Security policy refinement using data integration: a position paper.

In spite of the wide adoption of policy-based approaches for security management, and many existing treatments of policy verification and analysis, relatively little attention has been paid to policy refinement: the problem of deriving lower-level, runnable policies from higher-level policies, policy goals, and specifications. In this paper we present our initial ideas on this task, using and adapting concepts from data integration. We take a view of policies as governing the performance of an action on a target by a subject, possibly with certain conditions. Transformation rules are applied to these components of a policy in a structured way, in order to translate the policy into more refined terms; the transformation rules we use are similar to those of global-as-view database schema mappings, or to extensions thereof. We illustrate our ideas with an example. Copyright 2009 ACM

The President’s Immigration Accountability Executive Action of November 20, 2014: Overview and Issues

[Excerpt] On November 20, 2014, President Obama announced his Immigration Accountability Executive Action which revises some U.S. immigration policies and initiates several programs, including a revised border security policy for the Southwest border; deferred action programs for some unauthorized aliens; revised interior enforcement priorities; changes to aid the entry of skilled workers; the promotion of immigrant integration and naturalization; and several other initiatives the President indicated would improve the U.S. immigration system. The most controversial among these provisions will grant deferred action to as many as 5 million unauthorized aliens. The President announced the executive action through ten Department of Homeland Security (DHS) memoranda, two White House memoranda, and three Department of Labor (DOL) fact sheets. According to the President, the actions were taken in response to the absence of legislation addressing major problems within the immigration system. The President has stated that his actions are temporary, and that his successor can rescind them. Those opposed to the executive actions argue they were taken largely for political purposes. They contend that once granted, such temporary measures would be difficult to revoke. Separately, a debate has arisen as to whether the President has the legal authority to take such actions, with the Administration and others arguing the President’s actions fall within his authority, and many in Congress arguing the President has overstepped it. That debate and its attendant legal questions are beyond the scope of this report. As the Administration proceeds to implement the executive actions, some in Congress have vowed to halt some or all of them

Included, but Deportable: A New Public Health Approach to Policies That Criminalize and Integrate Immigrants.

There has been a burst of research on immigrant health in the United States and an increasing attention to the broad range of state and local policies that are social determinants of immigrant health. Many of these policies criminalize immigrants by regulating the "legality" of their day-to-day lives while others function to integrate immigrants through expanded rights and eligibility for health care, social services, and other resources.Research on the health impact of policies has primarily focused on the extremes of either criminalization or integration. Most immigrants in the United States, however, live in states that possess a combination of both criminalizing and integrating policies, resulting in distinct contexts that may influence their well-being.We present data describing the variations in criminalization and integration policies across states and provide a framework that identifies distinct but concurrent mechanisms of deportability and inclusion that can influence health. Future public health research and practice should address the ongoing dynamics created by both criminalization and integration policies as these likely exacerbate health inequities by citizenship status, race/ethnicity, and other social hierarchies

Missing in Action: Job-Driven Educational Pathways for Unauthorized Youth and Adults

Policymakers in Washington, DC, and in the states have put forward proposals to make it easier for immigrants to fully contribute to the economy. Most federal immigration policy proposals -- whether administrative or congressional -- require immigrant applicants to attain credentials, thus facilitating their full economic integration. These educational requirements -- if supported by adequate policy infrastructure and investments -- increase the likelihood of positive economic outcomes for individual immigrants and our economy as a whole. It is well-documented that higher levels of education are associated with higher earnings and economic productivity. But some of these credential requirements have not lined up with what the labor market actually demands, and to date, no policy has included the investments or infrastructure needed to support job-driven educational pathways for unauthorized youth and adults. Reflecting on the DREAM Act, DAPA, and DACA today creates an opportunity to ensure that the current lack of access to job-driven educational pathways does not become a barrier to citizenship in the future when comprehensive immigration reform comes to pass

A secure, constraint-aware role-based access control interoperation framework

With the growing needs for and the benefits of sharing resources and information among different organizations, an interoperation framework that automatically integrates policies to facilitate such cross-domain sharing in a secure way is becoming increasingly important. To avoid security breaches, such policies must enforce the policy constraints of the individual domains. Such constraints may include temporal constraints that limit the times when the users can access the resources, and separation of duty (SoD) constraints. Existing interoperation solutions do not address such cross-domain temporal access control and SoDs requirements. In this paper, we propose a role-based framework to facilitate secure interoperation among multiple domains by ensuring the enforcement of temporal and SoD constraints of individual domains. To support interoperation, we do not modify the internal policies, as most of the current approaches do. We present experimental results to demonstrate our proposed framework is effective and easily realizable. © 2011 IEEE

