92,177 research outputs found
Using Rights to Counter âGender-Specificâ Wrongs
One popular strategy of opposition to practices of female genital cutting (FCG) is rooted in the global feminist movement. Arguing that womenâs rights are human rights, global feminists contend that practices of FGC are a culturally specific manifestation of gender-based oppression that violates a number of rights. Many African feminists resist a womenâs rights approach. They argue that by focusing on gender as the primary axis of oppression affecting the African communities where FGC occurs, a womenâs rights approach has misrepresented African women as passive victims who need to be rescued from African men and has obscured the role of certain international institutions that have perpetuated the oppression of African women. In this paper, I defend these critiques by arguing that the use of a womenâs rights framework to combat practices of female genital cutting among African communities has often been practically ineffective and morally inappropriate
An integrated decision support environment for organisational decision making
Traditional decision support systems are based on the paradigm of a single decision maker working at a stand-alone computer or terminal who has a specific decision to make with a specific goal in mind. Organisational decision support systems aim to support decision makers at all levels of an organisation (from executive, middle management managers to operators), who have a variety of decisions to make, with different priorities, often in a distributed environment. Such systems are designed and developed with extra functionality to meet the challenge. This paper proposes an Integrated Decision Support Environment (IDSE) for organisational decision making. The IDSE is designed and developed based on distributed client/server networking, with a combination of tight and loose integration approaches for information exchange and communication. The prototype of the IDSE demonstrates a good balance between flexibility and reliability
Link Before You Share: Managing Privacy Policies through Blockchain
With the advent of numerous online content providers, utilities and
applications, each with their own specific version of privacy policies and its
associated overhead, it is becoming increasingly difficult for concerned users
to manage and track the confidential information that they share with the
providers. Users consent to providers to gather and share their Personally
Identifiable Information (PII). We have developed a novel framework to
automatically track details about how a users' PII data is stored, used and
shared by the provider. We have integrated our Data Privacy ontology with the
properties of blockchain, to develop an automated access control and audit
mechanism that enforces users' data privacy policies when sharing their data
across third parties. We have also validated this framework by implementing a
working system LinkShare. In this paper, we describe our framework on detail
along with the LinkShare system. Our approach can be adopted by Big Data users
to automatically apply their privacy policy on data operations and track the
flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on
Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE
International Conference on Big Data (IEEE BigData 2017) December 14, 2017,
Boston, MA, US
The Anatomy and Facets of Dynamic Policies
Information flow policies are often dynamic; the security concerns of a
program will typically change during execution to reflect security-relevant
events. A key challenge is how to best specify, and give proper meaning to,
such dynamic policies. A large number of approaches exist that tackle that
challenge, each yielding some important, but unconnected, insight. In this work
we synthesise existing knowledge on dynamic policies, with an aim to establish
a common terminology, best practices, and frameworks for reasoning about them.
We introduce the concept of facets to illuminate subtleties in the semantics of
policies, and closely examine the anatomy of policies and the expressiveness of
policy specification mechanisms. We further explore the relation between
dynamic policies and the concept of declassification.Comment: Technical Report of publication under the same name in Computer
Security Foundations (CSF) 201
Secure Cloud-Edge Deployments, with Trust
Assessing the security level of IoT applications to be deployed to
heterogeneous Cloud-Edge infrastructures operated by different providers is a
non-trivial task. In this article, we present a methodology that permits to
express security requirements for IoT applications, as well as infrastructure
security capabilities, in a simple and declarative manner, and to automatically
obtain an explainable assessment of the security level of the possible
application deployments. The methodology also considers the impact of trust
relations among different stakeholders using or managing Cloud-Edge
infrastructures. A lifelike example is used to showcase the prototyped
implementation of the methodology
Privacy, security, and trust issues in smart environments
Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning
The Audit Logic: Policy Compliance in Distributed Systems
We present a distributed framework where agents can share data along with usage policies. We use an expressive policy language including conditions, obligations and delegation. Our framework also supports the possibility to refine policies. Policies are not enforced a-priori. Instead policy compliance is checked using an a-posteriri auditing approach. Policy compliance is shown by a (logical) proof that the authority can systematically check for validity. Tools for automatically checking and generating proofs are also part of the framework.\u
- âŠ