Chapter 7 Summary and Conclusions

1

Chapter 7 Summary and Conclusions

7.1 Introduction

Information and knowledge management in hazardous waste regulation compliance is a complex process in a distributed environment. An in-depth understanding of information and knowledge organization during the compliance process is necessary to assure success. Three fundamental issues must be addressed for building a realistic information and knowledge management system. First, a solid understanding of information organization and management of regulation codes is requisite. Second, an investigation of the distributive framework for the compliance process is required, and third, an investigation of information interoperability and the related architecture for supporting information and knowledge exchange for the compliance process must be addressed. Major contributions of this thesis are in the research dealing with these three issues.

7.1.1 Analysis of Information Representation of Regulation Codes

During the hazardous waste regulation compliance checking process, all checking must be based on the related regulation codes. As a result, information and knowledge representation is of critical importance in the compliance process. A systematic approach to investigate the information organization and knowledge representation for regulation codes is provided. An investigation of the complexity of information representation of the regulation codes indicates that the critical issues for modeling information and knowledge representation for regulation codes resides in how to deal with the information and knowledge structures within code provisions, and how to organize the background information to interpret the regulation codes correctly. The information uncertainties and non-monotonicity can only be resolved if we can find sufficient information and knowledge resources that can resolve such uncertainties and non-monotonicity. The implementation uses a directed graph model to set up an information representation model for the regulation codes, and based on the model, we implement compliance related information retrieval and we can check rule organization.

7.1.2 Organization of the Regulation Compliance Checking Process

Checking hazardous waste regulation compliance is a distributed process with complex information and knowledge interchanges among the compliance participants. The framework developed here provides a method for organizing distributed information and knowledge in such a process. The method employs the concept of context to provide a systematic approach for defining the scope of information and knowledge for the compliance participants and organizes the necessary information and knowledge for compliance related collaboration. Our method is based on the formal theory of context [McCarthy, 1993] and is applied to the topic of information and knowledge modeling in the distributed compliance process. In this research, we define a context as the requisite knowledge resources, knowledge content, and background knowledge bounded by a specific scope. For example, the scope of the waste generators bounds the knowledge necessary to meet the waste generators legal obligations defined in the regulation codes. The theory of context has been proposed as a means of defining the validity of information and knowledge relative to a certain scope. Formalizing contexts develops the notion of context which allows information and knowledge for fixed scopes to be utilized to more dynamic contexts where the scopes change [Maluf and Wiederhold, 1997]. The context formulation for information and knowledge organization can be readily mapped to a distributed information and knowledge processing architecture, namely, the method of mediation [Wiederhold, 1994]. Thus, the method of the context formulation provides the rational for using mediation for information and knowledge integration during a compliance checking process.

7.1.3 Information Exchange and Integration for Compliance Checking

Information and knowledge resources used for the compliance checking process are not homogeneous, but rather heterogeneous. The information representation formats for compliance related information and knowledge, both syntax and semantics, are different for each compliance participant. The issue of how to deal with the information interoperability and integration need to be addressed. A mediation based architecture for handling information interoperability and integration is proposed. Two major issues, the information interoperability for dealing with the waste stream information from waste generators and the information and knowledge integration for a compliance specific database, are thoroughly investigated using the mediation approach. We provide procedures for mediating only the information intersection, not the entire information resources in the compliance checking process. To our knowledge, this is the first attempt for formally employ the mediation method for dealing with information exchange and integration in waste regulation compliance checking processes.

7.2 Future Works

Because of the interdisciplinary scope and the complexity of the problem, research in information systems for hazardous waste regulation compliance checking is in its infancy. We make an attempt to investigate the problem by focusing primarily on three research topics described above. However, we believe we obtain only limited comprehension of these topics. There are many topics that should be studied and possibly included. Based on this research experience, the following research topics of interest and value have been identified that can be regarded as a continuation of the present study.

Two topics are directly related to the information and knowledge organization of management for regulation code. The first is building an automatic compliance checking process that depends on a flexible and sufficient information and knowledge representation for regulation codes. The second is related to the use of knowledge recovery approaches for automatically, or semi-automatically organizing compliance related information and knowledge from the original content of regulation codes.

A third topic, the information security management of compliance related data, is closely related to the distributive information collaboration during the compliance checking process. Information security management is a necessity in a realistic compliance checking environment because of the confidentiality of the compliance related data. The three topics are discussed in the following sections.

7.2.1 Flexibility in Information Representation for Regulation Codes

A directed graph based model for representing the information of regulation codes is proposed and experience indicates that the model can handle semi-structured information. The information and knowledge of the regulation codes can be mainly indexed by the original structural indexes or by meta-control information such as classification of provisions based on the function of regulation codes. In our model, we also use meta-control information to organize a sequence of regulation provisions, which is a group of provisions that can form a certain regulation checking function. Therefore, the information representation has some flexibility for information retrieval and organizing the rule sequence for regulation compliance purposes. The flexibility comes from the modeling of meta-control information of the regulation codes, and the assumption of user’s hierarchical background knowledge. However, beyond the modeled features, our model doesn’t have the ability to dynamically discover and add new attributes that may be needed during an information retrieval or a checking process.

