Dynamic trust negotiation for decentralised e-health collaborations

In the Internet-age, the geographical boundaries that have previously impinged upon inter-organisational collaborations have become decreasingly important. Of more importance for such collaborations is the notion and subsequent nature of security and trust - this is especially so in open collaborative environments like the Grid where resources can be both made available, subsequently accessed and used by remote users from a multitude of institutions with a variety of different privileges spanning across the collaboration. In this context, the ability to dynamically negotiate and subsequently enforce security policies driven by various levels of inter-organisational trust is essential. Numerous access control solutions exist today to address aspects of inter-organisational security. These include the use of centralised access control lists where all collaborating partners negotiate and agree on privileges required to access shared resources. Other solutions involve delegating aspects of access right management to trusted remote individuals in assigning privileges to their (remote) users. These solutions typically entail negotiations and delegations which are constrained by organisations, people and the static rules they impose. Such constraints often result in a lack of flexibility in what has been agreed; difficulties in reaching agreement, or once established, in subsequently maintaining these agreements. Furthermore, these solutions often reduce the autonomous capacity of collaborating organisations because of the need to satisfy collaborating partners demands. This can result in increased security risks or reducing the granularity of security policies. Underpinning this is the issue of trust. Specifically trust realisation between organisations, between individuals, and/or between entities or systems that are present in multi-domain authorities. Trust negotiation is one approach that allows and supports trust realisation. The thesis introduces a novel model called dynamic trust negotiation (DTN) that supports n-tier negotiation hops for trust realisation in multi-domain collaborative environments with specific focus on e-Health environments. DTN describes how trust pathways can be discovered and subsequently how remote security credentials can be mapped to local security credentials through trust contracts, thereby bridging the gap that makes decentralised security policies difficult to define and enforce. Furthermore, DTN shows how n-tier negotiation hops can limit the disclosure of access control policies and how semantic issues that exist with security attributes in decentralised environments can be reduced. The thesis presents the results from the application of DTN to various clinical trials and the implementation of DTN to Virtual Organisation for Trials of Epidemiological Studies (VOTES). The thesis concludes that DTN can address the issue of realising and establishing trust between systems or agents within the e-Health domain, such as the clinical trials domain

Techniques for Application-Aware Suitability Analysis of Access Control Systems

Access control, the process of selectively restricting access to a set of resources, is so fundamental to computer security that it has been called the field's traditional center of gravity. As such, a wide variety of systems have been proposed for representing, managing, and enforcing access control policies. Prior work on evaluating access control systems has primarily relied on relative expressiveness analysis, which proves that one system has greater capabilities than another. Although expressiveness is a meaningful basis for comparing access control systems, it does not consider the application in which the system will be deployed. Furthermore, expressiveness is not necessarily a useful way to rank systems; if two systems are expressive enough for a given application, little benefit is derived from choosing the one that has greater expressiveness. On the contrary, many of the concerns that arise when choosing an access control system can be negatively impacted by additional expressiveness: a system that is too complex is often harder to specify policies in, less efficient, or harder to reason about from the perspective of security guarantees. To address these shortcomings, we propose the access control suitability analysis problem, and present a series of techniques for solving it. Suitability analysis evaluates access control systems against the specific demands of the application within which they will be used, and considers a wide range of both expressiveness and ordered cost metrics. To conduct suitability analysis, we present a two-phase framework consisting of formal reductions for proving qualitative suitability and simulation techniques for evaluating quantitative suitability. In support of this framework we present a fine-grained lattice of reduction properties, as well as Portuno, a flexible simulation engine for conducting cost analysis of access control systems. We evaluate our framework formally, by proving that it satisfies a series of technical requirements, and practically, by presenting several case studies demonstrating its use in conducting analysis in realistic scenarios

A Formal Approach to Specification, Analysis and Implementation of Policy-Based Systems

The design of modern computing systems largely exploits structured sets of declarative rules called policies. Their principled use permits controlling a wide variety of system aspects and achieving separation of concerns between the managing and functional parts of systems. These so-called policy-based systems are utilised within different application domains, from network management and autonomic computing to access control and emergency handling. The various policy-based proposals from the literature lack however a comprehensive methodology supporting the whole life-cycle of system development: specification, analysis and implementation. In this thesis we propose formally-defined tool-assisted methodologies for supporting the development of policy-based access control and autonomic computing systems. We first present FACPL, a formal language that defines a core, yet expressive syntax for the specification of attribute-based access control policies. On the base of its denotational semantics, we devise a constraint-based analysis approach that enables the automatic verification of different properties of interest on policies. We then present PSCEL, a FACPL-based formal language for the specification of autonomic computing systems. FACPL policies are employed to enforce authorisation controls and context-dependent adaptation strategies. To statically point out the effects of policies on system behaviours, we rely again on a constraint-based analysis approach and reason on progress properties of PSCEL systems. The implementation of the languages and their analyses provides us some practical software tools. The effectiveness of the proposed solutions is illustrated through real-world case studies from the e-Health and autonomic computing domains

