Common Representation of Information Flows for Dynamic Coalitions

We propose a formal foundation for reasoning about access control policies within a Dynamic Coalition, defining an abstraction over existing access control models and providing mechanisms for translation of those models into information-flow domain. The abstracted information-flow domain model, called a Common Representation, can then be used for defining a way to control the evolution of Dynamic Coalitions with respect to information flow

Data Confidentiality in Mobile Ad hoc Networks

Mobile ad hoc networks (MANETs) are self-configuring infrastructure-less networks comprised of mobile nodes that communicate over wireless links without any central control on a peer-to-peer basis. These individual nodes act as routers to forward both their own data and also their neighbours' data by sending and receiving packets to and from other nodes in the network. The relatively easy configuration and the quick deployment make ad hoc networks suitable the emergency situations (such as human or natural disasters) and for military units in enemy territory. Securing data dissemination between these nodes in such networks, however, is a very challenging task. Exposing such information to anyone else other than the intended nodes could cause a privacy and confidentiality breach, particularly in military scenarios. In this paper we present a novel framework to enhance the privacy and data confidentiality in mobile ad hoc networks by attaching the originator policies to the messages as they are sent between nodes. We evaluate our framework using the Network Simulator (NS-2) to check whether the privacy and confidentiality of the originator are met. For this we implemented the Policy Enforcement Points (PEPs), as NS-2 agents that manage and enforce the policies attached to packets at every node in the MANET.Comment: 12 page

Some Observations Along the Road to “National Information Power”

This thesis consist of the following three papers. Convex hull of face vectors of colored complexes. In this paper we verify a conjecture by Kozlov (Discrete ComputGeom18(1997) 421–431), which describes the convex hull of theset of face vectors ofr-colorable complexes onnvertices. As partof the proof we derive a generalization of Turán’s graph theorem. Cellular structure for the Herzog–Takayama Resolution. Herzog and Takayama constructed explicit resolution for the ide-als in the class of so called ideals with a regular linear quotient.This class contains all matroidal and stable ideals. The resolu-tions of matroidal and stable ideals are known to be cellular. Inthis note we show that the Herzog–Takayama resolution is alsocellular. Clique Vectors ofk-Connected Chordal Graphs. The clique vectorc(G)of a graphGis the sequence(c1,c2,...,cd)inNd, whereciis the number of cliques inGwithivertices anddis the largest cardinality of a clique inG. In this note, we usetools from commutative algebra to characterize all possible cliquevectors ofk-connected chordal graphs.QC 20140513</p

A Design of MAC Model Based on the Separation of Duties and Data Coloring: DSDC-MAC

Among the access control methods for database security, there is Mandatory Access Control (MAC) model in which the security level is set to both the subject and the object to enhance the security control. Legacy MAC models have focused only on one thing, either confidentiality or integrity. Thus, it can cause collisions between security policies in supporting confidentiality and integrity simultaneously. In addition, they do not provide a granular security class policy of subjects and objects in terms of subjects\u27 roles or tasks. In this paper, we present the security policy of Bell_LaPadula Model (BLP) model and Biba model as one complemented policy. In addition, Duties Separation and Data Coloring (DSDC)-MAC model applying new data coloring security method is proposed to enable granular access control from the viewpoint of Segregation of Duty (SoD). The case study demonstrated that the proposed modeling work maintains the practicality through the design of Human Resources management System. The proposed model in this study is suitable for organizations like military forces or intelligence agencies where confidential information should be carefully handled. Furthermore, this model is expected to protect systems against malicious insiders and improve the confidentiality and integrity of data

Governance of Dual-Use Technologies: Theory and Practice

The term dual-use characterizes technologies that can have both military and civilian applications. What is the state of current efforts to control the spread of these powerful technologies—nuclear, biological, cyber—that can simultaneously advance social and economic well-being and also be harnessed for hostile purposes? What have previous efforts to govern, for example, nuclear and biological weapons taught us about the potential for the control of these dual-use technologies? What are the implications for governance when the range of actors who could cause harm with these technologies include not just national governments but also non-state actors like terrorists? These are some of the questions addressed by Governance of Dual-Use Technologies: Theory and Practice, the new publication released today by the Global Nuclear Future Initiative of the American Academy of Arts and Sciences. The publication's editor is Elisa D. Harris, Senior Research Scholar, Center for International Security Studies, University of Maryland School of Public Affairs. Governance of Dual-Use Technologies examines the similarities and differences between the strategies used for the control of nuclear technologies and those proposed for biotechnology and information technology. The publication makes clear the challenges concomitant with dual-use governance. For example, general agreement exists internationally on the need to restrict access to technologies enabling the development of nuclear weapons. However, no similar consensus exists in the bio and information technology domains. The publication also explores the limitations of military measures like deterrence, defense, and reprisal in preventing globally available biological and information technologies from being misused. Some of the other questions explored by the publication include: What types of governance measures for these dual-use technologies have already been adopted? What objectives have those measures sought to achieve? How have the technical characteristics of the technology affected governance prospects? What have been the primary obstacles to effective governance, and what gaps exist in the current governance regime? Are further governance measures feasible? In addition to a preface from Global Nuclear Future Initiative Co-Director Robert Rosner (University of Chicago) and an introduction and conclusion from Elisa Harris, Governance of Dual-Use Technologiesincludes:On the Regulation of Dual-Use Nuclear Technology by James M. Acton (Carnegie Endowment for International Peace)Dual-Use Threats: The Case of Biotechnology by Elisa D. Harris (University of Maryland)Governance of Information Technology and Cyber Weapons by Herbert Lin (Stanford University

