create a knowledge management culture within an organization. Based on research performed by the Cornet - EXTRA project, a number of techniques are available that can foster knowledge management. Some of these techniques are outlined in this article. Knowledge is defined by the Oxford English Dictionary [1] as (i) expertise, and skills acquired by a person through experience or education; the theoretical or practical understanding of a subject, (ii) what is known in a particular field or in total; facts and information or (iii) awareness or familiarity gained by experience of a fact or situation. Knowledge acquisition involves complex cognitive processes: perception, learning, communication, association and reasoning. The term knowledge is also used to mean the confident understanding of a subject with the ability to use it for a specific purpose if appropriate again and again. Knowledge Management (KM) on the other hand comprises a range of practices used in www.pliroforiki.org | 37 an organization to identify, create, represent, distribute and enable adoption of insights and experiences. Such insights and experiences comprise knowledge, either embodied in individuals or embedded in organizational processes or practice. Sharing this valuable knowledge is a potential source of improvements in an organization, developing personal skills and practices improvements. Research and case studies show that these so called “Knowledge Brokers” employees could help others through on-the-job-training, participate in workshops and discuss topics during lunch time or near the coffee-machine or answer via e-mail. The role of a knowledge broker is often given to senior staff with a lot of expertise in the company. Knowledge brokers should also be people with good communication skills and/or a lot of (external) contacts. Case studies show that experience transfer and knowledge management strongly increase effectiveness and thereby competitiveness. Nevertheless, research shows that few companies have a systematic way of utilizing experiences and knowledge management. Casual Event is a technique that can be used to foster the creation of knowledge brokers distributing knowledge and information of who knows what internally in an informal way. In addition knowledge and expertise could be represented in “yellow pages” or “who’s who” systems. That is, the knowledge is represented in a list containing the employees and their role or technical skills instead of being represented inside articles inside knowledge based repositories. Even when such systems are available, the role of Knowledge Broker could play an important role in order to solve the problem of identifying the required expertise and selecting who to acquire it from. In a Software Development environment knowledge gained through learning / training process may be distinguished from knowledge management as the latter provides a greater focus on the experienced gained from previous projects, which eventually constitutes an asset of the IT company of department for future projects. Knowledge Management is an important asset to a Software development environment as it can provide improved performance, competitive advantage, innovation, sharing of lessons learned, and continuous improvement of the developed code. It can help individual programmers and development teams to share valuable insights in analysis, design and programming techniques that if managed and organized properly may tremendously reduce redundant work, increase the quality and performance of code produced, help avoid reinventing the wheel per se, reduce training time for new employees and help retain intellectual property. There are a number of techniques that can be employed by a software development department or company that can foster knowledge and create a knowledge management culture within an organization. Based on research performed by the Cornet EXTRA project, a number of techniques are available that can foster knowledge management that are based on knowledge sharing, sharing experiences, history of a project, retrospectives, lessons learned, and promotion of knowledge culture. These techniques can be grouped under the four known Schools of Knowledge Management: organizational, systems, engineering and Cartographic. Inside a software development environment, experienced employees should often be solicited to share their knowledge by writing articles, creating training material, etc. Unfortunately, producing knowledge is not an easy task. These experienced employees are sometimes unable to share their knowledge because of a lack of time, a lack of incentive to do so or a lack of teaching skills. Furthermore this requires the formalization of their knowledge. 