Solving identity delegation problem in the e-government environment

At present, many countries allow citizens or entities to interact with the government outside the telematic environment through a legal representative who is granted powers of representation. However, if the interaction takes place through the Internet, only primitive mechanisms of representation are available, and these are mainly based on non-dynamic offline processes that do not enable quick and easy identity delegation. This paper proposes a system of dynamic delegation of identity between two generic entities that can solve the problem of delegated access to the telematic services provided by public authorities. The solution herein is based on the generation of a delegation token created from a proxy certificate that allows the delegating entity to delegate identity to another on the basis of a subset of its attributes as delegator, while also establishing in the delegation token itself restrictions on the services accessible to the delegated entity and the validity period of delegation. Further, the paper presents the mechanisms needed to either revoke a delegation token or to check whether a delegation token has been revoked. Implications for theory and practice and suggestions for future research are discussed.

Solución para la delegación de identidad en Sistemas de Gestión de Identidad paneuropeos basada en infraestructuras de certificación y lenguajes formales de asertos de seguridad

La estrategia i2010 de la UE tiene como objetivo garantizar el liderazgo europeo en materia de TIC y poner los beneficios de la Sociedad de la Información al servicio de la economía, la sociedad y la calidad de vida personal, teniendo presente que los éxitos de Europa hasta la fecha se han basado en favorecer la competencia leal en los mercados de las telecomunicaciones y crear un mercado sin fronteras para contenidos y medios de comunicación digitales. En esta línea, la Comisión Europea ha establecido que los distintos estados miembros deben contribuir activamente al desarrollo y uso seguro de los servicios telemáticos entre sus ciudadanos. Más concretamente, atribuye a las Administraciones Públicas, tanto a nivel nacional, regional como local, un papel dinamizador de la Sociedad de la Información que les obliga a ofrecer paulatinamente todos los actos administrativos a los ciudadanos a través de Internet. Como primer paso para el uso seguro de los servicios telemáticos que ofrecen las instituciones públicas se hace preciso dotar a los ciudadanos de una identidad digital que les permita identificarse ante un Proveedor de Servicio o ante otros ciudadanos de manera inequívoca. Por esta razón, la mayoría de países europeos – y otros en el resto del mundo – están promoviendo, sistemas fiables de gestión de identidad electrónica (eIDM), de tal manera que los ciudadanos, las empresas y departamentos gubernamentales (incluso en Estados miembros diferentes) pueden identificar y certificar sus operaciones con precisión, rapidez y sencillez. Sin embargo, la gestión de esta identidad por las Administraciones Públicas supone un importante desafío, acentuado cuando se hace necesaria la interoperabilidad entre Administraciones de diferentes países, puesto que personas y entidades tienen credenciales de identificación diferentes en función de su propio marco jurídico nacional. Consciente del problema, en la Unión Europea se han puesto en marcha una serie de proyectos con el objetivo de conseguir la interoperabilidad de los eIDMs entre las instituciones públicas de diferentes Estados miembros. A pesar de ello, las soluciones adoptadas hasta la fecha son insuficientes porque no prevén todos los posibles casos de interacción del usuario con las instituciones. En concreto, no tienen en cuenta un aspecto muy importante que se ofrece en los distintos sistemas jurídicos nacionales, a saber, la delegación de la identidad, mediante la cual un ciudadano puede autorizar a otro para que actúe en su nombre para acceder a determinados servicios prestados por las instituciones públicas. En esta tesis se realizan un conjunto de aportaciones que dan solución a distintos aspectos de los problemas planteados y que, de forma conjunta, permiten la interoperabilidad y la delegación de identidad en determinados Sistemas de Gestión de Identidad aplicados al entorno de las Administraciones Públicas. En el caso de la delegación, se ha definido un sistema de delegación dinámica de identidad entre dos entidades genéricas que permite solucionar el problema del acceso delegado a los servicios telemáticos ofrecidos por las Administraciones Públicas. La solución propuesta se basa en la generación de un token de delegación, constituido a partir de un Certificado Proxy, que permite a la entidad que delega establecer la delegación de identidad en otra entidad en base a un subconjunto de sus atributos como delegador, estableciendo además, en el propio token de delegación, restricciones en el conjunto de servicios accesibles a la entidad delegada y el tiempo de validez de la delegación. Adicionalmente, se presentan los mecanismos necesarios tanto para poder revocar un token de delegación como para comprobar sin un token de delegación ha sido o no revocado. Para ello se propone una solución para la identificación unívoca de tokens de delegación y la creación de una nueva entidad denominada Autoridad de Revocación de Tokens de Delegación. Entre las características del sistema de delegación propuesto destaca el que es lo suficientemente seguro como para ser utilizado en el entorno de la Administración Pública, que no requiere el uso de mecanismos off‐line para la generación de la delegación y que se puede realizar la delegación de forma instantánea y sin la necesidad de trámites complejos o la participación de un elevado número de entidades. Adicionalmente, el token de delegación propuesto es perfectamente integrable en las infraestructura de clave pública actual lo que hace que, dado que gran parte de las Administraciones Públicas europeas basan sus sistemas de identidad digital en el uso de la PKI y certificados de identidad X.509, la solución pueda ser puesta en marcha en un entorno real sin necesidad de grandes cambios o modificaciones de comportamiento. En lo referente a la interoperabilidad, se realiza