Audit and control considerations in an on-line environment; Computer services guidelines

https://egrove.olemiss.edu/aicpa_indev/1697/thumbnail.jp

A Taxonomy for Attack Patterns on Information Flows in Component-Based Operating Systems

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security goal and security breaches are mainly defined as undesired disclosure or modification of classified data, strict control of information flows is the ultimate goal. In order to prevent undesired information flows, we provide a classification of information flow types in a component-based operating system and, by this, possible patterns to attack the system. The systematic consideration of informations flows reveals a specific type of operating system covert channel, the covert physical channel, which connects two former isolated partitions by emitting physical signals into the computer's environment and receiving them at another interface.Comment: 9 page

Designing Integrated Conflict Management Systems: Guidelines for Practitioners and Decision Makers in Organizations

A committee of the ADR (alternative dispute resolution) in the Workplace Initiative of the Society of Professionals in Dispute Resolution (SPIDR) prepared this document for employers, managers, labor representatives, employees, civil and human rights organizations, and others who interact with organizations. In this document we explain why organizations should consider developing integrated conflict management systems to prevent and resolve conflict, and we provide practical guidelines for designing and implementing such systems. The principles identified in this document can also be used to manage external conflict with customers, clients, and the public. Indeed, we recommend that organizations focus simultaneously on preventing and managing both internal and external conflict. SPIDR recognizes that an integrated conflict management system will work only if designed with input from users and decision makers at all levels of the organization. Each system must be tailored to fit the organization\u27s needs, circumstances, and culture. In developing these systems, experimentation is both necessary and healthy. We hope that this document will provide guidance, encourage experimentation, and contribute to the evolving understanding of how best to design and implement these systems

Analyzing D-wave quantum macro assembler security

As we enter the quantum computing era, security becomes of at most importance. With the release of D-Wave One in 2011 and most recently the 2000Q, with 2,000 qubits, and with NASA and Google using D-wave Systems quantum computers, a thorough examination of quantum computer security is needed. Quantum computers underlying hardware is not compatible with classical boolean and binary-based computer systems and software. Assemblers and compliers translate modern programming languages and problems into quantum-annealing methods compatible with quantum computers. This paper presents a vulnerability assessment utilizing static source code analysis on Qmasm Python tool. More specifically, we use flow-sensitive, inter-procedural and context-sensitive data flow analysis to uncover vulnerable points in the program. We demonstrate the Qmasm security flaws that can leave D-Wave 2X system vulnerable to severe threats

Analyzing D-wave quantum macro assembler security

As we enter the quantum computing era, security becomes of at most importance. With the release of D-Wave One in 2011 and most recently the 2000Q, with 2,000 qubits, and with NASA and Google using D-wave Systems quantum computers, a thorough examination of quantum computer security is needed. Quantum computers underlying hardware is not compatible with classical boolean and binary-based computer systems and software. Assemblers and compliers translate modern programming languages and problems into quantum-annealing methods compatible with quantum computers. This paper presents a vulnerability assessment utilizing static source code analysis on Qmasm Python tool. More specifically, we use flow-sensitive, inter-procedural and context-sensitive data flow analysis to uncover vulnerable points in the program. We demonstrate the Qmasm security flaws that can leave D-Wave 2X system vulnerable to severe threats

Static aeroelastic analysis for generic configuration aircraft

A static aeroelastic analysis capability that can calculate flexible air loads for generic configuration aircraft was developed. It was made possible by integrating a finite element structural analysis code (MSC/NASTRAN) and a panel code of aerodynamic analysis based on linear potential flow theory. The framework already built in MSC/NASTRAN was used and the aerodynamic influence coefficient matrix is computed externally and inserted in the NASTRAN by means of a DMAP program. It was shown that deformation and flexible airloads of an oblique wing aircraft can be calculated reliably by this code both in subsonic and supersonic speeds. Preliminary results indicating importance of flexibility in calculating air loads for this type of aircraft are presented

Safety Critical Systems Analysis

Abstract - A brief overview of the fields that must be considered when designing, implementing safety-critical systems is presented. The notion of safety is most likely to come to mind when we drive a car, fly on an airliner, or take an elevator ride. In each case, we are concerned with the threat of a mishap, which defined as an unplanned event or series of events that result in death, injury, occupational illness, damage to or loss of equipment or property or damage to the environment

A Survey on Software Protection Techniques against Various Attacks

Software security and protection plays an important role in software engineering. Considerable attempts have been made to enhance the security of the computer systems because of various available software piracy and virus attacks. Preventing attacks of software will have a huge influence on economic development. Thus, it is very vital to develop approaches that protect software from threats. There are various threats such as piracy, reverse engineering, tampering etc., exploits critical and poorly protected software. Thus, thorough threat analysis and new software protection schemes, needed to protect software from analysis and tampering attacks becomes very necessary. Various techniques are available in the literature for software protection from various attacks. This paper analyses the various techniques available in the literature for software protection. The functionalities and the characteristic features are various software protection techniques have been analyzed in this paper. The main goal of this paper is to analyze the existing software protection techniques and develop an efficient approach which would overcome the drawbacks of the existing techniques

The planning process and its formalization in computer models

"Paper delivered to the Second Congress on the Information Systems Sciences, Hot Springs, Va., Nov. 22-25, 1964. -- Rev. January 1965.

Computer simulation of engine systems

The use of computerized simulations of the steady state and transient performance of jet engines throughout the flight regime is discussed. In addition, installation effects on thrust and specific fuel consumption is accounted for as well as engine weight, dimensions and cost. The availability throughout the government and industry of analytical methods for calculating these quantities are pointed out