76,971 research outputs found
The RAppArmor Package: Enforcing Security Policies in R Using Dynamic Sandboxing on Linux
The increasing availability of cloud computing and scientific super computers
brings great potential for making R accessible through public or shared
resources. This allows us to efficiently run code requiring lots of cycles and
memory, or embed R functionality into, e.g., systems and web services. However
some important security concerns need to be addressed before this can be put in
production. The prime use case in the design of R has always been a single
statistician running R on the local machine through the interactive console.
Therefore the execution environment of R is entirely unrestricted, which could
result in malicious behavior or excessive use of hardware resources in a shared
environment. Properly securing an R process turns out to be a complex problem.
We describe various approaches and illustrate potential issues using some of
our personal experiences in hosting public web services. Finally we introduce
the RAppArmor package: a Linux based reference implementation for dynamic
sandboxing in R on the level of the operating system
SECURING AMERICA’S CAPITAL
The concrete barriers, sewer pipes, and chain-link fencing that prompted the National Capital Planning Commission’s security efforts inconvenienced city residents, workers, and visitors and degraded the appearance of one of the most carefully designed and naturally beautiful cities in the world. And yet, what made these barriers intolerable was their underlying message—that the nation’s capital would allow terrorists to limit the American hallmark of open access. The National Capital Planning Commission does not ask federal agencies to ignore the threat reality, but it does ask that agencies cease to install monuments of fear and retrenchment. As the capital’s watchful steward, the Commission is committed to preserving urban design ideals and cultivating Washington’s two-hundredyear-old planning tradition
Commenorative Brands – Tracking Report – Mexico Factory Code: 2100501274J – July 4 – 5, 2011
This document is part of a digital collection provided by the Martin P. Catherwood Library, ILR School, Cornell University, pertaining to the effects of globalization on the workplace worldwide. Special emphasis is placed on labor rights, working conditions, labor market changes, and union organizing.FLA_2011_TR_CommemorativeBrands_Mexico_2100501274J.pdf: 23 downloads, before Oct. 1, 2020
Review of UK microgeneration. Part 1 : policy and behavioural aspects
A critical review of the literature relating to government policy and behavioural aspects relevant to the uptake and application of microgeneration in the UK is presented. Given the current policy context aspiring to zero-carbon new homes by 2016 and a variety of minimum standards and financial policy instruments supporting microgeneration in existing dwellings, it appears that this class of technologies could make a significant contribution to UK energy supply and low-carbon buildings in the future. Indeed, achievement of a reduction in greenhouse gas emissions by 80% (the UK government's 2050 target) for the residential sector may entail substantial deployment of microgeneration. Realisation of the large potential market for microgeneration relies on a variety of inter-related factors such as microeconomics, behavioural aspects, the structure of supporting policy instruments and well-informed technology development. This article explores these issues in terms of current and proposed policy instruments in the UK. Behavioural aspects associated with both initial uptake of the technology and after purchase are also considered
Mobile Application Security Platforms Survey
Nowadays Smartphone and other mobile devices have become incredibly important in every aspect of our life. Because they have practically offered same capabilities as desktop workstations as well as come to be powerful in terms of CPU (Central processing Unit), Storage and installing numerous applications. Therefore, Security is considered as an important factor in wireless communication technologies, particularly in a wireless ad-hoc network and mobile operating systems. Moreover, based on increasing the range of mobile application within variety of platforms, security is regarded as on the most valuable and considerable debate in terms of issues, trustees, reliabilities and accuracy. This paper aims to introduce a consolidated report of thriving security on mobile application platforms and providing knowledge of vital threats to the users and enterprises. Furthermore, in this paper, various techniques as well as methods for security measurements, analysis and prioritization within the peak of mobile platforms will be presented. Additionally, increases understanding and awareness of security on mobile application platforms to avoid detection, forensics and countermeasures used by the operating systems. Finally, this study also discusses security extensions for popular mobile platforms and analysis for a survey within a recent research in the area of mobile platform security
Encouraging Privacy-Aware Smartphone App Installation: Finding out what the Technically-Adept Do
Smartphone apps can harvest very personal details
from the phone with ease. This is a particular privacy concern.
Unthinking installation of untrustworthy apps constitutes risky
behaviour. This could be due to poor awareness or a lack of knowhow:
knowledge of how to go about protecting privacy. It seems
that Smartphone owners proceed with installation, ignoring any
misgivings they might have, and thereby irretrievably sacrifice
their privacy
Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study
Cloud computing has emerged as a popular paradigm and an attractive model for
providing a reliable distributed computing model.it is increasing attracting
huge attention both in academic research and industrial initiatives. Cloud
deployments are paramount for institution and organizations of all scales. The
availability of a flexible, free open source cloud platform designed with no
propriety software and the ability of its integration with legacy systems and
third-party applications are fundamental. Open stack is a free and opensource
software released under the terms of Apache license with a fragmented and
distributed architecture making it highly flexible. This project was initiated
and aimed at designing a secured cloud infrastructure called BradStack, which
is built on OpenStack in the Computing Laboratory at the University of
Bradford. In this report, we present and discuss the steps required in
deploying a secured BradStack Multi-node cloud infrastructure and conducting
Penetration testing on OpenStack Services to validate the effectiveness of the
security controls on the BradStack platform. This report serves as a practical
guideline, focusing on security and practical infrastructure related issues. It
also serves as a reference for institutions looking at the possibilities of
implementing a secured cloud solution.Comment: 38 pages, 19 figures
Protecting Private Data in the Cloud
Companies that process business critical and secret data are reluctant
to use utility and cloud computing for the risk that their data gets
stolen by rogue system administrators at the hosting company. We
describe a system organization that prevents host administrators from
directly accessing or installing eaves-dropping software on the
machine that holds the client's valuable data. Clients are monitored
via machine code probes that are inlined into the clients' programs at
runtime. The system enables the cloud provider to install and remove software
probes into the machine code without stopping the client's program, and
it prevents the provider from installing probes not granted by the
client
- …