747,454 research outputs found
Design, Management and Key Success Factors of an Offshore Cathodic Protection System for Corrosion Control
Corrosion is a very prevalent issue for offshore operations in the oil and gas industry. If the corrosion issues are not addressed adequately, these may lead to quality failures, safety incidents, compromise to asset integrity and high inspection costs. This research paper discusses and analyzes corrosion types, corrosion threats, mechanisms to protect against corrosion, design and management of cathodic protection system, and key success factors for a cathodic protection system for an offshore oil and gas production system
DASICS: Enhancing Memory Protection with Dynamic Compartmentalization
In the existing software development ecosystem, security issues introduced by
third-party code cannot be overlooked. Among these security concerns, memory
access vulnerabilities stand out prominently, leading to risks such as the
theft or tampering of sensitive data. To address this issue, software-based
defense mechanisms have been established at the programming language, compiler,
and operating system levels. However, as a trade-off, these mechanisms
significantly reduce software execution efficiency. Hardware-software co-design
approaches have sought to either construct entirely isolated trusted execution
environments or attempt to partition security domains within the same address
space. While such approaches enhance efficiency compared to pure software
methods, they also encounter challenges related to granularity of protection,
performance overhead, and portability. In response to these challenges, we
present the DASICS (Dynamic in-Address-Space Isolation by Code Segments) secure
processor design, which offers dynamic and flexible security protection across
multiple privilege levels, addressing data flow protection, control flow
protection, and secure system calls. We have implemented hardware FPGA
prototypes and software QEMU simulator prototypes based on DASICS, along with
necessary modifications to system software for adaptability. We illustrate the
protective mechanisms and effectiveness of DASICS with two practical examples
and provide potential real-world use cases where DASICS could be applied.Comment: 16 pages, 6 figure
Dynamic deployment of context-aware access control policies for constrained security devices
Securing the access to a server, guaranteeing a certain level of protection over an encrypted communication channel, executing particular counter measures when attacks are detected are examples of security requirements. Such requirements are identi ed based on organizational purposes and expectations in terms of resource access and availability and also on system vulnerabilities and threats. All these requirements belong to the so-called security policy. Deploying the policy means enforcing, i.e., con guring, those security components and mechanisms so that the system behavior be nally the one speci ed by the policy. The deployment issue becomes more di cult as the growing organizational requirements and expectations generally leave behind the integration of new security functionalities in the information system: the information system will not always embed the necessary security functionalities for the proper deployment of contextual security requirements. To overcome this issue, our solution is based on a central entity approach which takes in charge unmanaged contextual requirements and dynamically redeploys the policy when context changes are detected by this central entity. We also present an improvement over the OrBAC (Organization-Based Access Control) model. Up to now, a controller based on a contextual OrBAC policy is passive, in the sense that it assumes policy evaluation triggered by access requests. Therefore, it does not allow reasoning about policy state evolution when actions occur. The modi cations introduced by our work overcome this limitation and provide a proactive version of the model by integrating concepts from action speci cation languages
Humanitarian Visas: Option or obligation?. CEPS Liberty and Security in Europe No. 68, 27 October 2014
Third-country nationals seeking protection have no EU-wide legal channels at present for entering EU territory and triggering protection mechanisms under the Common European Asylum System. As a result, many embark on hazardous journeys, with concomitant risks and loss of human life. The absence of âprotection-sensitiveâ mechanisms for accessing EU territory, along with EU external and extraterritorial border and migration management and control, undermine Member States' refugee and human rights obligations. Humanitarian visas may offer a remedy in this regard by enabling third-country nationals to apply in situ for entry to EU territory on humanitarian grounds or because of international obligations. This study asks whether the existing Visa Code actually obliges Member States to issue humanitarian visas. It also examines past implementation of humanitarian visa schemes by Member States and considers whether more could be done to encourage them to make use of existing provisions in EU law. Finally, with a Commission proposal for Visa Code reform on the table, it asks whether there is now an opportunity to lay down clear rules for humanitarian visa schemes
Anyone but Him: The Complexity of Precluding an Alternative
Preference aggregation in a multiagent setting is a central issue in both
human and computer contexts. In this paper, we study in terms of complexity the
vulnerability of preference aggregation to destructive control. That is, we
study the ability of an election's chair to, through such mechanisms as
voter/candidate addition/suppression/partition, ensure that a particular
candidate (equivalently, alternative) does not win. And we study the extent to
which election systems can make it impossible, or computationally costly
(NP-complete), for the chair to execute such control. Among the systems we
study--plurality, Condorcet, and approval voting--we find cases where systems
immune or computationally resistant to a chair choosing the winner nonetheless
are vulnerable to the chair blocking a victory. Beyond that, we see that among
our studied systems no one system offers the best protection against