38 | www.pliroforiki.org A huge amount of information is regularly produced in an organization during project execution. Information concerns different levels, personal work and skills, development methods and models, best practices on project management, tools etc. Another approach to sharing knowledge between projects, is to connect people who have similar interests in a network to discuss common topics. Such networks are often referred to as “communities of practice”, and can have several benefits, from concrete help to solve problems to focus on establishing common practices in the organization. The Technical Information Meeting or TIM technique is a very simple and easy way to gather and share information in the organization. Its objective is to organize continuously and regularly topical meetings to get employees actively involved and informed across projects. Another technique is based on the “Lessons learned” report which is developed at end of every project. “Lessons learned” can be defined as the learning gained from the process of performing the project. Lessons learned may be identified / performed at any phase / stage of a project. Preparing and sharing lessons learned is the process of gathering, documenting and analyzing feedback on events that happened during a project for the benefit of project teams working on future projects. The main argument for making knowledge explicitly available is to make it reusable, and the reuse makes up for the cost of codifying the knowledge into an explicit format. Knowledge repositories is a common approach for using databases to store employee expertise, knowledge, experience and documentation, usually about a particular domain of expertise, within a company. In a repository, you find knowledge that is summarized, and integrated across sources. Knowledge repositories are typically used to make it easier to retrieve explicit knowledge for all or many employees in a company. The history of activities of how a particular project has evolved and completed is important knowledge for every IT project. Detailed information of issues raised and how these issues were resolved from the beginning to the completion of a project are valuable empirical information which must be maintained and referenced. A Project Diary is a project artifact which allows project managers to record all project issues and related follow up actions ensuring the smooth running of the project. Retrospective analysis is another way to share knowledge following the completion of a project or major milestone. The method is performed in a workshop and is intended to be short, effective, and yield immediate and visible outcomes to motivate the project team for further such activity. It recognizes that the largest part of organizational learning happens in a project setting, and attempts to elevate this knowledge from a project setting and up to the company level. When an organization is implied in a software process improvement, conducting an assessment or an audit helps determining the state of its current software processes. In the ideal case, the assessment leads to a concrete action plan for software process improvements. It gives an accurate snapshot of the current process practices situation of the organization. Sharing this knowledge on good and bad practices is of great benefit for the organization and source of practices improvement. It is often useful to describe or map development and delivery processes in order to standardize how this is done and how work is transferred from one department to another. This is especially important when processes change frequently or if new personnel join a project. A process guide can be seen as a structured, workflow-oriented, reference document for a particular process, and exists to support participants in carrying out the intended process. For a process guide to be useful, it must not only be tailored to the specific needs of a company, but also be made available for example on the company’s intranet or through the development environment. During a software development project, various artefacts, in the form of electronic documents, are produced. Artefacts of the project are of different kinds and can include documents used for project management (project plans, budgets, resource allocations), quality documentation and technical reports and articles. Such documents contain a large amount of knowledge about the project and should be stored and shared in the Experience Base of the organization, that is, the place where all the packaged information which can be useful to everyone in the software development process is stored, retrieved and managed. If you would like to know more about these techniques and other useful methods and tools that will help your organization and your software development teams retain and reuse knowledge then you will have to wait until the end of 2010 when the project ends and techniques are published. ABOUT THE CORNET - EXTRA PROJECT The mission of EXTRA is to improve competitiveness of small European software companies developing and delivering software products and operating internationally. This will be obtained by new insights in and increased use of experience transfer and knowledge management techniques within and in between companies. Project Consortium: ñ ICT Norway (Norway) – Project Leader – Sintef (Research Organization) ñ CETIC (Belgium) ñ CITEA (Cyprus) – Virtual IT – Inteliscape REFERENCES 1. Oxford Dictionaries Online, www.oxforddictionaries.com [accessed on 1/7/2010] 2. EXTRA Project Website, www.cornet-extra.eu AUTHOR Andreas Hadjioannou holds a BSc in Computer Science and Engineering. His 25+ career in ICT includes positions such as Software Engineer, Trainer, Project Manager, IT Manager, Operations Director and Managing Director for local and International organizations such as NCR and Pepsi Cola International. He is the founder of ICT organizations in Cyprus including Virtual IT Ltd, in which he is currently the Managing Director. Andreas has extensive knowledge and experience in the organization and management of multiple interrelated ICT projects and in formulating and implementing ICT Strategies and action plans for both private and public sector organizations. www.pliroforiki.org | 39 HOW TO SHARE KNOWLEDGE THROUGH PRODUCT CROSSEVALUATION Katerina Neophytou One of the most challenging aspects of software development is knowledge sharing among the team members within an organization. Knowledge sharing can be accomplished by engaging in a cross-evaluation process. This process can be employed during the testing phase of a project and more specifically, after the System Testing Phase and before the User Acceptance Testing Phase of a developed product. 