un análisis exhaustivo y la correspondiente evaluación de las principales propuestas de Sistemas de Gestión de Identidad orientados a conseguir la interoperabilidad realizadas hasta la fecha en el marco de la Unión Europea y se propone, a alto nivel, una arquitectura de interoperabilidad para la gestión de identidad en las Administraciones Públicas. Dicha arquitectura es lo suficientemente genérica como para poder ser aplicada tanto en el entorno pan‐Europeo como en los entornos nacionales, autonómicos y locales, de tal forma que la interoperabilidad en la gestión de la identidad esté garantizada en todos los niveles de la Administración Pública. Por último, mediante la integración de la solución de delegación dinámica de identidad y la arquitectura de interoperabilidad propuestas se presenta una solución al problema de la delegación en un escenario pan‐Europeo de gestión de identidad, dando lugar a una arquitectura global de interoperabilidad pan‐Europea con soporte a la delegación de identidad. SUMMARY The i2010 European Union Plan aims to ensure European leadership in ICT and to promote the positive contribution that information and communication technologies can make to the economic, social and personal quality of life, bearing in mind that, to date, success in Europe has been based on promoting fair competition in telecommunications markets and on creating a borderless market for contents and digital media. In this line, the European Commission has established that the different member states should contribute actively to the development and secure use of telematic services among their citizens. More specifically, it is attributed to national, regional and local Public Administrations to have a supportive role of the Information Society, requiring them to gradually provide the citizens with Internet‐based access to all administrative procedures acts. As a first step for the secure use of telematic services offered by public institutions, it is necessary to provide the citizens with a digital identity to enable them to identify themselves unequivocally to a Service Provider or to other citizens. For this reason, most European countries ‐ and others in the rest of the world ‐ are promoting reliable systems for managing electronic identity (eIDM), so that citizens, businesses and government departments (even in different Member States) can identify and certify their operations with precision, speed and simplicity. However, the identity management by Public Administrations is a major challenge that becomes more difficult when interoperability between administrations of different countries is needed, due to the fact that individuals and entities have different identification credentials according to their own national legal framework. Aware of the problem, the European Union has launched a series of projects with the aim of achieving interoperability of eIDMs between public institutions of different Member States. However, the solutions adopted to date are insufficient because they do not foresee all possible cases of user interaction with the institutions. In particular, solutions do not take into account a very important aspect that is offered in different national legal systems, namely, the delegation of identity, by which a citizen can authorize another to act on his/her behalf to access certain services provided by public institutions. In this thesis a collection of contributions that provide solution to different aspects of the aforementioned problems are carried out. The solutions, in global, enable interoperability and identity delegation in some of the Identity Management Systems applied to Public Administration environment. In the case of delegation, a dynamic identity delegation system between generic entities is defined. This system makes it possible to solve the problem of delegated access to telematic services offered by Public Administrations. The proposed solution is based on the generation of a piece of information called delegation token. This delegation token, derived from a Proxy Certificate, allows the establishment of identity delegation by an entity that delegates (delegator) in other entity (delegatee) making use of a subset of delegator attributes. It also establishes restrictions on services that can be used by the delegated entity and the expiry date of delegation. In addition to this, the mechanisms necessary to revoke and check the revocation status of a delegation token are presented. To do this, a solution to univocally identify delegation tokens and the creation of a completely new entity, called Token Delegation Revocation Authority, are proposed. The most remarkable characteristics of the proposed delegation system are its security, enough for it to be used in the Public Administration environment, the fact that it does not require off‐line processes in order to generate the delegation, and the possibility of performing the delegation instantaneously and without neither complex processes nor the intervention of a large number of entities. The proposed delegation token can be completely incorporated into current Public Key Infrastructure (PKI). Thus, since most of the European Public Administrations base their digital identity systems on PKI and X.509 identity certificates, the solution can be adopted in a real environment without great changes or performance modifications. Regarding interoperability, an exhaustive analysis and evaluation of most significant proposals on Identity Management Systems that aim to achieve interoperability carried out in the European Union framework until now are performed. A high level identity management interoperability architecture for Public Administrations is also proposed. This architecture is sufficiently generic to be applied to both pan‐European environment and national, regional or local environments, thus interoperability in identity management at all Public Administration levels is guaranteed. Finally, through the integration of the proposed dynamic identity delegation solution and the high level interoperability architecture, a solution to the problem of identity delegation in a pan‐European identity management environment is suggested, leading to a pan‐European global interoperability architecture with identity delegation support.

