278,475 research outputs found
Common Representation of Information Flows for Dynamic Coalitions
We propose a formal foundation for reasoning about access control policies
within a Dynamic Coalition, defining an abstraction over existing access
control models and providing mechanisms for translation of those models into
information-flow domain. The abstracted information-flow domain model, called a
Common Representation, can then be used for defining a way to control the
evolution of Dynamic Coalitions with respect to information flow
Closing the loop of SIEM analysis to Secure Critical Infrastructures
Critical Infrastructure Protection is one of the main challenges of last
years. Security Information and Event Management (SIEM) systems are widely used
for coping with this challenge. However, they currently present several
limitations that have to be overcome. In this paper we propose an enhanced SIEM
system in which we have introduced novel components to i) enable multiple layer
data analysis; ii) resolve conflicts among security policies, and discover
unauthorized data paths in such a way to be able to reconfigure network
devices. Furthermore, the system is enriched by a Resilient Event Storage that
ensures integrity and unforgeability of events stored.Comment: EDCC-2014, BIG4CIP-2014, Security Information and Event Management,
Decision Support System, Hydroelectric Da
A User-Focused Reference Model for Wireless Systems Beyond 3G
This whitepaper describes a proposal from Working Group 1, the Human Perspective of the Wireless World, for a user-focused reference model for systems beyond 3G. The general structure of the proposed model involves two "planes": the Value Plane and the Capability Plane. The characteristics of these planes are discussed in detail and an example application of the model to a specific scenario for the wireless world is provided
On Properties of Policy-Based Specifications
The advent of large-scale, complex computing systems has dramatically
increased the difficulties of securing accesses to systems' resources. To
ensure confidentiality and integrity, the exploitation of access control
mechanisms has thus become a crucial issue in the design of modern computing
systems. Among the different access control approaches proposed in the last
decades, the policy-based one permits to capture, by resorting to the concept
of attribute, all systems' security-relevant information and to be, at the same
time, sufficiently flexible and expressive to represent the other approaches.
In this paper, we move a step further to understand the effectiveness of
policy-based specifications by studying how they permit to enforce traditional
security properties. To support system designers in developing and maintaining
policy-based specifications, we formalise also some relevant properties
regarding the structure of policies. By means of a case study from the banking
domain, we present real instances of such properties and outline an approach
towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338
Practitioners' views about equity within prenatal services
The British National Health Service (NHS) is based on principles of equal access, treatment and outcomes. This article reviews health professionals' aims to provide equitable prenatal services and their views on whether women could be equal in their access to services, understanding during choice-making, and satisfaction about their care. Inequalities which compromise equity, conflicting meanings of equity, and the contribution of in-hospital ethics seminars to ethical health services are considered. Qualitative research, combining sociological and philosophical methods, investigated the experiences of health care staff attempting to provide equitable services and their practical and ethical problems. A total of 70 staff at a teaching hospital and a district general hospital took part in semi-structured interviews, followed by 11 innovative in-hospital ethics seminars based on themes derived from the interviews. The 56 seminar participants usually began with clear statements of their equitable aims, but, encouraged by the health care ethicist, they went on to discuss their many concerns about obstacles which complicated the achievement of these aims. The sociological-ethics seminars provided unique opportunities for multi-disciplinary discussion of these inequalities and their impact on equitable intentions in health care. Analysis of the contradictions revealed during the seminars is guided by sociological theories that seek to explain the persistence of inequalities in health, and how NHS policies appear to perpetuate and increase them, despite practitioners' stated intentions to promote equality
- …