40 | www.pliroforiki.org INTRODUCTION/MOTIVATION During the Testing Phase of the software development cycle, employees are engaged in different kinds of development activities. These activities can be related to technical competencies, problems and issues resolutions that can be reused in future projects. If these activities are transferred and shared among the employees during the cross-evaluation phase it will increase the competitiveness of the organization and the productivity of the team(s) within an organization. Cross-evaluation can be used by organizations that are structured based on multiple development teams. Cross-evaluation is a technique where a team member of one team evaluates a product developed by a second team, and a team member of the second team evaluates the respective product developed by the first team. The result of this activity is to identify problems, issues and to come up with proposed actions that will help improve the development best practices. This technique can be used towards developing an infrastructure for testing, tuning and evaluation of information retrieval. It can also be used for creating test-suites of reusable data which can be employed by system developers for benchmarking purposes. WHEN TO USE (CONTEXT OF USE) The knowledge sharing between and among the team members must be continuous, on a daily basis with respect to their daily activities, as well as, scheduled during product cross-evaluation period. Cross-Evaluation can either be performed in a formal or informal manner and the project manager(s) or team leader(s) must keep records of items discussed and then communicate the findings to the involved team(s). HOW TO Cross-evaluation process must be used to encourage frequent inspection and adaptation of the development cycle findings through a leadership philosophy that encourages team work, selforganization and accountability which will result in a set of engineering best practices that allow for rapid delivery of highquality software. There are two levels of cross-evaluation that can be performed depending on the type of the product: a. Cross-evaluation on task completion basis. b. Cross-evaluation on a milestone completion basis or project completion basis. Checklist preparation for cross-evaluation A number of areas of a project must be addressed during the software development process. For each of the areas it is recommended that a checklist is in place. Below is a complete list of the areas that should be addressed towards getting the desired results: 1. Requirements Analysis and design document checklist – addressing areas of the Requirements Analysis and design document as agreed with customer. 2. User interface checklist – addressing the areas of standards in place for the product/project. 3. Functionality checklist – addressing the all the functional aspects requested by customer. 4. User Friendliness checklist – addressing issues friendliness and usability of the system. 5. Performance checklist – addressing issues of response time and bandwidth consumption. 6. Quality Checklist – addressing issues of coding and development methods and techniques. 7. Deliverable checklist – addressing the items to be delivered to customer. A sample of such a checklist is available below (table 1), addressing the quality attribute of a product. Validation of checklist(s) with business analyst During an informal meeting, the people in charge of the crossevaluation (one from each team) confirm the checklist(s) prepared with the responsible business analyst towards verifying that all the findings, as a result of the cross evaluation, have been addressed and are correct. This will help obtain valuable feedback. Perform testing (cross-evaluation) based on checklist The two evaluators proceed with necessary testing using the checklist prepared and record their findings and comments. Document Findings/Propose Solutions All comments are reported in an incident reporting tool which will facilitate the reporting aspect, resolution aspect, sharing knowledge aspect and quality aspect of the end product/project. The findings can be categorised in 4 major types in order to better manage and have an effective decision management towards their implementation: 1. Clarifications – areas requiring extended explanation 2. Improvements – ideas to change the existing functionality or additions to the existing functionality 3. Problems – malfunctions/bugs of the system/product 4. To-do's – items listed in the requirements/design but not addressed in the system/product www.pliroforiki.org | 41 Table 1: Part of Quality checklist. inteli-scape ltd. QUALITY ATTRIBUTES TASK DESCRIPTION Y/N OWNER COMMENTS Functionality (does it match the requirements) Performance (response time, utilization behavior) Security (segregation of functionality in roles, provides access to authorized roles only) Availability (uptime, recovery time) Usability (ease of use and training, adequate reporting of key metrics/categories, input validation) Interoperability (ability to cooperate with other systems) Modifiability (ease of design to perform changes, comments) Reusability (extend parts can be reused in other applications) Extendability (ability to extend with major functionality) Integrability (to make separate systems components that work together) Testability (ability to test) Traceability (ability to enable/disable log and debug modes) Auditability (ability to trace user, system, admin actions) Error Handling (log of descriptive errors) Archiving Note: The check list can be as detailed as needed based on the project type and the phase of the project that this activity has been assigned. Communicate Findings Cross-evaluation is also useful to transfer/share Common Knowledge. Knowledge and the lack thereof (uncertainty) is an integral part of subsurface evaluation. Leveraging knowledge within asset teams, across business units and through communities of practice is the key for creating competitive advantage and shareholder value. Effective leverage of collectively held knowledge connecting people and processes improves project cycle time and mitigates risk. This can be achieved by: a. Brainstorming Sessions: After the completion of the above all the involved employees can hold a brainstorming session to discuss and analyse the findings and define the actions based on the comments/findings of the project cross evaluator. This activity is performed in a formal or informal manner. 42 | www.pliroforiki.org b. Knowledge Transfer Workshops: After the completion of major projects and at a scheduled time frame, ex. Every 3 months, the teams can organize workshops where major issue can be discussed. The project Manager of each team is responsible to collect and present the most important findings. c. Training Sessions: The technical team leader of each team will be responsible to share with other team members new development techniques, new technologies, and development best practises. In addition to that, point out common or frequent mistakes that were identified during the crossevaluation sessions. The methods above can lead the Teams develop a unique approach to improve performance, document asset knowledge and enable culture change for sharing knowledge. Figure: Incident reporting system. inteli-scape ltd. CROSS-EVALUATION BENEFITS ROLES INVOLVED IN THE CROSS-EVALUATION Some of the benefits that companies will acquire by adopting Cross-evaluation are to gain the ability of: ñ Taking better decisions by leveraging best practices. Cross-evaluation can involve a number of people from within the organization. The following key roles are mandatory however: ñ Technical Team Leader, leads the workshop sessions and training session.(can be independent but can also be played by a participant) ñ Systematically incorporating pre-existing knowledge and accounting for inconsistent or lack of knowledge (uncertainties). ñ Safeguarding new knowledge generated during the study process for use in further stages of development and by other teams with common issues or workflow processes. ñ Providing as an efficient vehicle for targeted QA both on a task level as well on a holistic multi-disciplinary level. ñ Enabling full cycle reviews to evaluate performance, capturing learning and enabling process improvement. ñ Allowing more interaction between people involved in a project PREREQUISITES Below are the prerequisites that must be in place within an organization towards engaging in a successful and useful product cross-evaluation: ñ Project specific Requirements and Design documents ñ Established Standards and Processes that will facilitate the flow of work ñ Promotion knowledge sharing culture ñ Team member, participates in the brainstorming sessions ñ Project manager, documents the results and coordinates the workshops ñ Team Leader, documents the results and coordinates the brainstorming sessions. RESULTS The main results from product cross-evaluation are: ñ Cooperative learning and team spirit as feedback from a person outside the team is welcome and appreciated ñ Improved organizational factors like teamwork is encouraged during the brainstorm sessions and efficient feedback is obtained ñ Internal/external communication between teams is improved ñ Updated and improved development techniques LIMITATIONS In order to have effective results, this technique must have clear and effective lines of responsibility and minimal overlapping of functions. Identify and assign responsibility for core functions in the development cycle at the right level of the organization. www.pliroforiki.org | 43 The time aspect is always a limitation to the software development cycle. Customers are always demanding and they always would like the best solution with minimal cost and time schedule. It’s the provider responsibility to allocate the time needed to proceed with cross-evaluation in order to deliver a solution that will make the customer satisfied. ADDITIONAL INFORMATION 1. http://www.sciencedirect.com Tacit knowledge acquisition and sharing in a project work context 2. http://www.thataway.org/exchange/categories.php Issues Addressed Through Dialogue & Deliberation AUTHOR Katerina Neophytou Sales Account Manager Inteli-scape ltd. [email protected] 44 | www.pliroforiki.org Graduated from Montclair State University (NJ) with a BSc (Hons) in Business Administration. After graduation, Katerina has enjoyed a wealth of work experience in the Project Management. For seven years has been managing software development teams and delivered with great success numerous products. Her expertise spans from delivering solutions that exceed the needs of SME as well as Large Organizations with focus to Quality and Customer Satisfaction. Do you know this man? Philippos Peleties Once in a while humanity comes across some minds whose brilliance shines like a supernova: intense but short. One of those minds was Evariste Galois, the 20 years old student of mathematics who traded the prospect of a brilliant life as a mathematician with the love of a woman. Another was Alan Turing, the British mathematician whose contributions to the mathematics of computational logic have helped not only to underlie the fundamental nature of computation but also helped in winning a major world conflict: World War II. www.pliroforiki.org | 45 Alan Mathison Turing was born in Maida Vale, London, to Julius Turing, a member of the Indian Civil Service and Sara Stoney, daughter of the chief engineer of the Madras Railway in India. That day the calendar read 23 of June 1912. Alan and his brother John spend their early years in the care of friends in Hastings, England as his parents travelled back and forth between England and India where Julius was still employed as a civil servant. Young Alan's brilliance in mathematics was recognized during his early schooling at St Michael's. At the age of 14 Alan was sent to Sherborne School, prestigious public school. However, his brilliance was not appreciated by his teachers who favored classical education to the more specialized field of mathematics. An indication of the inability of his teachers to grasp the genius of the man is the letter from his headmaster to his parents that if their son was to become anything remote to an educated man he would have to abandon the way he was thinking otherwise there was no place for him in a public school! Turing was not discouraged by this. All the opposite. By the age of 15 he was able to solve complex problems without even having studied calculus. At the age of 16 he was able to not only comprehend Einstein's Theory of Relativity but also extend its questioning to Newton's laws of motion. As adolescence came to a close it was time for higher studies. Turing's uninterest in the classics meant that he was not able to gain entry to his first choice, the Trinity College of Cambridge University but to his second, King's College of the same University. In his three years of formal university training he managed to graduate with distinction in 1934, and in 1935 he was elected fellow at King's college based on his dissertation on the central limit theorem. Turing's seminal paper on computability, On Computable Numbers, with an Application to the Entscheidungsproblem, was submitted in 1936. In this paper he reformulated Godel's results on bounds of proof and computability and proposed a new formalism on computability, the now famous Turing Machine (stated as Universal Machine in the paper). This machine, a theoretical apparatus being comprised of an infinite tape, a read/write head, and a state transition table, together with an alphabet and an initial state, forms the basis upon which any serial computation can be understood and simulated. The interested reader is urged to further his understanding of this machine by examining a number of references given at the end of this article. 46 | www.pliroforiki.org The Autumn of 1936 found Turing studying under Alonzo Church at the Institute for Advanced Study at Princeton University in New Jersey, USA. At the Institute in addition to mathematics he studied cryptography and binary logic, completing a large portion on an electromechanical binary multiplier. One month after obtaining his PhD in June 1938 he left to go back to England. His dissertation extended the notion of Universal Machine with the addition of oracles thus allowing for the examination of problems which cannot be solved by the original Universal Machine formulation. Back at Cambridge he attended lectures by Ludwig Wittgenstein concerning the foundations of mathematics and started working part-time with the Government Code and Cypher School (GCCS). As the clouds of World War II set upon Europe, Turing was involved in breaking German cryptographic codes, a task both difficult, exhaustive and one which required the genius of a man like Turing. At Bletchley Park, the wartime station of GCCS, Turing, building upon the Polish cryptanalysis discoveries of the early 30's offered valuable inside in breaking both the German Enigma and Lorenz ciphers. In order to do this at a practical level he devised, together with mathematician Gordon Welchman, a machine, the bombe, an electromechanical code breaker which assisted in breaking the German ciphers. The bombe was able to search for possibly correct settings of the German Luftwaffe Enigma machines and with the help of a fragment of a possible plaintext deduce whether the proposed enigma settings were valid or not. In doing so Turing was able to apply logic and logical deduction in solving a major problem