Applying the take-grant protection model

The Take-Grant Protection Model has in the past been used to model multilevel security hierarchies and simple protection systems. The models are extended to include theft of rights and sharing information, and additional security policies are examined. The analysis suggests that in some cases the basic rules of the Take-Grant Protection Model should be augmented to represent the policy properly; when appropriate, such modifications are made and their efforts with respect to the policy and its Take-Grant representation are discussed

“A Debt of Honor”: The Hegemonic Benevolence of Richmond’s Female Elites at the “Last Confederate Christmas” of 1864

In poignant remembrance of the last Christmas in the Confederate White House, Varina Davis, First Lady of the Confederacy, reflected upon that special event in an extended article for the New York Sunday World, some thirty-two years after the Confederacy’s final Christmas. Davis recounted the event fondly and praised the transformation of her female peers into perfect models of Confederate endurance under the extreme duress of civil war. In re-creating the dramaturgy of the three-part event, which was organized and hosted in large part by the Confederacy’s First Lady, Davis opened a critical window into southern sensibilities and the cultural rituals which helped to sustain the Confederacy through four long years of civil war. Though Davis’s article was clearly a reflective and nostalgic piece concerning an event which occurred thirtytwo years prior, it was not written merely as a glorification of southern society, but rather to demonstrate the perpetuation of cherished southern ideals and rituals during the closing months of the war. [excerpt

Model the System from Adversary Viewpoint: Threats Identification and Modeling

Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), and How (attack method), adversary achieved his attack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework, developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta-model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322

CRiBAC: Community-centric role interaction based access control model

As one of the most efficient solutions to complex and large-scale problems, multi-agent cooperation has been in the limelight for the past few decades. Recently, many research projects have focused on context-aware cooperation to dynamically provide complex services. As cooperation in the multi-agent systems (MASs) becomes more common, guaranteeing the security of such cooperation takes on even greater importance. However, existing security models do not reflect the agents' unique features, including cooperation and context-awareness. In this paper, we propose a Community-based Role interaction-based Access Control model (CRiBAC) to allow secure cooperation in MASs. To do this, we refine and extend our preliminary RiBAC model, which was proposed earlier to support secure interactions among agents, by introducing a new concept of interaction permission, and then extend it to CRiBAC to support community-based cooperation among agents. We analyze potential problems related to interaction permissions and propose two approaches to address them. We also propose an administration model to facilitate administration of CRiBAC policies. Finally, we present the implementation of a prototype system based on a sample scenario to assess the proposed work and show its feasibility. © 2012 Elsevier Ltd. All rights reserved

Addressing the needs of the children’s integrated workforce: A method for developing collaborative practice through joint learning

The delivery of welfare, health and educational provision to the majority of children aged 0–18 in England is primarily led by local authorities via their children’s integrated service. In 2004 the children’s integrated service model was launched and it promised the benefits of an integrated and collaborative system of working, regarding flexibility and responsiveness to national policy, local development and capacity building (Robinson et al, 2008). However, the implementation and emergence of this model has been characterised by competing local and national agendas, practitioner misunderstanding and lack of trust, a lack of strong leadership and also financial restrictions. It can therefore be contended that conceptually children’s integrated services are not operating fully with a collaborative and integrated workforce. As a possible solution to the current situation, it is proposed that joint learning, along with a combined continual professional development (CPD) framework, be made available as a valuable starting point for such organisations. Learning and working together has benefits for children and practitioners, and especially, as this article will argue, for playwork practitioners

Defense against Insider Threat: a Framework for Gathering Goal-based Requirements

Insider threat is becoming comparable to outsider threat in frequency of security events. This is a worrying situation, since insider attacks have a high probability of success because insiders have authorized access and legitimate privileges. Despite their importance, insider threats are still not properly addressed by organizations. We contribute to reverse this situation by introducing a framework composed of a method for identification and assessment of insider threat risks and of two supporting deliverables for awareness of insider threat. The deliverables are: (i) attack strategies structured in four decomposition trees, and (ii) a matrix which correlates defense strategies, attack strategies and control principles. The method output consists of goal-based requirements for the defense against insiders

FoCaLiZe: Inside an F-IDE

For years, Integrated Development Environments have demonstrated their usefulness in order to ease the development of software. High-level security or safety systems require proofs of compliance to standards, based on analyses such as code review and, increasingly nowadays, formal proofs of conformance to specifications. This implies mixing computational and logical aspects all along the development, which naturally raises the need for a notion of Formal IDE. This paper examines the FoCaLiZe environment and explores the implementation issues raised by the decision to provide a single language to express specification properties, source code and machine-checked proofs while allowing incremental development and code reusability. Such features create strong dependencies between functions, properties and proofs, and impose an particular compilation scheme, which is described here. The compilation results are runnable OCaml code and a checkable Coq term. All these points are illustrated through a running example.Comment: In Proceedings F-IDE 2014, arXiv:1404.578