On the measurement of sustainability of rural water supply in India: A Supervaluationist–Degree Theory approach

The paper proposes an empirical methodology for understanding the nature and behavior of Sustainable Development as a vague and multidimensional concept by a case study of participatory and demand determined Rural Drinking water Supply systems in India. It combines for the first time, two of the most influential models – ‘Supervaluationism’ and ‘Degree Theory’- on the measurement of ‘Vagueness’, for timely public intervention in reversing the process of Un-sustainability. Analysis clearly brings out the role of institutional, financial and environmental factors that should be part of Public Policy, for ensuring sustainability of potable water supplysustainability, supervaluationism, degree theory

A Formal Approach to Combining Prospective and Retrospective Security

The major goal of this dissertation is to enhance software security by provably correct enforcement of in-depth policies. In-depth security policies allude to heterogeneous specification of security strategies that are required to be followed before and after sensitive operations. Prospective security is the enforcement of security, or detection of security violations before the execution of sensitive operations, e.g., in authorization, authentication and information flow. Retrospective security refers to security checks after the execution of sensitive operations, which is accomplished through accountability and deterrence. Retrospective security frameworks are built upon auditing in order to provide sufficient evidence to hold users accountable for their actions and potentially support other remediation actions. Correctness and efficiency of audit logs play significant roles in reaching the accountability goals that are required by retrospective, and consequently, in-depth security policies. This dissertation addresses correct audit logging in a formal framework. Leveraging retrospective controls beside the existing prospective measures enhances security in numerous applications. This dissertation focuses on two major application spaces for in-depth enforcement. The first is to enhance prospective security through surveillance and accountability. For example, authorization mechanisms could be improved by guaranteed retrospective checks in environments where there is a high cost of access denial, e.g., healthcare systems. The second application space is the amelioration of potentially flawed prospective measures through retrospective checks. For instance, erroneous implementations of input sanitization methods expose vulnerabilities in taint analysis tools that enforce direct flow of data integrity policies. In this regard, we propose an in-depth enforcement framework to mitigate such problems. We also propose a general semantic notion of explicit flow of information integrity in a high-level language with sanitization. This dissertation studies the ways by which prospective and retrospective security could be enforced uniformly in a provably correct manner to handle security challenges in legacy systems. Provable correctness of our results relies on the formal Programming Languages-based approach that we have taken in order to provide software security assurance. Moreover, this dissertation includes the implementation of such in-depth enforcement mechanisms for a medical records web application

InfoTech Update, Volume 4, Number 2, Winter 1995

https://egrove.olemiss.edu/aicpa_news/4951/thumbnail.jp

Capabilities of rule representations for automated compliance checking in healthcare buildings

A suitable rule representation is essential to enable automated compliance checking of building design. It encapsulates engineering knowledge and facilitates an adequate interpretation of design standards. However, existing methods have achieved limited capabilities to represent rules for automated compliance checking. Thus, they merely worked for limited types of rules. This paper aims to identify capabilities needed for rule representation by using healthcare design regulations as an example. It can serve as a foundation for developing rule engines and compliance-checking systems in the future. A four-step process was used to systematically analyse six healthcare building regulations in rule-oriented and implementation aspects. The results showed 18 capabilities for healthcare rule representation, where 16 are required, and two are desirable. This research is valuable to researchers and practitioners by providing a checklist for future representation development and criteria for assessing rule representation methods

Towards Semantic Interoperability for IT Governance: An Ontological Approach

In today's IT-centric environment, businesses rely more heavily on IT technologies. Organizations are often obliged to satisfy different requirements demanded and imposed by customers, business partners and legal entities. With increasing regulatory requirements, various best practices and standards are phenomenally employed to benchmark organizational adherence to different regulations. In a heterogeneous, multi-regulated, multi-disciplined and global environment, corporations are often required to consult with multiple standards. Interoperability between the standards for heterogeneous compliance management in the forms of semantic data translation and data integration is subsequently required. Semantic translation between standards allows compliance efforts established on a standard to be based on another standard. On the other hand, semantic data integration enables an integrated view of multiple standards. We present in this paper an ontology-based approach to the semantic interoperability problem in the domain of IT governance