Modeling in Confidentiality and Integrity for a Supply Chain Network

Bell-LaPadula Model and Markov Chain Model are used for supply chain networks in the previous literature. However, Bell-LaPadula Model only considers the confidentiality aspect of security. Markov Chain Model is used to simulate the dynamics of the security states. In a typical supply chain network, the integrity of business transactions should be as important as confidentiality of those transactions. The purpose of this paper is to apply Clark-Wilson model to the supply chain network integrity. The major concepts of the Clark-Wilson model such as separation of duty, constrained data items, well-formed transactions, and transform procedures are applied to different situations of a supply chain network

Commercial Integrity, Roles And Object-orientation

This thesis presents a study of realizing commercial security, as defined in the Clark and Wilson Model (CW87), using Object-Oriented (O-O) concepts.;Role-based security is implied in the Clark and Wilson model in which specified operations are grouped to compose roles. This approach to protection is suitable for applications involving large numbers of users with overlapping user requirements and/or where there is a large number of objects. It presents a flexible (hence adaptive) means for enforcing differing ranges of security policies. It enforces the principle of least privilege, hence minimizing the risk of Trojan horse attacks.;Consequently, in part, this work focuses on role-based protection, formalizes the role concept and proposes a model for role organization and administration. This model, intended to ease access rights administration, is defined by a set of properties. Algorithms for role administration are presented. These guarantee the properties of the role organization model. Role-based protection is also studied with respect to traditional protection schemes. One aspect of this enquiry focuses on information flow analysis in role-based security systems; the other addresses the realization of mandatory access control using role-based protection. This involves the imposition of acyclic information flows and rules that ensure secrecy. It demonstrates the strength of the role-based protection approach.;A role is a named collection of responsibilities and functions which we term privileges. Execution of one or more privileges of a role facilitates access to information available via the role. Access to information is realized both via user authorization to the role and the role\u27s privilege list. A role exists as a separate entity from the role-holder and/or the role administrator. In determining role organization, role relationships are used based on privilege sharing. This results in an acyclic role graph with roles being nodes and edges being role relationships. These relationships help us infer those privileges of a role that are implicitly defined. Analysis of this model indicates that it can simulate lattice-like models, hierarchical structures and privilege graphs.;Principles from the O-O paradigm are utilized to impose segmented access to object information. This approach uses methods to window an object\u27s interface to facilitate segmented access to object data through different roles, and hence different users. By defining these methods to suit the intended functionality and associating them with specific roles, we in effect distribute the object interface to different roles and users. An object model is proposed as the basis of O-O executions. Further, in order to impose the well-formed transaction (WFTs) requirement, a transaction model is proposed that imposes transactional properties on method executions. By use of transaction scripts we can design executions to realize desirable outcomes.;Separation of duty is another major requirement in the Clark and Wilson model. It requires object history for its enforcement. Our proposal ensures that objects track their history. Moreover, every execution on an object utilizes the object history to determine access and updates the history with any attempted access. (Abstract shortened by UMI.

Reconstructing Loch Lomond Stadial Glaciers and Climate in the south-west English Lake District

The most recent glaciation of the English Lake District occurred during the Loch Lomond Stadial (Younger Dryas) when full glacial conditions returned to the British Isles. The largest ice mass formed over the Western Scottish Highlands with smaller ice masses developing throughout the British uplands. In the Lake District, our understanding of the extent and timing of the Loch Lomond Stadial glaciation is patchy and poorly constrained by geochronology. Sissons (1980) proposed the development of 64 independent alpine-style ice masses in the district during the Loch Lomond Stadial. The location and geometry of these ice masses showed some agreement to the earlier, but coarser scale, map of ice masses produced Manley (1959) for the same period, however some significant differences were also apparent. More recently, McDougall (1998: 2001) has proposed the development of plateau icefields in the Lake District centred over High Raise, Grey Knotts/Dale Head, Brandreth and Kirk Fell. This much more extensive style of glaciation involved 40-50 m of cold based non-erosive ice occupying the plateau summits and feeding down into warm-based geomorphologically active outlet glaciers in the valleys. Further Loch Lomond Stadial sites have also been identified in the Lake District by Wilson (2002: 2004) and Wilson and Clark (1998: 1999). The geomorphology of the south-west Lake District is identified and presented here and glaciers are then reconstructed based upon this evidence. Palaeoclimatic inferences made based upon the reconstructed glacial extent vary greatly depending on the style of glaciation that occurred during Stadial (alpine or plateau icefield). Of particular note, plateau icefields have the potential to significantly raise the equilibrium line altitude (ELA) across a region. This lowers the temperature at the ELA and therefore increases the reconstructed palaeoprecipitation at the ELA. In order to test the viability of the reconstructed glaciers in the Lake District, a 2D velocity-mass balance model is applied to the glaciers (adapted from Carr and Coleman,2007). This model assumes that where a glacier is glaciologically viable under the parameters used to drive the model, the basal velocity (Ub) accounts for < 90 % of the surface velocity in the centre of the channel (Us). Further mass contributions to the glaciers via mechanisms such as snowblow are quantified using a revised definition of potential snowblow areas. The significance of these areas is then assessed with respect to the ELA of the glaciers. Digitisations of the work of Sissons (1980), McDougall (1998), Wilson and Clark (1998: 1999) in the Lake District are then presented and compiled with the work of the current author to illustrate the extent of the Loch Lomond Stadial throughout the whole district

Are Existing Security Models Suitable for Teleworking?