A Survey of Access Control Models in Wireless Sensor Networks

Copyright 2014 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/)Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.Peer reviewe

Security: Collective good or commodity?

This is the author's accepted manuscript. The final published article is available from the link below. Copyright @ 2008 Sage.The state monopoly on the legitimate use of violence in Europe and North America has been central to the development of security as a collective good. Not only has it institutionalized the state as the prime national and international security provider, it has helped to reduce the threat from other actors by either prohibiting or limiting their use of violence. The recent growth of the private security industry appears to undermine this view. Not only are private security firms proliferating at the national level; private military companies are also taking over an increasing range of military functions in both national defence and international interventions. This article seeks to provide an examination of the theoretical and practical implications of the shift from states to markets in the provision of security. Specifically, it discusses how the conceptualization of security as a commodity rather than a collective good affects the meaning and implementation of security in Western democracies.ESR

The Political and Economic Context of European defence R&D

Along with all other defence-related issues, defence research is a controversial area for EU action. Until recently, defence issues have not figured prominently among EU policy discussions and defence research has played little, if any, role in European technology policy. Although the Framework Programme is funding research projects that could have potential military applications in addition to their explicit civilian goals, there is no strategy on how to address such "dual-use" research activities. Yet, this paper argues that the interaction between technologies developed for civilian and for military use has led to a situation in which it is increasingly difficult to refer to distinct military and civilian technology bases. From the point of view of policy formulation a strict separation between defence and civilian technologies is increasingly appearing as anachronistic. The extent to which "dual-use" research will be explicitly considered in the development of the 6th Framework Programme will again emerge as a matter of debate. The paper presents and discusses different avenues through which dual-use and defence-related research could be given formal consideration in the development and implementation of the 6th Framework Programme.EU research policy, defence, "dual-use" research

Defense R&D and information technology in a long-term perspective la rd militaire et les technologies de l'information en longue période

Defense R&D is usually considered as an economic burden, implying an eviction effect on civilian R&D and perverting the national systems of innovation. If arms production benefits nowadays from advanced civilian R&D, the flow of technology was not always in the same direction–especially in the 1950s and 1960s. Moreover, since the beginning of the 1990s, some technologies, classified for a long time as purely defense ones (GaAs, GPS, computer networking, etc.), have found new civilian applications. Why technological opportunities created by defense R&D are not systematically seized by commercial firms? First, technology transfers come true only when a legal framework exists and allows commercial firms to get access to the « military technological fund ». Second, the global economic context appears as the greatest incentive to engage civilian firms in exploiting defense technologies, as an investment opportunity. In a long-term perspective, when specific conditions are set up or exist, defense R&D can become a means of strengthening the international competitiveness of national economies. La RD de défense est souvent considérée comme un fardeau pour l'économie, impliquant un effet d'éviction sur la RD civile et pervertissant le système national d'innovation. Si la production d'armements profite aujourd'hui des avancées de la RD civile, le flot de technologies n'a pas toujours été dans la même direction – tout particulièrement dans les années 1950 et 1960. De plus, depuis le début des années 1990, quelques technologies, longtemps classées comme purement militaires (GaAs, GPS, réseaux informatiques, etc.), ont trouvé de nouvelles applications civiles. Pour quelles raisons les opportunités technologiques créées par la R&D de défense ne sont-elles pas systématiquement saisies par les firmes commerciales ? Premièrement, les transferts de technologies se concrétisent seulement quand un cadre légal existe et autorise les firmes commerciales à avoir accès au « fonds technologique militaire ». Deuxièmement, le contexte économique global constitue une incitation importante pour engager les firmes civiles à exploiter les technologies de défense. Dans une perspective de longue période, quand les conditions idoines sont mises en place ou existent, la RD de défense peut ainsi devenir un moyen de renforcer la compétitivité internationale des économies nationales.Defense R&D, Information Technology, international Competitiveness, Global Positioning System, Networking