Using modular neural networks to model self-consciousness and self-representation for artificial entities

Self-consciousness implies not only self or group recognition, but also real knowledge of one’s own identity. Self-consciousness is only possible if an individual is intelligent enough to formulate an abstract self-representation. Moreover, it necessarily entails the capability of referencing and using this elf-representation in connection with other cognitive features, such as inference, and the anticipation of the consequences of both one’s own and other individuals’ acts. In this paper, a cognitive architecture for self-consciousness is proposed. This cognitive architecture includes several modules: abstraction, self-representation, other individuals'representation, decision and action modules. It includes a learning process of self-representation by direct (self-experience based) and observational learning (based on the observation of other individuals). For model implementation a new approach is taken using Modular Artificial Neural Networks (MANN). For model testing, a virtual environment has been implemented. This virtual environment can be described as a holonic system or holarchy, meaning that it is composed of autonomous entities that behave both as a whole and as part of a greater whole. The system is composed of a certain number of holons interacting. These holons are equipped with cognitive features, such as sensory perception, and a simplified model of personality and self-representation. We explain holons’ cognitive architecture that enables dynamic self-representation. We analyse the effect of holon interaction, focusing on the evolution of the holon’s abstract self-representation. Finally, the results are explained and analysed and conclusions drawn.

SSONDE: Semantic Similarity On liNked Data Entities

Linked data offers a promising setting to encode, publish and share metadata of resources. As the matter of fact, it is already adopted by data producers such as European Environment Agency, US and some EU Governs, whose first ambition is to share (meta)data making their processes more effective and transparent. Such as an increasing interest and involvement of data providers surely represents a genuine witness of the web of data success, but in a longer perspective, frameworks supporting linked data consumers in their decision making processes will be a compelling need. In this respect, the talk is introducing SSONDE, a framework enabling in detailed comparison, ranking and selection of linked data resources through the analysis of their RDF ontology driven metadata. SSONDE implements an instance similarity especially designed to support in resource selection, namely the process stakeholders engage to choose a set of resources suitable for a given analysis purpose: (i) it deploys an asymmetric similarity assessment to emphasize information about gains and losses the stakeholders get adopting a resource in place of another; (ii) it relies on an explicit formalization of contexts to tailor the similarity assessment with respect to specific user-defined selection goals. The talk aims at providing an insight on SSONDE instance similarity and it will briefly describe some examples of SSONDE deployment in the context of linked data consumption.