Thus, the question must be asked as to whether it is possible to design an information and knowledge organization model that can facilitate the information retrieval and checking rule organization in a more flexible way. Such research will be of great importance if we aim to build a more intelligent information and knowledge base for the regulation compliance process. To answer the question, we must first investigate the definition of the flexible information and knowledge representation for regulation codes, the problem of the a flexible model of user’s dynamic goal structure in using the information model. We hope that the theory of probabilistic decision making together with theory of dynamic planning can contribute to the research topic.

7.2.2 Knowledge Recovery for Organizing Information Representation

In organizing the regulation compliance database from the original regulation codes, we employ a manual approach for marking up the original structure of the regulation codes to provide the basic XML representation for a directed graph based model. This process is labor intensive. When the need to mark up a large number of regulation codes is required, the question of whether the mark up process can be automated arises. This problem is related to the research topic of knowledge recovery and text mining. We need to use the knowledge recovery and mining methods to formally identify the valid, potentially useful and understandable information structure patterns in regulation codes, and then validate the soundness and completeness of the discovered patterns. Finally, we can use the discovered patterns to mark up the original regulation codes and the marked-up codes can be further used as meta-control information for information and knowledge representation for the regulation codes.

However, finding useful patterns in original regulation codes is a complex task. Further, since we deal with knowledge recovery of information within regulation codes, the accuracy needed is dictated by the regulation compliance application. Thus, the application is more demanding than normal text mining for non legal documents.

Having such complexity in mind, we may employ a more reliable method than automatic knowledge recovery and text mining techniques. We believe a mediation based semi-automatic approach that combines the knowledge recovery and text mining tools together with the knowledge input from regulation experts for accuracy monitoring is probably the right choice. More research in this area is definitely necessary for a more automatic information organization process for marking up original regulation codes.

7.2.3 Integration with Information Security Management in the Compliance Process

One of the fundamental requirement for building Internet based information management for hazardous waste regulation compliance checking is information security and its management. Most transactions of regulation compliance records occur over the Internet. But the Internet lacks the security management necessary for information exchanges [Reiter, 1994; Kaufman, etc, 1995; Gong, 1995, 1996]. Moreover, the distributed information management architecture calls for its own application level security management [Ferraiolo, 1995; Giuri, 1995; Lockhart, 1994; Ellmer, 1995; Gong, 1996; Wiederhold, etc, 1996]. Thus, information security management needs to be addressed before a realistic information system can be built for regulation compliance checking among waste generators, TSDFs, and regulators.

Current information security technologies can provide sufficient support for securing information management in the compliance checking process. What needs further study is how to efficiently model knowledge representation for security management in such a dynamic information collaboration environment. First of all, an ontology of a security information management in the compliance checking process deserves further research. Next, reifying the theoretical framework for practical implementation is needed to build a realistic information system.

During the exchange of information among different collaborating parties during hazardous waste regulation compliance, most of the interactions need authorization checking. Therefore, the key point in information security management during compliance checking is management of authorization. Thus we propose information access authorization as the focus for on-going research for information security management in the regulation compliance checking process.

For example, in building the information security management architecture, the mediation method [Qian, Wiederhold, et al., 1997] has been proposed for building the information security management in the trusted interoperation of healthcare information systems. Recent research [an on-going project by Liu and Law, 1999] in information security management enhances the mediation based information security model to deal with the management of dynamic security policy changes. It is likely the enhanced mediation based information security model can be applied to the waste regulation compliance checking process. More research is need on the integration of the information security model and the current information management system for regulation compliance checking.

7.3 Concluding Statement

The general goal of this research was to investigate the possibility of improving the information management quality for the hazardous waste regulation compliance checking process. The focus is on three information technology related topics for building a realistic information management system.

First, information and knowledge representation in regulation codes is the foundation for building an automatic compliance related information retrieval and rule checking procedure, and thus is the critical path in building an information management system for regulation compliance. The major task here is to provide an information organization and knowledge representation model that is flexible and sufficient for representing the complex structural and logical information and knowledge features in the regulation codes. It is demonstrated that such a model needs to integrate the information and knowledge from resources other than the regulation codes because the information contained in the codes may not be complete and may contain ambiguities. Therefore, compliance checking against regulation codes need the collaborations among regulation compliance participants.

Second, the process for compliance checking is complex. The distributed nature of such a process requires information and knowledge transfer and interaction. A formal model for distributed information and knowledge organization is provided and the model provides the rational for building a mediation based information and knowledge management paradigm.

Finally, a more practical issue during regulation compliance checking is the information interoperability and integration. It is shown that existing information resources for compliance prevents the possibility of unification of all information resources. It is therefore necessary to develop a more pragmatic paradigm. We show that a mediation based approach can provide the needed architecture without the need to unify the information resources.

This research can assist the development of information systems for the hazardous waste regulation compliance checking process. It is also hoped that the generic methods adopted in the information and knowledge organization model for the compliance checking process can be used in other regulation compliance related information management systems.