371,853 research outputs found
Improving Security Policy Decisions with Models
Security managers face the challenge of designing security policies that deliver the objectives required by their organizations. We explain how a rigorous methodology, grounded in mathematical systems modelling and the economics of decision-making, can be used to explore the operational consequences of their design choices and help security managers to make better decisions. The methodology is based on constructing executable system models that illustrate the effects of different policy choices. Models are designed to be composed, allowing complex systems to be expressed as combinations of smaller, complete models. They capture the logical and physical structure of systems, the choices and behavior of agents within the system, and the security managers' preferences about outcomes. Models are parameterized from observations of the real world and the effectiveness of different security policies is explored through simulation. Utility theory is used to describe the extent to which security managers' policies deliver their security objectives.Improving Security Policy Decisions with Model
Why (and How) Networks Should Run Themselves
The proliferation of networked devices, systems, and applications that we
depend on every day makes managing networks more important than ever. The
increasing security, availability, and performance demands of these
applications suggest that these increasingly difficult network management
problems be solved in real time, across a complex web of interacting protocols
and systems. Alas, just as the importance of network management has increased,
the network has grown so complex that it is seemingly unmanageable. In this new
era, network management requires a fundamentally new approach. Instead of
optimizations based on closed-form analysis of individual protocols, network
operators need data-driven, machine-learning-based models of end-to-end and
application performance based on high-level policy goals and a holistic view of
the underlying components. Instead of anomaly detection algorithms that operate
on offline analysis of network traces, operators need classification and
detection algorithms that can make real-time, closed-loop decisions. Networks
should learn to drive themselves. This paper explores this concept, discussing
how we might attain this ambitious goal by more closely coupling measurement
with real-time control and by relying on learning for inference and prediction
about a networked application or system, as opposed to closed-form analysis of
individual protocols
Trust economics feasibility study
We believe that enterprises and other organisations currently lack sophisticated methods and tools to determine if and how IT changes should be introduced in an organisation, such that objective, measurable goals are met. This is especially true when dealing with security-related IT decisions. We report on a feasibility study, Trust Economics, conducted to demonstrate that such methodology can be developed. Assuming a deep understanding of the IT involved, the main components of our trust economics approach are: (i) assess the economic or financial impact of IT security solutions; (ii) determine how humans interact with or respond to IT security solutions; (iii) based on above, use probabilistic and stochastic modelling tools to analyse the consequences of IT security decisions. In the feasibility study we apply the trust economics methodology to address how enterprises should protect themselves against accidental or malicious misuse of USB memory sticks, an acute problem in many industries
Supporting security-oriented, collaborative nanoCMOS electronics research
Grid technologies support collaborative e-Research typified by multiple institutions and resources seamlessly shared to tackle common research problems. The rules for collaboration and resource sharing are commonly achieved through establishment and management of virtual organizations (VOs) where policies on access and usage of resources by collaborators are defined and enforced by sites involved in the collaboration. The expression and enforcement of these rules is made through access control systems where roles/privileges are defined and associated with individuals as digitally signed attribute certificates which collaborating sites then use to authorize access to resources. Key to this approach is that the roles are assigned to the right individuals in the VO; the attribute certificates are only presented to the appropriate resources in the VO; it is transparent to the end user researchers, and finally that it is manageable for resource providers and administrators in the collaboration. In this paper, we present a security model and implementation improving the overall usability and security of resources used in Grid-based e-Research collaborations through exploitation of the Internet2 Shibboleth technology. This is explored in the context of a major new security focused project at the National e-Science Centre (NeSC) at the University of Glasgow in the nanoCMOS electronics domain
The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences
Current smartphone operating systems regulate application permissions by
prompting users on an ask-on-first-use basis. Prior research has shown that
this method is ineffective because it fails to account for context: the
circumstances under which an application first requests access to data may be
vastly different than the circumstances under which it subsequently requests
access. We performed a longitudinal 131-person field study to analyze the
contextuality behind user privacy decisions to regulate access to sensitive
resources. We built a classifier to make privacy decisions on the user's behalf
by detecting when context has changed and, when necessary, inferring privacy
preferences based on the user's past decisions and behavior. Our goal is to
automatically grant appropriate resource requests without further user
intervention, deny inappropriate requests, and only prompt the user when the
system is uncertain of the user's preferences. We show that our approach can
accurately predict users' privacy decisions 96.8% of the time, which is a
four-fold reduction in error rate compared to current systems.Comment: 17 pages, 4 figure
Development of a Methodology for the Economic Assessment of Managerial Decisions as a Factor of Increased Economic Security
The article notes that the emergence of such a phenomenon as the interdependence of security and development, the so-called security-development nexus, becomes a determinant during the development of strategic documents at all hierarchical levels. It gives relevance to the search for methodological solutions that would on a strategic level take into account any potential threats to economic security, and on a tactical level provide for pragmatic actions that are not in conflict with the strategic development vector of business entities. The authors identify the instability factors that pose a real threat to economic security. They substantiate the expediency of forming a new model of the national economy development with a focal point on new industrialization. The article factors in the most important trends in the development of the global economy that determine the strategic vector of enhancing the economic security in Russia. It is ascertained that in the conditions of new industrialization, the intellectual core of the high-tech economy sector is formed by convergent technologies (NBICS technologies). The authors offer a methodological approach to the economic assessment of managerial decisions in the context of uncertainty. They also identify methodological principles that must be taken into account in developing a modern methodology for the economic assessment of business decisions. The principles include forming a preferred reality, or the so-called “vision of the future,” the priority of network solutions as the basis for the formation of new markets; mass customization and individualization of demands, principal changes in the profile of competences that ensure competitiveness on the labor market, use of the ideology of inclusive development and impact investment that creates common values. The proposed methodology is based on the optimum combination of traditional methods used for the economic assessment of managerial decisions with the method of real options and reflexive assessments with regard to entropy as a measure of uncertainty. The proposed methodological approach has been tested in respect of the Ural mining and metallurgical complex.The article has been prepared with the support of the grant from the Russian Foundation for Basic Research № 16–06–00403 "Modelling the Motivational Potentials of the Multi-subject Industrial Policy in the Context of New Industrialization"
Lower Mekong Portfolio: Interim Evaluation
This report summarizes a portfolio evaluation of the MacArthur Foundation's conservation investments in the Lower Mekong region since 2011. It is explicitly a portfolio-level evaluation, focusing on common themes rather than individual grants. The evaluation involved understanding the portfolio context through reviewing relevant documents and speaking with donor partners; gathering data from MacArthur grantees; calibrating initial evaluation findings through consultations with independent regional experts and donor partner grantees; improving future evaluation ability by cooperating with NatureServe to improve the Lower Mekong Dashboard; and presenting results in this evaluation report and to MacArthur directly
Passenger Flows in Underground Railway Stations and Platforms, MTI Report 12-43
Urban rail systems are designed to carry large volumes of people into and out of major activity centers. As a result, the stations at these major activity centers are often crowded with boarding and alighting passengers, resulting in passenger inconvenience, delays, and at times danger. This study examines the planning and analysis of station passenger queuing and flows to offer rail transit station designers and transit system operators guidance on how to best accommodate and manage their rail passengers. The objectives of the study are to: 1) Understand the particular infrastructural, operational, behavioral, and spatial factors that affect and may constrain passenger queuing and flows in different types of rail transit stations; 2) Identify, compare, and evaluate practices for efficient, expedient, and safe passenger flows in different types of station environments and during typical (rush hour) and atypical (evacuations, station maintenance/ refurbishment) situations; and 3) Compile short-, medium-, and long-term recommendations for optimizing passenger flows in different station environments
- …