On Properties of Policy-Based Specifications

The advent of large-scale, complex computing systems has dramatically increased the difficulties of securing accesses to systems' resources. To ensure confidentiality and integrity, the exploitation of access control mechanisms has thus become a crucial issue in the design of modern computing systems. Among the different access control approaches proposed in the last decades, the policy-based one permits to capture, by resorting to the concept of attribute, all systems' security-relevant information and to be, at the same time, sufficiently flexible and expressive to represent the other approaches. In this paper, we move a step further to understand the effectiveness of policy-based specifications by studying how they permit to enforce traditional security properties. To support system designers in developing and maintaining policy-based specifications, we formalise also some relevant properties regarding the structure of policies. By means of a case study from the banking domain, we present real instances of such properties and outline an approach towards their automatised verification.Comment: In Proceedings WWV 2015, arXiv:1508.0338

Improving the Delivery of Key Work Supports: Policy & Practice Opportunities at a Critical Moment

Examines the consequences of a lack of coordination and seamless service delivery across support programs. Outlines policy, procedural, and data utilization options and best practices to expedite receipt of benefits across programs, as well as challenges

ARIES WP3 – Needs and Requirements Analyses

Information and communication technologies have increasingly influenced and changed our daily life. They allow global connectivity and easy access to distributed applications and digital services over the Internet. This report analysis security requirements on trust establishment and trust evaluation based on two different use case scenarios: "Trusted Communication using COTS" and "Trust Establishment for Cross-organizational Crises Management". A systematic needs analysis is performed on both scenarios which haver resulted in a large and well documented set of requirements. This is the first step in a large effort to define a security architecture for the two use case scenarios.

Static Enforcement of Role-Based Access Control

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the system's architecture. We apply this new approach to policies restricting calls to methods in Java applications. We present a language to express RBAC policies on calls to methods in Java, a set of design patterns which Java programs must adhere to for the policy to be enforced statically, and a description of the checks made by our static verifier for static enforcement.Comment: In Proceedings WWV 2014, arXiv:1409.229

Measurement and reporting of climate-smart agriculture: technical guidance for a countrycentric process

Given the extent of climate-smart agriculture (CSA) initiatives at project, national, regional and global levels, there is increasing interest in tracking progress in implementing CSA at national level. CSA is also expected to contribute to higher-level goals (e.g., the Paris Agreement, Africa Union’s Vision 25x25, and the Sustainable Development Goals [SDGs], etc.). Measurement and reporting of climate-smart agriculture (MR of CSA) provides intelligence on necessary the status, effectiveness, efficiency and impacts of interventions, which is critical for meeting stakeholders’ diverse management and reporting needs. In this paper, we build the case for a stakeholder-driven, country-centric framework for MR of CSA, which aims to increase coordination and coherence across stakeholders’ MR activities, while also aligning national reporting with reporting on international commitments. We present practical guidance on how to develop an integrated MR framework, drawing on findings from a multi-country assessment of needs, opportunities and capacities for national MR of CSA. The content of a unified MR framework is determined by stakeholders’ activities (how they promote CSA), needs (why MR is useful to them) and current capacities to conduct periodic monitoring, evaluation and reporting (how ready are institutions, staff and finances). Our analysis found that explicit demand for integration of data systems and active engagement of stakeholders throughout the entire process are key ingredients for building a MR system that is relevant, useful and acted upon. Based on these lessons, we identify a seven-step framework for stakeholders to develop a comprehensive information system for MR of progress in implementing CSA

Closing the Gender Gap in African Agriculture in the Face of Climate Change

Gender is not about ‘women and girls’ but about roles, responsibilities, access and control over resources and relations between men and women, boys and girls which are socially ascribed. Women’s meaningful participation in decision-making requires going beyond the presence of more women in institutions and processes. Comprehensive gender analyses at national and local levels are necessary to identify the challenges and opportunities for developing gender-responsive agricultural policies. A Gender Action Plan (GAP) for agriculture with a well-structured and robust M&E system is essential. Strengthening Gender Management Systems in the agriculture sector with regular gender audits can promote greater equity between women and men