Semantic role-based access control

In this thesis we propose two semantic ontological role-based access control (RBAC) reasoning processes. These processes infer user authorisations according to a set of role permission and denial assignments, together with user role assignments. The first process, SO-RBAC (Semantic Ontological Role-Based Access Control) uses OWL-DL to store the ontology, and SWRL to perform reasoning. It is based mainly on RBAC models previously described using Prolog. This demonstrates the feasibility of writing an RBAC model in OWL and performing reasoning inside it, but is still tied closely to descriptive logic concepts, and does not effectively exploit OWL features such as the class hierarchy. To fully exploit the capabilities of OWL, it was necessary to enhance the SO-RBAC model by programming it in OWL-Full. The resulting OWL-Full model, ESO-RBAC (Enhanced Semantic Ontological Role-Based Access Control), uses Jena for performing reasoning, and allows an object-oriented definition of roles and of data items. The definitions of roles as classes, and users as members of classes representing roles, allows user-role assignments to be defined in a way that is natural to OWL. All information relevant to determining authorisations is stored in the ontology. The resulting RBAC model is more flexible than models based on predicate logic and relational database systems. There are three motivations for this research. First, we found that relational database systems do not implement all of the features of RBAC that we modelled in Prolog. Furthermore, implementations of RBAC in database management systems is always vendor-specific, so the user is dependent on a particular vendor's procedures when granting permissions and denials. Second, Prolog and relational database systems cannot naturally represent hierarchical data, which is the backbone of any semantic representation of RBAC models. An RBAC model should be able to infer user authorisations from a hierarchy of both roles and data types, that is, determine permission or denial from not just the type of role (which may include sub-roles), but also the type of data (which may include sub-types). Third, OWL reasoner-enabled ontologies allow us to describe and manipulate the semantics of RBAC differently, and consequently to address the previous two problems efficiently. The contribution of this thesis is twofold. First, we propose semantic ontological reasoning processes, which are domain and implementation independent, and can be run from any distributed computing environment. This can be developed through integrated development environments such as NetBeans and using OWL APIs. Second, we have pioneered a way of exploiting OWL and its reasoners for the purpose of defining and manipulating the semantics of RBAC. Therefore, we automatically infer OWL concepts according to a specific stage that we define in our proposed reasoning processes. OWL ontologies are not static vocabularies of terms and constraints that define the semantics of RBAC. They are repositories of concepts that allow ad-hoc inference, with the ultimate goal in RBAC of granting permissions and denials

Data bases and data base systems related to NASA's aerospace program. A bibliography with indexes

This bibliography lists 1778 reports, articles, and other documents introduced into the NASA scientific and technical information system, 1975 through 1980

Law and Development in East and South-East Asia

During the 1980s and 1990s Asian 'developmental states' attracted much attention in political science and economics literature, but the role of law in the economic development was neglected. It was only after the Asian crisis of 1997 that many analysts began to focus on a lack of regulation and transparency as a major factor triggering the crisis. The crucial questions now are how successful the current reforms will be, and which features of the Asian approach to commercial law will be resistant to reform pressures. This book examines the prospects for commercial law reform in Asia, giving particular attention to Japan and Singapore, as frequently cited role models for Asian developmentalism, and also examining development related business laws in countries such as China, Korea, Indonesia, Malaysia, Vietnam and the Philippines

Law and Development in East and South-East Asia

During the 1980s and 1990s Asian 'developmental states' attracted much attention in political science and economics literature, but the role of law in the economic development was neglected. It was only after the Asian crisis of 1997 that many analysts began to focus on a lack of regulation and transparency as a major factor triggering the crisis. The crucial questions now are how successful the current reforms will be, and which features of the Asian approach to commercial law will be resistant to reform pressures. This book examines the prospects for commercial law reform in Asia, giving particular attention to Japan and Singapore, as frequently cited role models for Asian developmentalism, and also examining development related business laws in countries such as China, Korea, Indonesia, Malaysia, Vietnam and the Philippines