EXAM-S: an Analysis tool for Multi-Domain Policy Sets

As distributed collaborative applications and architectures are adopting policy based management for tasks such as access control, network security and data privacy, the management and consolidation of a large number of policies is becoming a crucial component of such policy based systems. In large-scale distributed collaborative applications like web services, there is the need of analyzing policy interactions and integrating policies. In this thesis, we propose and implement EXAM-S, a comprehensive environment for policy analysis and management, which can be used to perform a variety of functions such as policy property analyses, policy similarity analysis, policy integration etc. As part of this environment, we have proposed and implemented new techniques for the analysis of policies that rely on a deep study of state of the art techniques. Moreover, we propose an approach for solving heterogeneity problems that usually arise when considering the analysis of policies belonging to different domains. Our work focuses on analysis of access control policies written in the dialect of XACML (Extensible Access Control Markup Language). We consider XACML policies because XACML is a rich language which can represent many policies of interest to real world applications and is gaining widespread adoption in the industry.

Perceptual maps analysis for organic food consumers in China: a study on Shanghai consumers

Although in Europe and in the USA many studies focus on organic, little is known on the topic in China. This research provides an insight on Shanghai consumers’ perception of organic, aiming at understanding and representing in graphic form the network of mental associations that stems from the organic concept. To acquire, process and aggregate the individual networks it was used the “Brand concept mapping” methodology (Roedder et al., 2006), while the data analysis was carried out also using analytic procedures. The results achieved suggest that organic food is perceived as healthy, safe and costly. Although these attributes are pretty much consistent with the European perception, some relevant differences emerged. First, organic is not necessarily synonymous with natural product in China, also due to a poor translation of the term in the Chinese language that conveys the idea of a manufactured product. Secondly, the organic label has to deal with the competition with the green food label in terms of image and positioning on the market, since they are easily associated and often confused. “Environmental protection” also emerged as relevant association, while the ethical and social values were not mentioned. In conclusion, health care and security concerns are the factors that influence most the food consumption in China (many people are so concerned about food safety that they found it difficult to shop), and the associations “Safe”, “Pure and natural”, “without chemicals” and “healthy” have been identified as the best candidates for leveraging a sound image of organic food .

A Design Methodology for Computer Security Testing

The field of "computer security" is often considered something in between Art and Science. This is partly due to the lack of widely agreed and standardized methodologies to evaluate the degree of the security of a system. This dissertation intends to contribute to this area by investigating the most common security testing strategies applied nowadays and by proposing an enhanced methodology that may be effectively applied to different threat scenarios with the same degree of effectiveness. Security testing methodologies are the first step towards standardized security evaluation processes and understanding of how the security threats evolve over time. This dissertation analyzes some of the most used identifying differences and commonalities, useful to compare them and assess their quality. The dissertation then proposes a new enhanced methodology built by keeping the best of every analyzed methodology. The designed methodology is tested over different systems with very effective results, which is the main evidence that it could really be applied in practical cases. Most of the dissertation discusses and proves how the presented testing methodology could be applied to such different systems and even to evade security measures by inverting goals and scopes. Real cases are often hard to find in methodology' documents, in contrary this dissertation wants to show real and practical cases offering technical details about how to apply it. Electronic voting systems are the first field test considered, and Pvote and Scantegrity are the two tested electronic voting systems. The usability and effectiveness of the designed methodology for electronic voting systems is proved thanks to this field cases analysis. Furthermore reputation and anti virus engines have also be analyzed with similar results. The dissertation concludes by presenting some general guidelines to build a coordination-based approach of electronic voting systems to improve the security without decreasing the system modularity.

Assessing Food Security in Selected Mediterranean Countries

Food Security has become an important issue in the international debate, particularly during the latest economic crisis. It relevant issue also for the Mediterranean Countries (MCs), particularly those of the southern shore, as they are is facing complex economic and social changes. On the one hand there is the necessity to satisfy the increasing and changing food demand of the growing population; on the other hand it is important to promote economic growth and adjust the agricultural production to food demand in a sustainable perspective. The assessment of food security conditions is a challenging task due to the multi-dimensional nature and complexity of the matter. Many papers in the scientific literature focus on the nutritional aspects of food security, while its economic issues have been addressed less frequently and only in recent times. Thus, the main objective of the research is to assess food (in)security conditions in the MCs. The study intends to identify and implement appropriate theoretical concepts and methodological tools to be used in the assessment of food security, with a particular emphasis on its economic dimension within MCs. The study follows a composite methodological approach, based on the identification and selection of a number of relevant variables, a refined set of indicators is identified by means of a two-step Principal Component Analysis applied to 90 countries and the PCA findings have been studied with particular attention to the MCs food security situation. The results of the study show that MCs have an higher economic development compared to low-income countries, however the economic and social disparities of this area show vulnerability to food (in)security, due to: dependency on food imports, lack of infrastructure and agriculture investment, climate condition and political stability and inefficiency. In conclusion, the main policy implications of food (in)security conditions in MCs are discussed.