Reversible Urban Entities. Improving public-to-private continuity.

The aim of this paper is to call into question those typologies conventionally used in developing the post-industrial urban fabric (streets, cityblocks, slabs, etc.), often catering to urban designs based on speculative interests and completely overlooking community interests. By defining the concepts of ?postpublic space? and ?reversible urban entities? and illustrating them with an exemplary case of Spanish residential architecture from the 1960s, we establish one possible way of tackling contemporary urban-residential projects. This alternative approach considers the relationship between residential systems and open space systems and promotes the continuity and/or alternation of scales between house and city in an effort to improve the urban quality of life for residents and external users.

El papel de las Administraciones Públicas en el Social Media.

La razón de estudio del proyecto que continúa es comprobar el nivel de interacción presente entre las Administraciones Públicas y los Medios Sociales en la actualidad. El estudio se realiza desde dos perspectivas distintas: la interacción actual entre ambos y cómo puede ir más allá para conseguir la gestión electrónica de la Administración Pública (el e-Gobierno. En la interacción actual, el estudio se realiza en distintos niveles, partiendo desde la Administración Pública de la Unión Europea para, posteriormente, entrar en la española. En esta última se comprueba a distintos niveles: o Administración Central o Administración Autonómica o Administración Provincial o Administración Municipal Este estudio se realiza desde dos perspectivas. Por un lado desde el papel como regulador que toma la Administración Pública en los contenidos publicas en los Medios Sociales y cómo actúa en caso de que no sean adecuados o violen leyes. La otra perspectiva es cómo, la Administración Pública, ejerce de usuario tradicional de los Medios Sociales. Los datos presentados van desde qué plataformas son las más utilizadas, cuál es la temática de los mensajes o cómo influyen estos dos elementos en los propios mensajes. Acercando el concepto de e-Gobierno al lector se presenta una serie de pautas para usar de manera más ventajosa los Medios Sociales. Para finalizar el proyecto y hacer uso de lo analizado con anterioridad se presenta la idea de implantación de un e-Gobierno en el Ministerio de Alimentación, Agricultura y Medio Ambiente (MAGRAMA) de España. Esta idea abarca el uso de Medios Sociales, ya sean propietarios o los ya creados, tanto de cara al interior del Ministerio como hacia el exterior. De esta forma se analiza las conexiones que tiene el Ministerio con otras entidades de la Administración Pública,con empresas o ciudadanos. ABSTRACT: The reason for the study of this project is to test the level of interaction between government and Social Media today. The study was carried out from two different perspectives: the current interaction between the two and how can go further to get the electronic management of the Public Administration (e-Government.In the current interaction, the study is performed at various levels, starting from the Public Administration of the European Union. Later the study continues in the Public Administration of Spain, in different levels. o Central Administration o Regional Administration o Provincial Administration o Municipal Administration This study is conducted from two perspectives. On the one hand from the role as a regulator that takes the government as public content on Social Media and how it works if not suitable or violate laws. The other perspective is how, Public Administration, holds traditional user of SocialMedia. The data presented are from what platforms are the most used, what is the theme of the messages or how to influence these two elements in the messages.Bringing the concept of e-government presents to the reader a series of guidelines to use more advantageously Social Media. To finish the project and use the analyzed previously presented, the idea of implementing an e-Government in the Ministerio de Alimentación, Agricultura y Medio Ambiente (MAGRAMA) of Spain. This idea embraces the use of social media, whether owners or those already created,both within the Ministry face as outward. This analyzes the connections it has with other entities of Public Administration, companies or citizens.

