On Using Encryption Techniques to Enhance Sticky Policies Enforcement

How to enforce privacy policies to protect sensitive personal data has become an urgent research topic for security researchers, as very little has been done in this field apart from some ad hoc research efforts. The sticky policy paradigm, proposed by Karjoth, Schunter, and Waidner, provides very useful inspiration on how we can protect sensitive personal data, but the enforcement is very weak. In this paper we provide an overview of the state of the art in enforcing sticky policies, especially the concept of sticky policy enforcement using encryption techniques including Public-Key Encryption (PKE), Identity-Based Encryption (IBE), Attribute-Based Encryption (ABE), and Proxy Re-Encryption (PRE). We provide detailed comparison results on the (dis)advantages of these enforcement mechanisms. As a result of the analysis, we provide a general framework for enhancing sticky policy enforcement using Type-based PRE (TPRE), which is an extension of general PRE

Translating standard process models to BPEL

Standardisation of languages in the field of business process management has long been an elusive goal. Recently though, consensus has built around one process implementation language, namely BPEL, and two fundamentally similar process modelling notations, namely UML Activity Diagram (UML AD) and BPMN. This paper presents a technique for generating BPEL code from process models expressed in a core subset of BPMN and UML AD. This model-to-code translation is a necessary ingredient to the emergence of model-driven business process development environments based on these standards. The proposed translation has been implemented as an open source tool

An information architecture for validating courseware

Courseware validation should locate Learning Objects inconsistent with the courseware instructional design being used. In order for validation to take place it is necessary to identify the implicit and explicit information needed for validation. In this paper, we identify this information and formally define an information architecture to model courseware validation information explicitly. This promotes tool-support for courseware validation and its interoperability with the courseware specifications

Intentions and Results: A Look Back at the Adoption and Safe Families Act

Compiles papers and policy briefs examining the intended and unintended consequences for children, families, and the child welfare system of the 1997 law to prioritize child safety in case decision making and connect children to permanent families

Business process management: a bird's-eye view and research agenda.

Processes; Management; Research;

New Jobs — Cleaner Air: Employment Effects Under Planned Changes to the EPA’s Air Pollution Rules

In this study commissioned by Ceres, James Heintz, Heidi Garrett-Peltier, and Ben Zipperer examine the economic impacts of air pollution regulations forthcoming from the Environmental Protection Agency: the Clean Air Transport Rule governing sulfur dioxide and nitrogen oxide emissions, and the National Emissions Standards for Hazardous Air Pollutants for Utility Boilers rule, which will set limits for hazardous air pollutants. Focusing on 36 states, the study assesses the potential employment impacts of the transformation of the nation’s energy generation plants to a cleaner, more efficient fleet, through investments in pollution controls and the retirement of outdated plants.

Insurer Rebates Under the Medical Loss Ratio: 2012 Estimates

Estimates 2012 rebates to be paid to policy holders by insurers failing to meet federal healthcare reform's requirement that they spend a minimum ratio of 80 to 85 percent of premiums on medical care expenses. Examines data by state and market segment

Architecting specifications for test case generation

The Specification and Description Language (SDL) together with its associated tool sets can be used for the generation of Tree and Tabular Combined Notation (TTCN) test cases. Surprisingly, little documentation exists on the optimal way to specify systems so that they can best be used for the generation of tests. This paper, elaborates on the different tool supported approaches that can be taken for test case generation and highlights their advantages and disadvantages. A rule based SDL specification style is then presented that facilitates the automatic generation of tests