Towards Model-Driven Development of Access Control Policies for Web Applications

We introduce a UML-based notation for graphically modeling systems’ security aspects in a simple and intuitive way and a model-driven process that transforms graphical specifications of access control policies in XACML. These XACML policies are then translated in FACPL, a policy language with a formal semantics, and the resulting policies are evaluated by means of a Java-based software tool

A Static Verification Framework for Secure Peer-to-Peer Applications

In this paper we present a static verification framework to support the design and verification of secure peer-to-peer applications. The framework supports the specification, modeling, and analysis of security aspects together with the general characteristics of the system, during early stages of the development life-cycle. The approach avoids security issues to be taken into consideration as a separate layer that is added to the system as an afterthought by the use of security protocols. The main functionality supported by the framework are concerned with the modeling of the system together with its security aspects by using an extension of UML, modeling of abuse cases to represent scenarios of attackers and assist with the identification of properties to be verified, specification of properties to be verified in a graphical template language, verification of the models against the properties, and visualization of the results of the verification process

Does Revolution Work? Evidence from Nepal’s People’s War

In 2015, after a decade-long conflict and nine years of negotiation, Nepal promulgated a constitution that replaced its 240-year-old monarchy by a federal republic. The subsequent 2017 local elections ushered more than 30,000 first-time politicians into office. Using a census of 3.68 million Nepalis (2.56 million of whom are of voting age) covering eleven districts, party nomination lists and party candidate selection committee surveys, electoral data and information on conflict incidence, we document that castes that were historically excluded from political representation achieved representation without a significant representation-ability trade-off: improved social representation among politicians is accompanied by positive selection on education and income. Triangulating across multiple data sources, we show that the entry of the revolutionary Maoist group as a post-conflict mainstream party played an important role. Finally, political representation of non-elite castes improved their policy inclusion as measured by individual access to earthquake reconstruction transfers. These gains, however, vary with the extent of social connections to the elected mayor and point to a continuing need to balance power by supporting institutions that provide all citizens political voice

Integration of BPM systems

New technologies have emerged to support the global economy where for instance suppliers, manufactures and retailers are working together in order to minimise the cost and maximise efficiency. One of the technologies that has become a buzz word for many businesses is business process management or BPM. A business process comprises activities and tasks, the resources required to perform each task, and the business rules linking these activities and tasks. The tasks may be performed by human and/or machine actors. Workflow provides a way of describing the order of execution and the dependent relationships between the constituting activities of short or long running processes. Workflow allows businesses to capture not only the information but also the processes that transform the information - the process asset (Koulopoulos, T. M., 1995). Applications which involve automated, human-centric and collaborative processes across organisations are inherently different from one organisation to another. Even within the same organisation but over time, applications are adapted as ongoing change to the business processes is seen as the norm in today’s dynamic business environment. The major difference lies in the specifics of business processes which are changing rapidly in order to match the way in which businesses operate. In this chapter we introduce and discuss Business Process Management (BPM) with a focus on the integration of heterogeneous BPM systems across multiple organisations. We identify the problems and the main challenges not only with regards to technologies but also in the social and cultural context. We also discuss the issues that have arisen in our bid to find the solutions

A conceptual model for the development of CSCW systems

Models and theories concerning cooperation have long been recognised as an important aid in the development of Computer Supported Cooperative Work (CSCW) systems. However, there is no consensus regarding the set of concepts and abstractions that should underlie such models and theories. Furthermore, common patterns are hard to discern in different models and theories. This paper analyses a number of existing models and theories, and proposes a generic conceptual framework based on the strengths and commonalities of these models. We analyse five different developments, viz., Coordination Theory, Activity Theory, Task Manager model, Action/Interaction Theory and Object-Oriented Activity Support model, to propose a generic model based on four key concepts common to these developments, viz. activity, actor, information and service

Using formal metamodels to check consistency of functional views in information systems specification

UML notations require adaptation for applications such as Information Systems (IS). Thus we have defined IS-UML. The purpose of this article is twofold. First, we propose an extension to this language to deal with functional aspects of IS. We use two views to specify IS transactions: the first one is defined as a combination of behavioural UML diagrams (collaboration and state diagrams), and the second one is based on the definition of specific classes of an extended class diagram. The final objective of the article is to consider consistency issues between the various diagrams of an IS-UML specification. In common with other UML languages, we use a metamodel to define IS-UML. We use class diagrams to summarize the metamodel structure and a formal language, B, for the full metamodel. This allows us to formally express consistency checks and mapping rules between specific metamodel concepts. (C) 2007 Elsevier B.V. All rights reserved