Portunes: analyzing multi-domain insider threats

The insider threat is an important problem in securing information systems. Skilful insiders use attack vectors that yield the greatest chance of success, and thus do not limit themselves to a restricted set of attacks. They may use access rights to the facility where the system of interest resides, as well as existing relationships with employees. To secure a system, security professionals should therefore consider attacks that include non-digital aspects such as key sharing or exploiting trust relationships among employees. In this paper, we present Portunes, a framework for security design and audit, which incorporates three security domains: (1) the security of the computer system itself (the digital domain), (2) the security of the location where the system is deployed (the physical domain) and (3) the security awareness of the employees that use the system (the social domain). The framework consists of a model, a formal language and a logic. It allows security professionals to formally model elements from the three domains in a single framework, and to analyze possible attack scenarios. The logic enables formal specification of the attack scenarios in terms of state and transition properties

Building the Big Society

Papers are a contribution to the debate and set out the authors ’ views only Localism and the Big Societ

Benefits of Location-Based Access Control:A Literature Study

Location-based access control (LBAC) has been suggested as a means to improve IT security. By 'grounding' users and systems to a particular location, \ud attackers supposedly have more difficulty in compromising a system. However, the motivation behind LBAC and its potential benefits have not been investigated thoroughly. To this end, we perform a structured literature review, and examine the goals that LBAC can potentially fulfill, \ud the specific LBAC systems that realize these goals and the context on which LBAC depends. Our paper has four main contributions:\ud first we propose a theoretical framework for LBAC evaluation, based on goals, systems and context. Second, we formulate and apply criteria for evaluating the usefulness of an LBAC system. Third, we identify four usage scenarios for LBAC: open areas and systems, hospitals, enterprises, and finally data centers and military facilities. Fourth, we propose directions for future research:\ud (i) assessing the tradeoffs between location-based, physical and logical access control, (ii) improving the transparency of LBAC decision making, and \ud (iii) formulating design criteria for facilities and working environments for optimal LBAC usage

Targeting Environmental Water from Irrigators in the Murray Darling Basin

The extended dry conditions in the Murray Darling Basin have resulted in unprecedented levels of reduced water availability for both irrigators and the environment. Concerns over environmental degradation and the health of the river Murray have prompted the Federal and State Governments to cooperate in a range of environmental water restoration programs, including environmental water purchases. These programs have been subjected to varying levels of criticism as to the environmental effectiveness and the economic merit in addressing the central problem of over allocation of a spatially distributed multiple use resource. This paper investigates the economic-environmental tradeoffs under the assumption of unrestricted trade in the Basin. Using a bio-economic model of the Murray Darling Basin we will investigate the opportunity costs of not allowing unrestricted trade, and then consider alternative Environmental Water Allocations (EWAs) to environmental Icon Sites. The model suggests that if unrestricted trade was implemented across the Basin, there would be potential for massive water savings compared to the current long term average cap, and benefits to trade in the order of $96 million. The model also suggests that, under unrestricted trade, the provision of large EWA’s will lead to large reductions in water use (40 percent), however the relative reduction in agricultural value will be much less (12 percent). This brings to question the current objective of the government buybacks as a transition to the Water Act 2009 Sustainable Diversions while allowing State enforced barriers to trade.Murray Darling Basin, water, environmental flows

Mechanisms of urban change: Regeneration companies or development corporations?

This article is an early assessment of the role and performance of URCs, benchmarked against the UDC model. It identified weaknesses and vulnerability of URCs in relation to control over land