The RAppArmor Package: Enforcing Security Policies in R Using Dynamic Sandboxing on Linux

The increasing availability of cloud computing and scientific super computers brings great potential for making R accessible through public or shared resources. This allows us to efficiently run code requiring lots of cycles and memory, or embed R functionality into, e.g., systems and web services. However some important security concerns need to be addressed before this can be put in production. The prime use case in the design of R has always been a single statistician running R on the local machine through the interactive console. Therefore the execution environment of R is entirely unrestricted, which could result in malicious behavior or excessive use of hardware resources in a shared environment. Properly securing an R process turns out to be a complex problem. We describe various approaches and illustrate potential issues using some of our personal experiences in hosting public web services. Finally we introduce the RAppArmor package: a Linux based reference implementation for dynamic sandboxing in R on the level of the operating system

SECURING AMERICA’S CAPITAL

The concrete barriers, sewer pipes, and chain-link fencing that prompted the National Capital Planning Commission’s security efforts inconvenienced city residents, workers, and visitors and degraded the appearance of one of the most carefully designed and naturally beautiful cities in the world. And yet, what made these barriers intolerable was their underlying message—that the nation’s capital would allow terrorists to limit the American hallmark of open access. The National Capital Planning Commission does not ask federal agencies to ignore the threat reality, but it does ask that agencies cease to install monuments of fear and retrenchment. As the capital’s watchful steward, the Commission is committed to preserving urban design ideals and cultivating Washington’s two-hundredyear-old planning tradition

Commenorative Brands – Tracking Report – Mexico Factory Code: 2100501274J – July 4 – 5, 2011

This document is part of a digital collection provided by the Martin P. Catherwood Library, ILR School, Cornell University, pertaining to the effects of globalization on the workplace worldwide. Special emphasis is placed on labor rights, working conditions, labor market changes, and union organizing.FLA_2011_TR_CommemorativeBrands_Mexico_2100501274J.pdf: 23 downloads, before Oct. 1, 2020

Review of UK microgeneration. Part 1 : policy and behavioural aspects

A critical review of the literature relating to government policy and behavioural aspects relevant to the uptake and application of microgeneration in the UK is presented. Given the current policy context aspiring to zero-carbon new homes by 2016 and a variety of minimum standards and financial policy instruments supporting microgeneration in existing dwellings, it appears that this class of technologies could make a significant contribution to UK energy supply and low-carbon buildings in the future. Indeed, achievement of a reduction in greenhouse gas emissions by 80% (the UK government's 2050 target) for the residential sector may entail substantial deployment of microgeneration. Realisation of the large potential market for microgeneration relies on a variety of inter-related factors such as microeconomics, behavioural aspects, the structure of supporting policy instruments and well-informed technology development. This article explores these issues in terms of current and proposed policy instruments in the UK. Behavioural aspects associated with both initial uptake of the technology and after purchase are also considered

Mobile Application Security Platforms Survey

Nowadays Smartphone and other mobile devices have become incredibly important in every aspect of our life. Because they have practically offered same capabilities as desktop workstations as well as come to be powerful in terms of CPU (Central processing Unit), Storage and installing numerous applications. Therefore, Security is considered as an important factor in wireless communication technologies, particularly in a wireless ad-hoc network and mobile operating systems. Moreover, based on increasing the range of mobile application within variety of platforms, security is regarded as on the most valuable and considerable debate in terms of issues, trustees, reliabilities and accuracy. This paper aims to introduce a consolidated report of thriving security on mobile application platforms and providing knowledge of vital threats to the users and enterprises. Furthermore, in this paper, various techniques as well as methods for security measurements, analysis and prioritization within the peak of mobile platforms will be presented. Additionally, increases understanding and awareness of security on mobile application platforms to avoid detection, forensics and countermeasures used by the operating systems. Finally, this study also discusses security extensions for popular mobile platforms and analysis for a survey within a recent research in the area of mobile platform security

Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do

Smartphone apps can harvest very personal details from the phone with ease. This is a particular privacy concern. Unthinking installation of untrustworthy apps constitutes risky behaviour. This could be due to poor awareness or a lack of knowhow: knowledge of how to go about protecting privacy. It seems that Smartphone owners proceed with installation, ignoring any misgivings they might have, and thereby irretrievably sacrifice their privacy

Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

Protecting Private Data in the Cloud

Companies that process business critical and secret data are reluctant to use utility and cloud computing for the risk that their data gets stolen by rogue system administrators at the hosting company. We describe a system organization that prevents host administrators from directly accessing or installing eaves-dropping software on the machine that holds the client's valuable data. Clients are monitored via machine code probes that are inlined into the clients' programs at runtime. The system enables the cloud provider to install and remove software probes into the machine code without stopping the client's program, and it prevents the provider from installing probes not granted by the client