Integrating security solutions to support nanoCMOS electronics research

The UK Engineering and Physical Sciences Research Council (EPSRC) funded Meeting the Design Challenges of nanoCMOS Electronics (nanoCMOS) is developing a research infrastructure for collaborative electronics research across multiple institutions in the UK with especially strong industrial and commercial involvement. Unlike other domains, the electronics industry is driven by the necessity of protecting the intellectual property of the data, designs and software associated with next generation electronics devices and therefore requires fine-grained security. Similarly, the project also demands seamless access to large scale high performance compute resources for atomic scale device simulations and the capability to manage the hundreds of thousands of files and the metadata associated with these simulations. Within this context, the project has explored a wide range of authentication and authorization infrastructures facilitating compute resource access and providing fine-grained security over numerous distributed file stores and files. We conclude that no single security solution meets the needs of the project. This paper describes the experiences of applying X.509-based certificates and public key infrastructures, VOMS, PERMIS, Kerberos and the Internet2 Shibboleth technologies for nanoCMOS security. We outline how we are integrating these solutions to provide a complete end-end security framework meeting the demands of the nanoCMOS electronics domain

Women in Combat: Issues for Congress

[Excerpt] Over the past two decades of conflict, women have served with valor and continue to serve on combat aircraft, naval vessels, and in support of ground combat operations. The expansion of roles for women in the armed forces has evolved since the early days of the military when women were restricted by law and policy from serving in certain occupations and units. Women are not precluded by law from serving in any military unit or occupational specialty. However, a 1994 Department of Defense (DOD) policy prevented women from being assigned to units below brigade level where the unit’s primary mission was to engage directly in ground combat. This policy barred women from serving in infantry, artillery, armor, combat engineers, and special operations units of battalion size or smaller. On January 24, 2013, then-Secretary of Defense Leon Panetta rescinded the rule that restricted women from serving in combat units and directed the military departments to review their occupational standards and assignment policies for implementation no later than January 1, 2016. This recent policy change followed extensive reviews by various commissions and others on issues regarding women in the military and policies for their assignment and career progression. For example, the Duncan Hunter National Defense Authorization Act for Fiscal Year 2009 (P.L. 110-417) established the Military Leadership Diversity Commission whose mandate was to conduct a study and report on the “establishment and maintenance of fair promotion and command opportunities for ethnic- and gender-specific members of the Armed Forces.” Among its recommendations, the commission stated that DOD should take deliberate steps to open additional career fields and units involved in direct ground combat to women. The commission’s recommendations prompted Congress to direct DOD, in the Ike Skelton National Defense Act for Fiscal Year 2011 (P.L. 111-383), to conduct a review to “ensure that female members have equitable opportunities to compete and excel in the Armed Forces.” With the cancellation of the policy banning women from serving in combat units, some have questioned whether current occupational standards for entry into these units should be kept in place or modified. Proponents of change maintain that the existing standards are artificially high, and act as a de facto exclusionary barrier to the entry of women into combat occupations. Defenders of the current standards view any reductions to the existing standards as potentially damaging to military readiness. Congress has established requirements, definitions, and criteria for the development and application of “gender-neutral” occupational standards, and has oversight of all DOD decisions in this matter. Congress may also consider additional issues including equal opportunity, equal responsibility (such as selective service registration), readiness and cohesion, effectiveness, and the overall manpower needs of the military

Grid infrastructures for the electronics domain: requirements and early prototypes from an EPSRC pilot project

The fundamental challenges facing future electronics design is to address the decreasing – atomistic - scale of transistor devices and to understand and predict the impact and statistical variability these have on design of circuits and systems. The EPSRC pilot project “Meeting the Design Challenges of nanoCMOS Electronics” (nanoCMOS) which began in October 2006 has been funded to explore this space. This paper outlines the key requirements that need to be addressed for Grid technology to support the various research strands in this domain, and shows early prototypes demonstrating how these requirements are being addressed