Security in a Distributed Processing Environment

Distribution plays a key role in telecommunication and computing systems today. It has become a necessity as a result of deregulation and anti-trust legislation, which has forced businesses to move from centralised, monolithic systems to distributed systems with the separation of applications and provisioning technologies, such as the service and transportation layers in the Internet. The need for reliability and recovery requires systems to use replication and secondary backup systems such as those used in ecommerce. There are consequences to distribution. It results in systems being implemented in heterogeneous environment; it requires systems to be scalable; it results in some loss of control and so this contributes to the increased security issues that result from distribution. Each of these issues has to be dealt with. A distributed processing environment (DPE) is middleware that allows heterogeneous environments to operate in a homogeneous manner. Scalability can be addressed by using object-oriented technology to distribute functionality. Security is more difficult to address because it requires the creation of a distributed trusted environment. The problem with security in a DPE currently is that it is treated as an adjunct service, i.e. and after-thought that is the last thing added to the system. As a result, it is not pervasive and therefore is unable to fully support the other DPE services. DPE security needs to provide the five basic security services, authentication, access control, integrity, confidentiality and non-repudiation, in a distributed environment, while ensuring simple and usable administration. The research, detailed in this thesis, starts by highlighting the inadequacies of the existing DPE and its services. It argues that a new management structure was introduced that provides greater flexibility and configurability, while promoting mechanism and service independence. A new secure interoperability framework was introduced which provides the ability to negotiate common mechanism and service level configurations. New facilities were added to the non-repudiation and audit services. The research has shown that all services should be security-aware, and therefore would able to interact with the Enhanced Security Service in order to provide a more secure environment within a DPE. As a proof of concept, the Trader service was selected. Its security limitations were examined, new security behaviour policies proposed and it was then implemented as a Security-aware Trader, which could counteract the existing security limitations.IONA TECHNOLOGIES PLC & ORANG

Healthcare in continuum for an ageing population: national self monitoring or remote offshore monitoring for Australia?

Australia is a country, similar to other developed nations, confronting an ageing population with complex demographics. Ensuring continued healthcare for the ageing, while providing sufficient support for the already aged population requiring assistance, is at the forefront of the national agenda. Varied initiatives are with foci to leverage the advantages of lCTs leading to e-Health provisioning and assisted technologies. While these initiatives increasingly put budgetary constraints on local and federal governments, there is also a case for offshore resourcing of non-critical health services, to support, streamline and enhance the continuum of care, as the nation faces acute shortages of medical practitioners and nurses. However, privacy and confidentiality concerns in this context are a significant issue in Australia. In this paper, we take the position that if the National and state electronic health records system initiatives, are fully implemented, offshore resourcing can be a feasible complementary option resulting in a win-win situation of cutting costs and enabling the continuum of healthcare.<br /

Human Rights in Action: Cambodia Country Study

human development, human rights

A Novel Zero-Trust Network Access Control Scheme based on the Security Profile of Devices and Users

Security constitutes a principal concern for communication networks and services at present. This way, threats should be under control to minimize risks over time in real environments. With this aim, we introduce here a new approach for access control aimed to strengthen security in corporate networks and service providers related environments. Our proposal, named SADAC (Security Attribute-based Dynamic Access Control) presents three main novel features: (i) security related attributes regarding both configuration and operation are considered for network access control of final devices/users; (ii) a dynamic supervision procedure is implemented to evaluate the security profile associated to devices/users over time and, if so, to apply corresponding access restrictions; and (iii) a supervision procedure that also permits to diagnose the causes of inadequate security behaviours, so that the final devices/users can adapt their configuration and/or operation. We describe the overall access control methodology as well as the aspects for its implementation. In particular, we present and evaluate the specific deployment of SADAC for a corporate WiFi environment supported on a Raspberry Pi-based AP to provide Internet access to mobile devices. Through this experimentation we can conclude the convenience of adopting the approach for improving security by minimizing risks in network and communication environments

Tapol bulletin no, 113, October 1992

Contents: Military reshuffle -- Suharto and NAM -- NAM a step back for rights -- Arms: RI, yes to Hawks -- Military grip tightens -- Talks at the UN -- New casualty figures -- UN resolution, text -- Soares, the new governor -- ICJ trials report -- Acehnese refugees -- Killer victims named -- Land conflicts: Siberut -- Freeport's dirty water -- Indonesian-PNG offensive -- Reviews: Timor's Anschluss ; Tu Galal

Montana Kaimin, May 22, 1992

Student newspaper of the University of Montana, Missoula.https://scholarworks.umt.edu/studentnewspaper/9539/thumbnail.jp