The availability of high performance broadband services from the home will allow a growing number of organisations to offer teleworking as an employee work practice. Teleworking delivers cost savings, improved productivity and provides a recruitment policy to attract and retain personnel. Information security is one of the management considerations necessary before an effective organisational teleworking policy can be implemented. The teleworking computing environment presents a different set of security threats to those present in an office environment. Teleworking requires a security model to provide security policy enforcement to counter the set of security threats present in the teleworking computing environment. This paper considers four existing security models and assesses each model’s suitability to define security policy enforcement for telework. The approach taken is to identify the information security threats that exist in a teleworking environment and to categorise the threats based upon their impact upon confidentiality of data, system and data integrity, and availability of service in the teleworking environment. It is found that risks exist to the confidentiality, integrity and availability of information in a teleworking environment and therefore a security model is required that provides appropriate policy enforcement. A set of security policy enforcement mechanisms to counter the identified information security threats is proposed. Using an abstraction of the identified threats and the security policy enforcement mechanisms, a set of attributes for a security model for teleworking is proposed. Each of the four existing security models is assessed against this set of attributes to determine its suitability to specify policy enforcement for telework. Although the four existing models were selected based upon their perceived suitability it is found that none provide the required policy enforcement for telework

Assessing relevance

This paper advances an approach to relevance grounded on patterns of material inference called argumentation schemes, which can account for the reconstruction and the evaluation of relevance relations. In order to account for relevance in different types of dialogical contexts, pursuing also non-cognitive goals, and measuring the scalar strength of relevance, communicative acts are conceived as dialogue moves, whose coherence with the previous ones or the context is represented as the conclusion of steps of material inferences. Such inferences are described using argumentation schemes and are evaluated by considering 1) their defeasibility, and 2) the acceptability of the implicit premises on which they are based. The assessment of both the relevance of an utterance and the strength thereof depends on the evaluation of three interrelated factors: 1) number of inferential steps required; 2) the types of argumentation schemes involved; and 3) the implicit premises required

Evidence for Past Subduction Earthquakes at a Plate Boundary with Widespread Upper Plate Faulting: Southern Hikurangi Margin, New Zealand

At the southern Hikurangi margin, New Zealand, we use salt marsh stratigraphy, sedimentology, micropaleontology, and radiocarbon dating to document evidence of two earthquakes producing coseismic subsidence and (in one case) a tsunami over the past 1000 yrs. The earthquake at 520-470 yrs before present (B.P.) produced 0.25 +/- 0.1 m of subsidence at Big Lagoon. The earthquake at 880-800 yrs B.P. produced 0.45 +/- 0.1 m of subsidence at Big Lagoon and was accompanied by a tsunami that inundated >= 360 m inland with a probable height of >= 3.3 m. Distinguishing the effects of upper plate faulting from plate interface earthquakes is a significant challenge at this margin. We use correlation with regional upper plate paleoearthquake chronologies and elastic dislocation modeling to determine that the most likely cause of the subsidence and tsunami events is subduction interface rupture, although the older event may have been a synchronous subduction interface and upper plate fault rupture. The southern Hikurangi margin has had no significant (M > 6.5) documented subduction interface earthquakes in historic times, and previous assumptions that this margin segment is prone to rupture in large to great earthquakes were based on seismic and geodetic evidence of strong contemporary plate coupling. This is the first geologic evidence to confirm that the southern Hikurangi margin ruptures in large earthquakes. The relatively short-time interval between the two subduction earthquakes (similar to 350 yrs) is shorter than in current seismic-hazard models.GNSEQC Biennial ProjectNew Zealand Natural Hazards Research Platform and Foundation for Research Science and TechnologyInstitute for Geophysic

The Wilson Effective K\"ahler Potential For Supersymmetric Nonlinear Sigma Models

Renormalization group methods are used to determine the evolution of the low energy Wilson effective action for supersymmetric nonlinear sigma models in four dimensions. For the case of supersymmetric $CP^{(N-1)}$ models, the K\"ahler potential is determined exactly and is shown to exhibit a nontrivial ultraviolet fixed point in addition to a trivial infrared fixed point. The strong coupling behavior of the theory suggests the possible existence of additional relevant operators or nonperturbative degrees of freedom.Comment: 9 pages, LaTeX, 1 eps figur

The extended mind thesis is about demarcation and use of words

The «extended mind thesis» sounds like a substantive thesis, the truth of which we should investigate. But actually the thesis a) turns about to be just a statement on where the demarcations for the «mental» are to be set (internal, external,…), i.e. it is about the «mark of the mental»; and b) the choice about the mark of the mental is a verbal choice, not a matter of scientific discovery. So, the «extended mind thesis » is a remark on how its supporters or opponents want to use the word ‘mind’, not a thesis of cognitive science or philosophy. The upshot of the extended mind discussion should not be to draw the line further out, but to drop the demarcation project