A Few Remarks About Formal Development of Secure Systems

Formal methods provide remarkable tools allowing for high levels of confidence in the correctness of developments. Their use is therefore encouraged, when not required, for the development of systems in which safety or security is mandatory. But effectively specifying a secure system or deriving a secure implementation can be tricky. We propose a review of some classical `gotchas' and other possible sources of concerns with the objective to improve the confidence in formal developments, or at least to better assess the actual confidence level.Comment: 10 page

Redefining managerial effectiveness in a multilevel organization : a structurationist account

Many organization theories consist of an interpretation frame and an idea about the ideal equilibrium state. This article explains how the equilibrium concept is used in four organization theories: the theories of Fayol, Mintzberg, Morgan, and Volberda. Equilibrium can be defined as balance, fit or requisite variety. Equilibrium is related to observables dependent on the definition of organization as work organization, formal organization or artifact organization. Equilibrium can be explicitly related to performance in the theory used, enabling cross-sectional research. The discussed theories can be mapped on a state space model in a way that clarifies the equilibrium concept, namely a mu-space (Fayol and Morgan), or a gamma-space (Mintzberg and Volberda). 1 Prof.dr. Henk W.M. Gazendam is professor of Information Systems in the Public Sector at the Faculty of Public Administration at Twente University and associate professor of Information Strategy at the Faculty of Management and Organization at Groningen University (P.O.Box 800, NL-9700-AV Groningen, The Netherlands, tel +31-50-3637078, email [email protected]). 2 Contribution to the Computational and Mathematical Organization Theory Workshop, May 3 and 4, 1996, Washington Hilton & Towers. 3 The author wishes to thank Vincent Homburg for his valuable comments.

Cryptographic techniques used to provide integrity of digital content in long-term storage

The main objective of the project was to obtain advanced mathematical methods to guarantee the verification that a required level of data integrity is maintained in long-term storage. The secondary objective was to provide methods for the evaluation of data loss and recovery. Additionally, we have provided the following initial constraints for the problem: a limitation of additional storage space, a minimal threshold for desired level of data integrity and a defined probability of a single-bit corruption. With regard to the main objective, the study group focused on the exploration methods based on hash values. It has been indicated that in the case of tight constraints, suggested by PWPW, it is not possible to provide any method based only on the hash values. This observation stems from the fact that the high probability of bit corruption leads to unacceptably large number of broken hashes, which in turn stands in contradiction with the limitation for additional storage space. However, having loosened the initial constraints to some extent, the study group has proposed two methods that use only the hash values. The first method, based on a simple scheme of data subdivision in disjoint subsets, has been provided as a benchmark for other methods discussed in this report. The second method ("hypercube" method), introduced as a type of the wider class of clever-subdivision methods, is built on the concept of rewriting data-stream into a n-dimensional hypercube and calculating hash values for some particular (overlapping) sections of the cube. We have obtained interesting results by combining hash value methods with error-correction techniques. The proposed framework, based on the BCH codes, appears to have promising properties, hence further research in this field is strongly recommended. As a part of the report we have also presented features of secret sharing methods for the benefit of novel distributed data-storage scenarios. We have provided an overview of some interesting aspects of secret sharing techniques and several examples of possible applications

Models for Change: Building Momentum for Juvenile Justice Reform

Models for Change: Building Momentum for Juvenile Justice Reform tells the story of how innovative state leaders from across the country are creating a new path toward fair, rational, effective and developmentally appropriate models for juvenile justice reform. Pennsylvania, Illinois, Louisiana and Washington are already moving to reform and reshape their juvenile justice systems. These states have demonstrated strong leadership in juvenile justice policy, value collaboration and engagement and, because of their efforts, have changed the political climate to make deeper systems reform possible. Models for Change, a new initiative from the John D. and Catherine T. MacArthur Foundation, is seeking to build on their efforts in the hope that these states develop new model policies, practices and procedures that will strengthen their reform work, and possibly represent changes that could be replicated in other states