destructive control. Rather, the choice of a preference aggregation system will
depend closely on which types of control one wishes to be protected against. We
also find concrete cases where the complexity of or susceptibility to control
varies dramatically based on the choice among natural tie-handling rules.Comment: Preliminary version appeared in AAAI '05. Also appears as
URCS-TR-2005-87
Lightweight reconfiguration security services for AXI-based MPSoCs
International audienceNowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a bus-based MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11% for the adaptive version of the hardware firewall compared to the static one
Toward unified security and privacy protection for smart meter networks
The management of security and privacy protection mechanisms is one fundamental issue of future smart grid and metering networks. Designing effective and economic measures is a non-trivial task due to a) the large number of system requirements and b) the uncertainty over how the system functionalities are going to be specified and evolve. The paper explores a unified approach for addressing security and privacy of smart metering systems. In the process, we present a unified framework that entails the analysis and synthesis of security solutions associated with closely interrelated components of a typical smart metering system. Ultimately, the proposed framework can be used as a guideline for embedding cross-domain security and privacy solutions into smart grid communication systems
The False Promise of Custody in Domestic Violence Protection Orders
This Article reveals the disconnect between the power and the will to enforce the custody and parenting time provisions of protection orders through criminal mechanisms and explores the further infirmity of civil enforcement by illustrating the shortcomings of available relief. Together, these barriers to effective enforcement threaten to render this court-granted protection meaningless and dangerously misleading. The barriers also undermine the many years of advocacy invested to secure these protections in the first place - reforms aimed at protecting victims and children from abusive parents.This Article explores ways to bring together the will and the power to enforce all aspects of protection orders criminally and to shore up the relief available through civil contempt so that the family law provisions of protection orders are more than illusory. This Article explores the ways in which the hard-fought system reforms now fail to offer protection to survivors in previously unforeseeable ways and also pushes further by seeking to explore and resolve the lack of reliable enforcement remedies in this area in a way that not only keeps survivors safe but contemplates the important interests of children at issue and the enhanced enforceability of civil injunctions generally
FAIR aspects of a health information protection and management system
Background: Privacy management is a key issue when dealing with storage and distribution of health information. However, FAIR (Findability, Accessibility, Interoperability, and Reusability) principles when sharing information are in increasing demand in several organizations, especially for information generated in public-funded research projects.
Objectives: The two main objectives of the presented work are the definition of a secure and interoperable modular architecture to manage different kinds of medical content (xIPAMS [x, for Any kind of content, Information Protection And Management System] and HIPAMS [Health Information Protection And Management System]), and the application of FAIR principles to that architecture in such a way that privacy and security are compatible with FAIR.
Methods: We propose the concept of xIPAMS as a modular architecture, following standards for interoperability, which defines mechanisms for privacy, protection, storage, search, and access to health-related information.
Results: xIPAMS provides FAIR principles and preserves patient's privacy. For each module, we identify how FAIR principles apply.
Conclusions: We have analyzed how xIPAMS, and in particular HIPAMS (Health content), support the FAIR principles focusing on security and privacy. We have identified the FAIR principles supported by the different xIPAMS modules, concluding that the four principles are supported. Our analysis has also considered a possible implementation based on the concept of DACS (Document Access and Communication System), a system storing medical documents in a private and secure way. In addition, we have analyzed security aspects of the FAIRification process and how they are provided by xIPAMS modules.The work presented in this article has been partially supported by the Spanish Government under the project: GenClinLab-Sec (Mechanisms for secure and efficient management of genomic information tailored to clinical laboratories: Security Aspects, PID2020-114394RB-C31) funded by MCIN/AEI/10.13039/501100011033 and by the Generalitat de Catalunya (2017 SGR 1749).Peer ReviewedPostprint (published version
Constitutionalization of Human Rights in Post-Soviet States and Latin America: A Comparative Analysis
This Article consists of four parts. The first, which is more general, addresses the question to what extent the system of governance adopted by the countries of the two regions affected the record of the states\u27 protection of human rights. For instance, this Article considers whether democratization of the political system necessarily results in better protection of human rights. The second part analyzes the placement of human rights in the framework of the Latin American and post-Soviet constitutions. The third part identifies and discusses the problem of individual and group rights, an issue crucial for both regions. The fourth part provides a comparative analysis of the main categories of constitutionalized rights and freedoms. Although this part examines the general approach of the constitutional drafters to social, economic, and cultural rights, it focuses on so-called first category rights, such as personal freedoms and civil and political rights, as well as on enforcement mechanisms. The conclusion will supply observations on the most important lessons that constitutional drafters can learn from the experiences of others
- âŠ