Policy based roles for distributed systems security

Distributed systems are increasingly being used in commercial environments necessitating the development of trustworthy and reliable security mechanisms. There is often no clear informal or formal specification of enterprise authorisation policies and no tools to translate policy specifications to access control implementation mechanisms such as capabilities or Access Control Lists. It is thus difficult to analyse the policy to detect conflicts or flaws and it is difficult to verify that the implementation corresponds to the policy specification. We present in this paper a framework for the specification of management policies. We are concerned with two types of policies: obligations which specify what activities a manager or agent must or must not perform on a set of target objects and authorisations which specify what activities a subject (manager or agent) can or can not perform on the set of target objects. Management policies are then grouped into roles reflecting the organisation..

An Architecture for Integrated Intelligence in Urban Management using Cloud Computing

With the emergence of new methodologies and technologies it has now become possible to manage large amounts of environmental sensing data and apply new integrated computing models to acquire information intelligence. This paper advocates the application of cloud capacity to support the information, communication and decision making needs of a wide variety of stakeholders in the complex business of the management of urban and regional development. The complexity lies in the interactions and impacts embodied in the concept of the urban-ecosystem at various governance levels. This highlights the need for more effective integrated environmental management systems. This paper offers a user-orientated approach based on requirements for an effective management of the urban-ecosystem and the potential contributions that can be supported by the cloud computing community. Furthermore, the commonality of the influence of the drivers of change at the urban level offers the opportunity for the cloud computing community to develop generic solutions that can serve the needs of hundreds of cities from Europe and indeed globally.Comment: 6 pages, 3 figure

Digital Scotland, the relevance of library research and the Glasgow Digital Library Project

The Glasgow Digital Library (GDL) Project has a significance over and above its primary aim of creating a joint digital library for the citizens of Glasgow. It is also both an important building block in the development of a planned and co-ordinated 'virtual Scotland' and a rich environment for research into issues relevant to that enterprise. Its creation comes at a time of political, social, economic and cultural change in Scotland, and may be seen, at least in part, as a response to a developing Scottish focus in these areas, a key element of which is a new socially inclusive and digitally driven educational vision and strategy based on the Scottish traditions of meritocratic education, sharing and common enterprise, and a fiercely independent approach. The initiative is based at the Centre for Digital Library Research at Strathclyde University alongside a range of other projects of relevance both to the development of a coherent virtual landscape in Scotland and to the GDL itself, a supportive environment which allows it to draw upon the research results and staff expertise of other relevant projects for use in its own development and enables its relationship to virtual Scotland to be both explored and developed more readily. Although its primary aim is the creation of content (based initially on electronic resources created by the institutions, on public domain information, and on joint purchases and digitisation initiatives) the project will also investigate relationships between regional and national collaborative collection management programmes with SCONE (Scottish Collections Network Extension project) and relationships between regional and national distributed union catalogues with CAIRNS (Co-operative Academic Information Retrieval Network for Scotland) and COSMIC (Confederation of Scottish Mini-Clumps). It will also have to tackle issues associated with the management of co-operation

Boundary Objects and their Use in Agile Systems Engineering

Agile methods are increasingly introduced in automotive companies in the attempt to become more efficient and flexible in the system development. The adoption of agile practices influences communication between stakeholders, but also makes companies rethink the management of artifacts and documentation like requirements, safety compliance documents, and architecture models. Practitioners aim to reduce irrelevant documentation, but face a lack of guidance to determine what artifacts are needed and how they should be managed. This paper presents artifacts, challenges, guidelines, and practices for the continuous management of systems engineering artifacts in automotive based on a theoretical and empirical understanding of the topic. In collaboration with 53 practitioners from six automotive companies, we conducted a design-science study involving interviews, a questionnaire, focus groups, and practical data analysis of a systems engineering tool. The guidelines suggest the distinction between artifacts that are shared among different actors in a company (boundary objects) and those that are used within a team (locally relevant artifacts). We propose an analysis approach to identify boundary objects and three practices to manage systems engineering artifacts in industry

Authentication and authorisation in entrusted unions

This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported