Combined Security and Schedulability Analysis for MILS Real-Time Critical Architectures

Real-time critical systems have to comply with stringent timing constraints, otherwise, disastrous consequences can occur at runtime. A large effort has been made to propose models and tools to verify timing constraints by schedulability analysis at the early stages of system designs. Fewer efforts have been made on verifying the security properties in these systems despite the fact that sinister consequences can also happen if these properties are compromised. In this article, we investigate how to jointly verify security and timing constraints. We show how to model a security architecture (MILS) and how to verify both timing constraints and security properties. Schedulability is investigated by the mean of scheduling analysis methods implemented into the Cheddar scheduling analyzer. Experiments are conducted to show the impact that improving security has on the schedulability analysis

Coopetition and innovation. Lessons from worker cooperatives in the Spanish machine tool industry

This is an electronic version of the accepted paper in Journal of Business & Industrial Marketing[EN] Purpose – This paper aims to investigate how the implementation of the inter-cooperation principle among Spanish machine-tool cooperatives helps them to coopete–collaborate with competitors, in their innovation and internationalization processes and achieve collaborative advantages. Design/methodology/approach – The paper uses a multi-case approach based on interviews with 15 CEOs and research and development (R&D) managers, representing 14 Spanish machine tool firms and institutions. Eight of these organizations are worker-cooperatives.. Findings – Worker -cooperatives achieve advantages on innovation and internationalization via inter-cooperation (shared R&D units, joint sales offices, joint after-sale services, knowledge exchange and relocation of key R&D technicians and managers). Several mutual bonds and ties among cooperatives help to overcome the risk of opportunistic behaviour and knowledge leakage associated to coopetition. The obtained results give some clues explaining to what extent and under which conditions coopetitive strategies of cooperatives are transferable to other types of ownership arrangements across sectors. Practical implications – Firms seeking cooperation with competitors in their R&D and internationalization processes can learn from the coopetitive arrangements analyzed in the paper. Social implications – Findings can be valuable for sectoral associations and public bodies trying to promote coopetition and alliances between competitors as a means to benefit from collaborative advantages. Originality/value – Focusing on an “ideal type” of co-operation -cooperative organisationsand having access to primary sources, the paper shows to what extent (and how) strong coopetitive structures and processes foster innovation and internationalization

Security assessment methodology for isolated systems of a certain class

This paper introduces security assessment methodology for isolated single-workstation multilayer systems processing sensitive or classified data according with a corresponding security model for such system. The document provides a high-level tool for systematizing certain-class-systems security models development. The models based on the introduced methodology cover data confidentiality and availability attributes protection on a sufficient level

DATABASE SECURITY

Ensuring the security of databases is a complex issue. The more complex the databases are the more complex the security measures that are to be applied are. Network and Internet connections to databases may complicate things even further. Also, each and every additional internal user that would be added can create further serious security problems. The purpose of this paper is to highlight and identify the main methods and facets of attack on a database, as well as ways to deflect attacks, through focusing on the delicate issue of data inference.This paper will examine the different topics related to database security and see the adaption of the research to the changing environment

Mitigating security breaches through insurance: Logit and Probit models for quantifying e-risk

The common e-threats deterring ecommerce are identity theft, hacking, virus attack, graffiti, phishing, Denial of Service (DoS), sabotage by disgruntled employees, loss of laptop, financial fraud and telecom driven frauds. These discourage users from online transactions. Organizations spend millions of dollars to implement the latest perimeter and core security technologies, to deter malicious attackers and to ensure confidentiality, integrity and availability of data. Yet, security breaches are common. It results in loss of opportunity cost, market capitalization and brand equity for organizations. We propose e-risk insurance as a strategy to supplement the security technologies, and to mitigate these financial losses. In this paper, we propose two generalized linear models (GLM) namely Logit and Probit for quantification of the probability of an e-threat, using CSI/FBI data. We also compute the expected loss amount for organizations using collective risk model. Based on it, we ascertain the net premium to be accrued to the insurance companies