General meetings in listed companies : new challenges and opportunities

The issues that are discussed in the following derive from consultations with Member states of the OECD during the June 2000 preparatory meeting. Paper, prepared for the OECD Conference "Company Law Reform in OECD Countries: A Comparative Outlook on Current Trends Stockholm", Dec. 7-8, 2000

Chasing diagrams in cryptography

Cryptography is a theory of secret functions. Category theory is a general theory of functions. Cryptography has reached a stage where its structures often take several pages to define, and its formulas sometimes run from page to page. Category theory has some complicated definitions as well, but one of its specialties is taming the flood of structure. Cryptography seems to be in need of high level methods, whereas category theory always needs concrete applications. So why is there no categorical cryptography? One reason may be that the foundations of modern cryptography are built from probabilistic polynomial-time Turing machines, and category theory does not have a good handle on such things. On the other hand, such foundational problems might be the very reason why cryptographic constructions often resemble low level machine programming. I present some preliminary explorations towards categorical cryptography. It turns out that some of the main security concepts are easily characterized through the categorical technique of *diagram chasing*, which was first used Lambek's seminal `Lecture Notes on Rings and Modules'.Comment: 17 pages, 4 figures; to appear in: 'Categories in Logic, Language and Physics. Festschrift on the occasion of Jim Lambek's 90th birthday', Claudia Casadio, Bob Coecke, Michael Moortgat, and Philip Scott (editors); this version: fixed typos found by kind reader

Laws of Thought and Laws of Logic after Kant

George Boole emerged from the British tradition of the “New Analytic”, known for the view that the laws of logic are laws of thought. Logicians in the New Analytic tradition were influenced by the work of Immanuel Kant, and by the German logicians Wilhelm Traugott Krug and Wilhelm Esser, among others. In his 1854 work An Investigation of the Laws of Thought on Which are Founded the Mathematical Theories of Logic and Probabilities, Boole argues that the laws of thought acquire normative force when constrained to mathematical reasoning. Boole’s motivation is, first, to address issues in the foundations of mathematics, including the relationship between arithmetic and algebra, and the study and application of differential equations (Durand-Richard, van Evra, Panteki). Second, Boole intended to derive the laws of logic from the laws of the operation of the human mind, and to show that these laws were valid of algebra and of logic both, when applied to a restricted domain. Boole’s thorough and flexible work in these areas influenced the development of model theory (see Hodges, forthcoming), and has much in common with contemporary inferentialist approaches to logic (found in, e.g., Peregrin and Resnik)

Clarifying Conversations: Understanding Cultural Difference in Philosophical Education

The goal of this essay is to explain how Wittgenstein's philosophy may be helpful for understanding and addressing challenges to cross-cultural communication in educational contexts. In particular, the notions of “hinge,” “intellectual distance,” and “grounds” from On Certainty will be helpful for identifying cultural differences. Wittgenstein's dialogical conception of philosophy in Philosophical Investigations will be helpful for addressing that cultural difference in conversation. While here can be no panacea to address all potential sources of confusion, Wittgenstein's philosophy has strong resources that are helpful for curbing some of our human tendencies to misunderstand other people

The SECURE collaboration model

The SECURE project has shown how trust can be made computationally tractable while retaining a reasonable connection with human and social notions of trust. SECURE has produced a well-founded theory of trust that has been tested and refined through use in real software such as collaborative spam filtering and electronic purse. The software comprises the SECURE kernel with extensions for policy specification by application developers. It has yet to be applied to large-scale, multi-domain distributed systems taking different application contexts into account. The project has not considered privacy in evidence distribution, a crucial issue for many application domains, including public services such as healthcare and police. The SECURE collaboration model has similarities with the trust domain concept, embodying the interaction set of a principal, but SECURE is primarily concerned with pseudonymous entities rather than domain-structured systems