Cloud Security : A Review of Recent Threats and Solution Models

The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)

Teacher Evaluator Training & Certification: Lessons Learned From the Measures of Effective Teaching Project

Makes recommendations for the design and implementation of programs to train and certify principals in conducting teacher evaluations, including content, format, and length of training, scoring practice, and criteria for certification tests

Increased security through open source

In this paper we discuss the impact of open source on both the security and transparency of a software system. We focus on the more technical aspects of this issue, combining and extending arguments developed over the years. We stress that our discussion of the problem only applies to software for general purpose computing systems. For embedded systems, where the software usually cannot easily be patched or upgraded, different considerations may apply

Air Traffic Safety: continued evolution or a new Paradigm.

The context here is Transport Risk Management. Is the philosophy of Air Traffic Safety different from other modes of transport? – yes, in many ways, it is. The focus is on Air Traffic Management (ATM), covering (eg) air traffic control and airspace structures, which is the part of the aviation system that is most likely to be developed through new paradigms. The primary goal of the ATM system is to control accident risk. ATM safety has improved over the decades for many reasons, from better equipment to additional safety defences. But ATM safety targets, improving on current performance, are now extremely demanding. What are the past and current methodologies for ATM risk assessment; and will they work effectively for the kinds of future systems that people are now imagining and planning? The title contrasts ‘Continued Evolution’ and a ‘New Paradigm’. How will system designers/operators assure safety with traffic growth and operational/technical changes that are more than continued evolution from the current system? What are the design implications for ‘new paradigms’, such as the USA’s ‘Next Generation Air Transportation System’ (NextGen) and Europe’s Single European Sky ATM Research Programme (SESAR)? Achieving and proving safety for NextGen and SESAR is an enormously tough challenge. For example, it will need to cover system resilience, human/automation issues, software/hardware performance/ground/air protection systems. There will be a need for confidence building programmes regarding system design/resilience, eg Human-in-the-Loop simulations with ‘seeded errors’