Architectural Access Control Policy Refinement and Verification under Uncertainty

In our connected world, confidentiality is a central quality requirement. A commonly used mechanism to meet confidentiality requirements is access control. However, access control policies are usually not defined on the architectural abstraction level and are imprecise during design time due to the high degree of uncertainty. This impedes early considerations of confidentiality as implied by "Privacy by Design". We propose an approach to refine and verify access control policies while handling uncertainty that fills the gap between high-level confidentiality requirements and low-level access control

Continuous Secure Software Development and Analysis

Software security becomes increasingly important nowadays. Security should be considered as early as possible in the software development. However, considering different aspects of security is a complex task. In this paper, we propose an extendable framework for continuous secure software development and evolution. The framework provides interconnected analyses on different stages of development. Explicit assumption management helps to verify the security requirements more properly. Thus, the security of the system under development can be estimated more accurately. Finally, the concrete assumptions also help to identify and close security gaps that arise during the software’s lifetime

A framework for defining and analysing access policies in requirements models

Enforcing access policies derived from management control principles is a way by which organisations protect their information assets. The minimum privileges principle is an example of a management control principle, which specifies that users should only have access to resources they require to carry out their duties. Requirements models use actors to specify their access policies. Actors normally represent roles that users adopt, however a role can have different meanings, such as a position in an organisation or the assignment of a task, and can therefore be misleading. Current requirements modelling approaches do not provide a systematic way of defining roles for incorporation into access policies, and therefore we can not ensure that they satisfy management control principles. In this thesis we address the need to provide precise role definitions by developing a framework that facilitates the derivation of roles from the organisational context. The framework consists of a metamodel, which enables the organisational context to be represented and related to actors; a set of heuristics for deriving the organisational context; and a set of language constructs for formulating access policies, and verifying them using scenarios. We use the meta-model and language constructs that we developed to extend an existing requirements modelling language, the i* framework, and in particular a formal version of it, formal Tropos, to define and verify access policies definitions satisfying the minimum privileges principle. We also investigate the use of automated tool checking by translating the formal Tropos definitions into the specification language Alloy, which is supported by a tool that automatically checks assertions, to ensure consistency of the access policy definitions. We carry out a detailed case study taken from the literature to verify the extensions to the i* framework and the tool supported analysis. The framework presented in this thesis makes a novel contribution to the modelling of access policies as requirements, enabling us to define access policies using actors derived from the organisational context, that satisfy the minimum privileges principle

Stock market responses to bank restructuring policies during the East Asian crisis

The East Asian crisis began in Thailand in mid-1997 when an ailing financial sector, a slowdown in exports, and large increases in central bank credit to weak financial institutions, triggered a run on the baht. Then the crisis spread to other countries in the region, as common vulnerabilities, and revaluations of risk in emerging markets, triggered large capital flows. To better understand the impact of different policy responses to financial crises, the authors investigate how stock markets in East Asian countries reacted to the initial policy announcements of bank, and financial restructuring - especially how banking, and non-financial sectors in Indonesia, the Republic of Korea, Malaysia, and Thailand, fared in response to announcements of different restructuring measures. They find that prices of bank stocks, responded positively to announcements about government guarantees of bank liabilities. Non-financial companies gained in value when guarantees were announced, but their stock prices were negatively affected by announcements favoring public re-capitalization schemes, and generous liquidity support programs. Possibly the market was concerned that public funds per se, would not restore the health of the financial sector - that they would not be sufficient, or would not be used to restructure bank balance sheets, and operations, and allow banks to engage in meaningful corporate restructuring. The announcements of increased public support, have been viewed as a signal that the financial institutions were in a financially weaker position than previously thought.Banks&Banking Reform,Financial Crisis Management&Restructuring,Financial Intermediation,Economic Theory&Research,Access to Markets

Controlling the fiscal costs of banking crises

In recent decades, a majority of countries have experienced a systemic banking crisis requiring a major-and expensive-overhaul of their banking system. Not only do banking crises hit the budget with outlays that must be absorbed by higher taxes (or spending cuts), but they are costly in terms of forgone economic output. Many different policy recommendations have been made for limiting the cost of crises, but there has been little systematic effort to see which recommendations work in practice. The authors try to quantify the extent to which fiscal outlays incurred in resolving banking distress can be attributed to crisis management measures of a particular kind adopted by the government in the early years of the crisis. They find evidence that certain crisis management strategies appear to add greatly to fiscal costs: unlimited deposit guarantees, open-ended liquidity support, repeated recapitalization, debtor bail-outs, and regulatory forbearance. Their findings clearly tilt the balance in favor of a strict rather than an accommodating approach to crisis resolution. At the very least, regulatory authorities who choose an accommodating or gradualist approach to an emerging crisis must be sure they have some other way to control risk-taking.Economic Theory&Research,Banks&Banking Reform,Financial Crisis Management&Restructuring,Payment Systems&Infrastructure,Financial Intermediation,Financial Crisis Management&Restructuring,Economic Theory&Research,National Governance,Financial Intermediation,Banks&Banking Reform

The devil is in the details: the contractual governance of joint R&D biotechnology alliances

This study aims at deepening our understanding of the contractual governance of technology alliances. For this purpose we carry out an in depth analysis of four contracts of pharmaceutical biotechnology alliances. The application of the framework contrasting transactional and relational contracts proves not sufficiently discriminating: all the contracts investigated are relational latu sensu, and considerable heterogeneity remains unexplained. A competing framework contrasting action-based and resource-based contracts provides a useful focusing device to analyze the texture of the different types of relations observes. Through resources the interpretation of alliance contracts is connected to fundamental sociological research on human sociality. This allows us to develop a framework that explains the configuration of contractual governance in terms of the relational model adopted by the parties. Our framework also proposes that the distribution of core competences among the parties is an important predictor of the relational model. Finally, testable propositions deriving from the study are offered as guidelines for further research