Fragmentación formal y simplificación funcional de la ciudad de Tacubaya, dentro de la metrópoli de México, durante los procesos de expansión de la primera mitad del siglo XX

La fragmentación espacial de una ciudad, que será el principal enfoque de la presente Tesis, ocurre cuando una entidad pequeña se ve obligada a adecuar sus relaciones ante la inminente presencia de un entorno urbano de mayor peso que se aproxima y densifica. Este tipo de fragmentación se analizará tomando en cuenta tres factores (especulación, desorganización y falta de protección) que moldean el desarrollo de procesos urbanísticos modernos en las grandes metrópolis Latinoamericanas, particularmente en la Ciudad de México. La Ciudad de México tuvo un desarrollo altamente competitivo, que ha sido también el catalizador de un largo y sostenido crecimiento urbano. Con el pasar del tiempo, la capital ha sobrepasado las expectativas de los más visionarios. El estudio detallado del asentamiento de Tacubaya (el cual conforma una parte dinámica de la Ciudad de México), permitirá al lector evaluar el extravagante crecimiento que ocurre en la Ciudad de México y los asentamientos que lo rodean, en la primera mitad del siglo XX. Tacubaya, así como muchos de los pequeños poblados preexistentes que se ubicaban en las afueras de la gran urbe, fue alcanzado y engullido por la mancha urbana, sufriendo importantes cambios en su núcleo urbano. Sin embargo, partes de esta antigua centralidad han persistido junto con una parte de los elementos urbanos que la estructuraban; monumentos y riquezas históricas, los cuales han facilitado la reinvención de su centro urbano, sobreviviendo tanto a los abates del tiempo como a las oleadas de nuevos pobladores. El lugar que permanece es un centro urbano sumamente fragmentado, permeado por: una incesante superposición de tejidos y elementos estructuradores olvidados, poblaciones flotantes y de paso que desestabilizan las zonas residenciales, estratos sociales cada vez más apartados. Pensaríamos que las circunstancias que envuelven la demarcación la han dejado en caos, sin embargo, para la sorpresa de muchos, Tacubaya se sigue adaptando a pesar de todos los obstáculos. ABSTRACT In urbanism, the type of spatial fragmentation, that will be the main focus of this Thesis, occurs when a stronger and denser environment takes over a smaller entity, forcing it to adapt its functional relations. This type of fragmentation will be analyzed taking into account three specific factors (speculation, disorganization, and lack of protection) that mold the development of modern urbanistic processes in large Latin American cities, particularly in Mexico City. Mexico City had a highly competitive and bright development, which served as catalyst in a long and sustained urban growth. With the passing of time, the capital has outgrown the measures, previsions and administrative limits created by the government and its visionaries. The detailed study of the Tacubaya settlement (which conforms a vibrant part of Mexico City) will allow the reader to appreciate the exceptional and rare growth that occurs in Mexico City and in the settlements that surround it, in the first half of the 20th century. Tacubaya as well as many other small preexisting settlements located on the outskirts of the city, has been engulfed by the urban expansion suffering important changes in its urban core. Parts of the ancient centrality have persisted along with its structural urban elements, due mainly to monuments and other historical entities that have facilitated the reinvention of the downtown area, helping it survive not only the passing of time, but also the incrementing population. The city that now exists is fragmented beyond recognition. Tacubaya is permeated by an endless fabric overlay created by forgotten structural elements, floating populations that affect the residential zones, and a polarized society that diverges with every passing day. We may think that the circumstances that surround the city have left it in shambles; however, to the surprise of many, Tacubaya is still adapting in spite of all the obstacles.

Banking crises and government intervention

Intervention has taken different forms in different countries and periods of time. Moreover, recent episodes showed that in front of an imminent crisis, the promise of no interventions made by governments is barely credible. In this paper we address the problem of resolving banking crises from the government perspective, taking into account the fact that preventing banking crises is crucial for the government. In addition, we introduce the moral hazard problem, inherent in the banking system, and consider the interaction between regulation, policy measures and banks’ behavior. To the best of our knowledge, this is the first paper that compares different policy plans to resolve banking crises in an environment where insufficiently capitalized banks have incentives to take risk, and the government has to decide whether to provide public services or impede crises. We show that when individuals highly value public services then the best policy in terms of welfare is to apply the tax on early withdrawals, as the government can transfer those taxes to the whole population by investing in public services (although at some cost). Conversely, when individuals assign a low value to consuming public services, recapitalization is the dominant policy. Finally, when the probability of a crisis is sufficiently high, capital requirements should be used