TCG based approach for secure management of virtualized platforms: state-of-the-art

There is a strong trend shift in the favor of adopting virtualization to get business benefits. The provisioning of virtualized enterprise resources is one kind of many possible scenarios. Where virtualization promises clear advantages it also poses new security challenges which need to be addressed to gain stakeholders confidence in the dynamics of new environment. One important facet of these challenges is establishing 'Trust' which is a basic primitive for any viable business model. The Trusted computing group (TCG) offers technologies and mechanisms required to establish this trust in the target platforms. Moreover, TCG technologies enable protecting of sensitive data in rest and transit. This report explores the applicability of relevant TCG concepts to virtualize enterprise resources securely for provisioning, establish trust in the target platforms and securely manage these virtualized Trusted Platforms

Risk management for drinking water safety in low and middle income countries: cultural influences on water safety plan (WSP) implementation in urban water utilities

We investigated cultural influences on the implementation of water safety plans (WSPs) using case studies from WSP pilots in India, Uganda and Jamaica. A comprehensive thematic analysis of semi-structured interviews (n = 150 utility customers, n = 32 WSP ‘implementers’ and n = 9 WSP ‘promoters’), field observations and related documents revealed 12 cultural themes, offered as ‘enabling’, ‘limiting’, or ‘neutral’, that influence WSP implementation in urban water utilities to varying extents. Aspects such as a ‘deliver first, safety later’ mind set; supply system knowledge management and storage practices; and non-compliance are deemed influential. Emergent themes of cultural influence (ET1 to ET12) are discussed by reference to the risk management, development studies and institutional culture literatures; by reference to their positive, negative or neutral influence on WSP implementation. The results have implications for the utility endorsement of WSPs, for the impact of organisational cultures on WSP implementation; for the scale-up of pilot studies; and they support repeated calls from practitioner communities for cultural attentiveness during WSP design. Findings on organisational cultures mirror those from utilities in higher income nations implementing WSPs – leadership, advocacy among promoters and customers (not just implementers) and purposeful knowledge management are critical to WSP success

Enhancing Data Security by Making Data Disappear in a P2P Systems

This paper describes the problem of securing data by making it disappear after some time limit, making it impossible for it to be recovered by an unauthorized party. This method is in response to the need to keep the data secured and to protect the privacy of archived data on the servers, Cloud and Peer-to-Peer architectures. Due to the distributed nature of these architectures, it is impossible to destroy the data completely. So, we store the data by applying encryption and then manage the key, which is easier to do as the key is small and it can be hidden in the DHT (Distributed hash table). Even if the keys in the DHT and the encrypted data were compromised, the data would still be secure. This paper describes existing solutions, points to their limitations and suggests improvements with a new secure architecture. We evaluated and executed this architecture on the Java platform and proved that it is more secure than other architectures.Comment: 18 page

Enforcing reputation constraints on business process workflows

The problem of trust in determining the flow of execution of business processes has been in the centre of research interst in the last decade as business processes become a de facto model of Internet-based commerce, particularly with the increasing popularity in Cloud computing. One of the main mea-sures of trust is reputation, where the quality of services as provided to their clients can be used as the main factor in calculating service and service provider reputation values. The work presented here contributes to the solving of this problem by defining a model for the calculation of service reputa-tion levels in a BPEL-based business workflow. These levels of reputation are then used to control the execution of the workflow based on service-level agreement constraints provided by the users of the workflow. The main contribution of the paper is to first present a formal meaning for BPEL processes, which is constrained by reputation requirements from the users, and then we demonstrate that these requirements can be enforced using a reference architecture with a case scenario from the domain of distributed map processing. Finally, the paper discusses the possible threats that can be launched on such an architecture

The evolving scholarly record

This report presents a framework to help organize and drive discussions about the evolving scholarly record. The framework provides a high-level view of the categories of material the scholarly record potentially encompasses, as well as the key stakeholder roles associated with the creation, management, and use of the scholarly record. Key highlights: A confluence of trends is accelerating changes to the scholarly record\u27s content and stakeholder roles. Scholarly outcomes are contextualized by materials generated in the process and aftermath of scholarly inquiry. The research process generates materials covering methods employed, evidence used, and formative discussion. The research aftermath generates materials covering discussion, revision, and reuse of scholarly outcomes. The scholarly record is evolving to have greater emphasis on collecting and curating context of scholarly inquiry. The scholarly record’s stakeholder ecosystem encompasses four key roles: create, fix, collect, and use. The stakeholder ecosystem supports thinking about how roles are reconfigured as the scholarly record evolves. The ways and means of scholarly inquiry are experiencing fundamental change, with consequences for scholarly communication and ultimately, the scholarly record. The boundaries of the scholarly record are both expanding and blurring, driven by changes in research practices, as well as changing perceptions of the long-term value of certain forms of scholarly materials. Understanding the nature, scope, and evolutionary trends of the scholarly record is an important concern in many quarters—for libraries, for publishers, for funders, and of course for scholars themselves. Many issues are intrinsic to the scholarly record, such as preservation, citation, replicability, provenance, and data curation. The conceptualization of the scholarly record and its stakeholder ecosystem provided in the report can serve as a common point of reference in discussions within and across domains, and help cultivate the shared understanding and collaborative relationships needed to identify, collect, and make accessible the wide range of materials the scholarly record is evolving to include