On Properties of Policy-Based Specifications

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus become a crucial issue in the design of modern computing systems. Among the different access control approaches proposed in the last decades, the policy-based one permits to capture, by resorting to the concept of attribute, all systems' security-relevant information and to be, at the same time, sufficiently flexible and expressive to represent the other approaches. In this paper, we move a step further to understand the effectiveness of policy-based specifications by studying how they permit to enforce traditional security properties. To support system designers in developing and maintaining policy-based specifications, we formalise also some relevant properties regarding the structure of policies. By means of a case study from the banking domain, we present real instances of such properties and outline an approach towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338

Bantu lexical reconstruction

Lexical reconstruction has been an important enterprise in Bantu historical linguistics since the earliest days of the discipline. In this chapter a historical overview is provided of the principal scholarly contributions to that field of study. It is also explained how the Comparative Method has been and can be applied to reconstruct ancestral Bantu vocabulary via the intermediate step of phonological reconstruction and how the study of sound change needs to be completed with diachronic semantics in order to correctly reconstruct both the form and the meaning of etymons. Finally, some issues complicating this type of historical linguistic research, such as “osculance” due to prehistoric language contact, are addressed, as well as the relationship between reconstruction and classification

Using Event Calculus to Formalise Policy Specification and Analysis

As the interest in using policy-based approaches for systems management grows, it is becoming increasingly important to develop methods for performing analysis and refinement of policy specifications. Although this is an area that researchers have devoted some attention to, none of the proposed solutions address the issues of analysing specifications that combine authorisation and management policies; analysing policy specifications that contain constraints on the applicability of the policies; and performing a priori analysis of the specification that will both detect the presence of inconsistencies and explain the situations in which the conflict will occur. We present a method for transforming both policy and system behaviour specifications into a formal notation that is based on event calculus. Additionally it describes how this formalism can be used in conjunction with abductive reasoning techniques to perform a priori analysis of policy specifications for the various conflict types identified in the literature. Finally, it presents some initial thoughts on how this notation and analysis technique could be used to perform policy refinement

SDN Access Control for the Masses

The evolution of Software-Defined Networking (SDN) has so far been predominantly geared towards defining and refining the abstractions on the forwarding and control planes. However, despite a maturing south-bound interface and a range of proposed network operating systems, the network management application layer is yet to be specified and standardized. It has currently poorly defined access control mechanisms that could be exposed to network applications. Available mechanisms allow only rudimentary control and lack procedures to partition resource access across multiple dimensions. We address this by extending the SDN north-bound interface to provide control over shared resources to key stakeholders of network infrastructure: network providers, operators and application developers. We introduce a taxonomy of SDN access models, describe a comprehensive design for SDN access control and implement the proposed solution as an extension of the ONOS network controller intent framework

Asia-Pacific cyber insights

This report aims to give insight into the wealth of cyber perspectives across the Asia–Pacific and amplify the regional voice on the key themes and questions of the Global Conference on CyberSpace 2015 in April 2015. Overview The Asia-Pacific region incorporates some of the most mature cyber actors in the world as well as some of the least connected. Governments throughout the region are becoming increasingly aware of the importance of cyberspace, however the capabilities, needs, and priorities of each state lie across a wide spectrum. Asia–Pacific cyber perspectives are far more diverse and dynamic than the dominant narratives coming from the ‘cyber great powers’ and it is important that the region’s distinct voices are heard in international cyber discussions. This report aims to give insight into the wealth of cyber perspectives across the Asia–Pacific and amplify the regional voice on the key themes and questions of the Global Conference on CyberSpace 2015 (GCCS) in April 2015. To achieve this the Australian Strategic Policy Institute’s International Cyber Policy Centre partnered with the Institute of Strategic & International Studies Malaysia to host a multistakeholder workshop to gather and collate the expertise of a broad cross-section of Asia–Pacific cyber experts. With generous support from the Ministry of Foreign Affairs of the Kingdom of the Netherlands, the workshop brought together participants from government, the private sector, academia, think tanks, non-governmental organisations (NGOs), as well as regional and international organisations from 12 Asia–Pacific countries. The report represents a collation of the thoughts and perspectives from the workshop and subsequent discussions. It is based on the key themes and questions of the GCCS and structured around the GCCS agenda. The intention was not to achieve consensus but instead accurately portray the points of convergence and divergence across the region. Throughout the process the recurring themes of clarity, capacity, and responsibility emerged as ways to ensure a more reliable, secure, and stable cyberspace. The findings of this effort will be presented at an Asia-Pacific Borrel, an official side-event of the GCCS

My private cloud--granting federated access to cloud resources

We describe the research undertaken in the six month JISC/EPSRC funded My Private Cloud project, in which we built a demonstration cloud file storage service that allows users to login to it, by using their existing credentials from a configured trusted identity provider. Once authenticated, users are shown a set of accounts that they are the owners of, based on their identity attributes. Once users open one of their accounts, they can upload and download files to it. Not only that, but they can then grant access to their file resources to anyone else in the federated system, regardless of whether their chosen delegate has used the cloud service before or not. The system uses standard identity management protocols, attribute based access controls, and a delegation service. A set of APIs have been defined for the authentication, authorisation and delegation processes, and the software has been released as open source to the community. A public demonstration of the system is available online

Semantic-based policy engineering for autonomic systems

This paper presents some important directions in the use of ontology-based semantics in achieving the vision of Autonomic Communications. We examine the requirements of Autonomic Communication with a focus on the demanding needs of ubiquitous computing environments, with an emphasis on the requirements shared with Autonomic Computing. We observe that ontologies provide a strong mechanism for addressing the heterogeneity in user task requirements, managed resources, services and context. We then present two complimentary approaches that exploit ontology-based knowledge in support of autonomic communications: service-oriented models for policy engineering and dynamic semantic queries using content-based networks. The paper concludes with a discussion of the major research challenges such approaches raise

Time Protection: the Missing OS Abstraction

Timing channels enable data leakage that threatens the security of computer systems, from cloud platforms to smartphones and browsers executing untrusted third-party code. Preventing unauthorised information flow is a core duty of the operating system, however, present OSes are unable to prevent timing channels. We argue that OSes must provide time protection in addition to the established memory protection. We examine the requirements of time protection, present a design and its implementation in the seL4 microkernel, and evaluate its efficacy as well as performance overhead on Arm and x86 processors