Security Provisioning in Cloud Environments using Dynamic Expiration Enabled Role based Access Control Model

In cloud environment the role based access control (RBAC) system model has come up with certain promising facilities for security communities. This system has established itself as highly robust, powerful and generalized framework for providing access control for security management. There are numerous practical applications and circumstances where the users might be prohibited to consider respective roles only at certain defined time periods. Additionally, these roles can be invoked only on after pre-defined time intervals which depend on the permission of certain action or event. In order to incarcerate this kind of dynamic aspects of a role, numerous models like temporal RBAC (TRBAC) was proposed, then while this approach could not deliver anything else except the constraints of role enabling. Here in this paper, we have proposed robust and an optimum scheme called Dynamic expiration enabled role based access control (DEERBAC) model which is efficient for expressing a broad range of temporal constraints. Specifically, in this approach we permit the expressions periodically as well as at certain defined time constraints on roles, user-role assignments as well as assignment of role-permission. According to DEERBAC model, in certain time duration the roles can be further restricted as a consequence of numerous activation constraints and highest possible active duration constraints. The dominant contributions of DEERBAC model can the extension and optimization in the existing TRBAC framework and its event and triggering expressions. The predominant uniqueness of this model is that this system inherits the expression of role hierarchies and Separation of Duty (SoD) constraints that specifies the fine-grained temporal semantics. The results obtained illustrates that the DEERBAC system provides optimum solution for efficient user-creation, role assignment and security management framework in cloud environment with higher user count and the simultaneous rolepermission,

A Survey of Languages for Specifying Dynamics: A Knowledge Engineering Perspective

A number of formal specification languages for knowledge-based systems has been developed. Characteristics for knowledge-based systems are a complex knowledge base and an inference engine which uses this knowledge to solve a given problem. Specification languages for knowledge-based systems have to cover both aspects. They have to provide the means to specify a complex and large amount of knowledge and they have to provide the means to specify the dynamic reasoning behavior of a knowledge-based system. We focus on the second aspect. For this purpose, we survey existing approaches for specifying dynamic behavior in related areas of research. In fact, we have taken approaches for the specification of information systems (Language for Conceptual Modeling and TROLL), approaches for the specification of database updates and logic programming (Transaction Logic and Dynamic Database Logic) and the generic specification framework of abstract state machine

Sociohydrologic Systems Thinking: An Analysis of Undergraduate Students’ Operationalization and Modeling of Coupled Human-Water Systems

One of the keys to science and environmental literacy is systems thinking. Learning how to think about the interactions between systems, the far-reaching effects of a system, and the dynamic nature of systems are all critical outcomes of science learning. However, students need support to develop systems thinking skills in undergraduate geoscience classrooms. While systems thinking-focused instruction has the potential to benefit student learning, gaps exist in our understanding of students’ use of systems thinking to operationalize and model SHS, as well as their metacognitive evaluation of systems thinking. To address this need, we have designed, implemented, refined, and studied an introductory-level, interdisciplinary course focused on coupled human-water, or sociohydrologic, systems. Data for this study comes from three consecutive iterations of the course and involves student models and explanations for a socio-hydrologic issue (n = 163). To analyze this data, we counted themed features of the drawn models and applied an operationalization rubric to the written responses. Analyses of the written explanations reveal statistically-significant differences between underlying categories of systems thinking (F(5, 768) = 401.6, p \u3c 0.05). Students were best able to operationalize their systems thinking about problem identification (M = 2.22, SD = 0.73) as compared to unintended consequences (M = 1.43, SD = 1.11). Student-generated systems thinking models revealed statistically significant differences between system components, patterns, and mechanisms, F(2, 132) = 3.06, p \u3c 0.05. Students focused most strongly on system components (M = 13.54, SD = 7.15) as compared to related processes or mechanisms. Qualitative data demonstrated three types of model limitation including scope/scale, temporal, and specific components/mechanisms/patterns excluded. These findings have implications for supporting systems thinking in undergraduate geoscience classrooms, as well as insight into links between these two skills

IUPC: Identification and Unification of Process Constraints

Business Process Compliance (BPC) has gained significant momentum in research and practice during the last years. Although many approaches address BPC, they mostly assume the existence of some kind of unified base of process constraints and focus on their verification over the business processes. However, it remains unclear how such an inte- grated process constraint base can be built up, even though this con- stitutes the essential prerequisite for all further compliance checks. In addition, the heterogeneity of process constraints has been neglected so far. Without identification and separation of process constraints from domain rules as well as unification of process constraints, the success- ful IT support of BPC will not be possible. In this technical report we introduce a unified representation framework that enables the identifica- tion of process constraints from domain rules and their later unification within a process constraint base. Separating process constraints from domain rules can lead to significant reduction of compliance checking effort. Unification enables consistency checks and optimizations as well as maintenance and evolution of the constraint base on the other side.Comment: 13 pages, 4 figures, technical repor

Fast Approximate Spectral Clustering for Dynamic Networks

Spectral clustering is a widely studied problem, yet its complexity is prohibitive for dynamic graphs of even modest size. We claim that it is possible to reuse information of past cluster assignments to expedite computation. Our approach builds on a recent idea of sidestepping the main bottleneck of spectral clustering, i.e., computing the graph eigenvectors, by using fast Chebyshev graph filtering of random signals. We show that the proposed algorithm achieves clustering assignments with quality approximating that of spectral clustering and that it can yield significant complexity benefits when the graph dynamics are appropriately bounded