through machinery. This alone was unheard off at that time. Turing, being a sucker for a challenge, set his eyes in breaking the naval Enigma code, which was more difficult than the Luftwaffe version due to the highest number of rotor positions. Through a Bayesian statistical methodology which he invented he was able to break the code in December 1940. Next in his sight was the Lorenz cipher, a significantly more complex cipher that that used in both types of Enigma machines. His work helped Tommy Flowers to build the Colossus computer, one of the first electronic programmable computers. Colossus's raw computational power was so great so that it could use brute force to break the daily changing German codes. In November of 1942 Turing traveled to the United States to assist in building with the construction of the bombe in the US. He also worked in building secure speech devices. Returning to Bletchly Park in March 1943 he continued his work on cryptanalysis and later moved to Handslope Park where is further studies electronics and worked on a portable secure speech device called Dellilah. However, being late for the war and lacking the ability to be used with long distance radio transmissions lead to the rejection of the device by the British military. In 1945 Turing was awarded the OBE award for his war time contributions to cryptography. However, much of his work remained secret for many years. It is widely accepted that his insights to a number of mathematical problems were pivotal in the development of cryptanalysis. The quality of his work was unquestionable. Three pivotal papers he wrote right before the war on three diverse mathematical problems show that had he continued on these problems he would have been able to produce exceptional results. From 1945 for a period of two years Turing worked on the design of the Automatic Computing Engine (ACE) computer at the National Physics Laboratory. ACE, one of first stored program computers. However, work on building ACE was delayed considerably due to the wartime secrecy surrounding the concepts upon which ACE was designed. This did not sit well with Turing who moved to the University of Manchester, first as a reader at the Mathematics department and then as the deputy director at the computing laboratory. This gave him the opportunity to work on software for Mark1, one of the first true general purpose digital computers. Turing’s interest on other aspects of computing such as computational intelligence, more commonly known as artificial intelligence. His famous “Turing Test” is still today considered the defining test of determining whether a machine is intelligent: a machines is deemed intelligent if a person communicating with the machine cannot determine that he/she is conversing with one. In 1948 his quest for machine intelligence has lead him to develop, together with D. Champernowne, the first chess program. However, no machine existed which could run his program so in 1952 when Turing played a game of chess with a colleague of his he had to spend half an hour simulating each and every move of the program. The end result was that he lost, but in a second game with another player, Champernowne’s wife, he managed to win. Between 1952 and 1954 Turing worked on morphogenesis, an area in mathematical biology. In a paper titled “The Chemical Basis of Morphogenesis” Turing described how patterns form in nature by using reaction-diffusion equations which are mathematical models describing the changes affected by two processes on the concentration of one or more substances distributed in space. On June 8 1954 Turing committed suicide by eating an apple laced with cyanide. However, interestingly enough the apple itself, which was found half-eaten next to his bed, was never tested for cyanide. His mother insisted that her son was accidentally poisoned due to the careless storage of various laboratory chemicals. Why would a bright man like Turing with an equally bright future and much more to offer in the world of computing, give an end to his life is not known and may never be known. What is known, however, is his troubles with the law about his homosexuality. Being exposed during an a police investigation in the break-in of his house, Turing was subsequently tried and convicted of breaking the law and charged with gross indecency under Section 11 of the Criminal Law Amendment Act 1885. Turing was given the choice of either being imprisoned or being on probation with the added condition of undergoing chemical castration. His punishment lasted for an entire year, until 1953, during which he was injected with estrogen hormone injections. In addition he was stripped of his security clearance and was prevented in dealing with any cryptographic matters. A short year later he was found dead. REFERENCES 1. Turing Machine, http://en.wikipedia.org/wiki/Turing_machine (accessed 6/6/2010) 3. Turing Machines, http://www.cs.princeton.edu/introcs/74turing/ (accessed 6/6/2010) 2. A Turing Machine in the Classic Style, http://aturingmachine.com/ (accessed 6/6/2010) www.pliroforiki.org | 47 ∫˘ÚÈ·Îfi˜ ™‡Ó‰ÂÛÌÔ˜ ¶ÏËÚÔÊÔÚÈ΋˜ Δ.£. 27038, 1641 §Â˘ÎˆÛ›· ΔËÏ. +357 22 460 680 º·Í. +357 22 767 349 www.ccs.org.cy [email protected] Cyprus Computer Society P.O. Box 27038, 1641 Nicosia Tel. +357 – 22460680 Fax. +357 – 22767349 www.ccs.org.cy [email protected]
Publication of the Cyprus Computer Society
ISSN 1450-152X
