SELinux application for Linux server security

Práce se zabývá řízením přístupu v operačních systémech GNU/Linux. Nejdříve je srovnáno volitelné a povinné řízení přístupu a probrány základní technologie založené na povinném řízení přístupu. Blíže je zaměřeno na projekt SELinux, u kterého je vysvětlena tvorba nových pravidel pomocí Type Enforcement. V rámci práce je vytvořena aplikace pro vyhodnocení záznamů technologie SELinux a pro psaní nových pravidel.This work is engaged in access control mechanism in GNU/Linux operating systems. At first discretionary and mandatory access control are compared and examine basic technologies based on mandatory access control. More closely is focused on project SELinux, whose generation of new rules is explained. Within the thesis is made application for logging evaluation and for writing new Type Enforcement rules.

Regulatory incentives and financial reporting quality in public healthcare organisations

English National Health Service Foundation Trusts are subject to a regulatory regime in which the level of monitoring and intervention is determined by performance against two key performance metrics: a ‘financial risk rating’, based on a number of performance metrics, such as the reported surplus margin and return on assets, and a ‘prudential borrowing limit’. In this paper, we investigate the variation in financial reporting quality, proxied by discretionary accruals, with the incentives introduced by this regime. We find: first, that discretionary accruals are managed to report small surpluses; second, that, consistent with the avoidance of regulatory intervention in both the short and medium term, discretionary accruals are more positive when pre-managed performance is below intervention triggering thresholds and more negative when well above threshold; third, that, despite a move away from financial breakeven as the primary performance objective, there remains an aversion to small loss reporting. We further find that the level of discretionary accruals is driven by two metrics of strategic significance: the surplus margin (a measure of retained earnings) and the prudential borrowing limit (a measure of borrowing capacity)

Common Representation of Information Flows for Dynamic Coalitions

We propose a formal foundation for reasoning about access control policies within a Dynamic Coalition, defining an abstraction over existing access control models and providing mechanisms for translation of those models into information-flow domain. The abstracted information-flow domain model, called a Common Representation, can then be used for defining a way to control the evolution of Dynamic Coalitions with respect to information flow

The influence of banks on auditor choice and auditor reporting in Japan

Debt as opposed to equity as the major source of financing and the influence of banks on the corporate governance of listed companies are unique features of the Japanese business environment. This thesis investigates how these features affect the choice of auditor by Japanese listed companies and auditor reporting by Japanese CPA firms on those companies. Pong and Kita (2006) provided some univariate analyses and indicated that Japanese companies tended to select the same external auditors as their main banks to reduce the agency costs. In this thesis, I further examine the influence of main banks on auditor selection by logistic regression and also investigate the influence of main banks on auditor reporting quality after controlling self-selection bias. Using data from Japanese listed companies in the Tokyo Stock Exchange over the 2002-2008 period, I provide empirical evidence that companies with more reliance on main bank loans are more likely to choose their main banks’ external auditors. Using the Propensity Score Matching method and the Heckman two-step binary probit model to control for self-selection bias, the empirical results support the hypothesis that main bank auditors are more likely to issue modified opinions to the borrowing companies than non-main bank auditors, providing evidence of higher audit quality from main bank auditors. As a sensitivity test, I also use discretionary accruals as a measure of audit quality. the results indicate that companies who choose the same auditors as their main banks have higher audit quality than companies who choose different auditors from their main banks. My thesis contributes to the existing auditing literature in several ways. First, by studying the influence of debt financing on auditor choice and auditor reporting, this thesis extends the auditor market research that focuses mainly on the role of auditors in equity markets to the bank-based market. Furthermore, this thesis also complements auditing research on the influence of institutions on audit quality

HELIN Cataloging Policies and Procedures Manual

HELIN Cataloging Manual - Nov. 2011 revisio

Information Flow Model for Commercial Security

Information flow in Discretionary Access Control (DAC) is a well-known difficult problem. This paper formalizes the fundamental concepts and establishes a theory of information flow security. A DAC system is information flow secure (IFS), if any data never flows into the hands of owner’s enemies (explicitly denial access list.