A FIREWALL MODEL OF FILE SYSTEM SECURITY

File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux

Regulatory incentives and financial reporting quality in public healthcare organisations

English National Health Service Foundation Trusts are subject to a regulatory regime in which the level of monitoring and intervention is determined by performance against two key performance metrics: a ‘financial risk rating’, based on a number of performance metrics, such as the reported surplus margin and return on assets, and a ‘prudential borrowing limit’. In this paper, we investigate the variation in financial reporting quality, proxied by discretionary accruals, with the incentives introduced by this regime. We find: first, that discretionary accruals are managed to report small surpluses; second, that, consistent with the avoidance of regulatory intervention in both the short and medium term, discretionary accruals are more positive when pre-managed performance is below intervention triggering thresholds and more negative when well above threshold; third, that, despite a move away from financial breakeven as the primary performance objective, there remains an aversion to small loss reporting. We further find that the level of discretionary accruals is driven by two metrics of strategic significance: the surplus margin (a measure of retained earnings) and the prudential borrowing limit (a measure of borrowing capacity)

HELIN Cataloging Policies and Procedures Manual

HELIN Cataloging Manual - Nov. 2011 revisio

The influence of banks on auditor choice and auditor reporting in Japan

Debt as opposed to equity as the major source of financing and the influence of banks on the corporate governance of listed companies are unique features of the Japanese business environment. This thesis investigates how these features affect the choice of auditor by Japanese listed companies and auditor reporting by Japanese CPA firms on those companies. Pong and Kita (2006) provided some univariate analyses and indicated that Japanese companies tended to select the same external auditors as their main banks to reduce the agency costs. In this thesis, I further examine the influence of main banks on auditor selection by logistic regression and also investigate the influence of main banks on auditor reporting quality after controlling self-selection bias. Using data from Japanese listed companies in the Tokyo Stock Exchange over the 2002-2008 period, I provide empirical evidence that companies with more reliance on main bank loans are more likely to choose their main banks’ external auditors. Using the Propensity Score Matching method and the Heckman two-step binary probit model to control for self-selection bias, the empirical results support the hypothesis that main bank auditors are more likely to issue modified opinions to the borrowing companies than non-main bank auditors, providing evidence of higher audit quality from main bank auditors. As a sensitivity test, I also use discretionary accruals as a measure of audit quality. the results indicate that companies who choose the same auditors as their main banks have higher audit quality than companies who choose different auditors from their main banks. My thesis contributes to the existing auditing literature in several ways. First, by studying the influence of debt financing on auditor choice and auditor reporting, this thesis extends the auditor market research that focuses mainly on the role of auditors in equity markets to the bank-based market. Furthermore, this thesis also complements auditing research on the influence of institutions on audit quality

Common Representation of Information Flows for Dynamic Coalitions

We propose a formal foundation for reasoning about access control policies within a Dynamic Coalition, defining an abstraction over existing access control models and providing mechanisms for translation of those models into information-flow domain. The abstracted information-flow domain model, called a Common Representation, can then be used for defining a way to control the evolution of Dynamic Coalitions with respect to information flow

Information Flow Model for Commercial Security

Information flow in Discretionary Access Control (DAC) is a well-known difficult problem. This paper formalizes the fundamental concepts and establishes a theory of information flow security. A DAC system is information flow secure (IFS), if any data never flows into the hands of owner’s enemies (explicitly denial access list.