4 resultados para System complexity
em Digital Commons - Michigan Tech
Resumo:
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.
Resumo:
Tissue engineering and regenerative medicine have emerged in an effort to generate replacement tissues capable of restoring native tissue structure and function, but because of the complexity of biologic system, this has proven to be much harder than originally anticipated. Silica based bioactive glasses are popular as biomaterials because of their ability to enhance osteogenesis and angiogenesis. Sol-gel processing methods are popular in generating these materials because it offers: 1) mild processing conditions; 2) easily controlled structure and composition; 3) the ability to incorporate biological molecules; and 4) inherent biocompatibility. The goal of this work was to develop a bioactive vaporization system for the deposition of silica sol-gel particles as a means to modify the material properties of a substrate at the nano- and micro- level to better mimic the instructive conditions of native bone tissue, promoting appropriate osteoblast attachment, proliferation, and differentiation as a means for supporting bone tissue regeneration. The size distribution, morphology and degradation behavior of the vapor deposited sol-gel particles developed here were found to be dependent upon formulation (H2O:TMOS, pH, Ca/P incorporation) and manufacturing (substrate surface character, deposition time). Additionally, deposition of these particles onto substrates can be used to modify overall substrate properties including hydrophobicity, roughness, and topography. Deposition of Ca/P sol particles induced apatite-like mineral formation on both two- and three-dimensional materials when exposed to body fluids. Gene expression analysis suggests that Ca/P sol particles induce upregulation osteoblast gene expression (Runx2, OPN, OCN) in preosteoblasts during early culture time points. Upon further modification-specifically increasing particle stability-these Ca/P sol particles possess the potential to serve as a simple and unique means to modify biomaterial surface properties as a means to direct osteoblast differentiation.
Resumo:
Early water resources modeling efforts were aimed mostly at representing hydrologic processes, but the need for interdisciplinary studies has led to increasing complexity and integration of environmental, social, and economic functions. The gradual shift from merely employing engineering-based simulation models to applying more holistic frameworks is an indicator of promising changes in the traditional paradigm for the application of water resources models, supporting more sustainable management decisions. This dissertation contributes to application of a quantitative-qualitative framework for sustainable water resources management using system dynamics simulation, as well as environmental systems analysis techniques to provide insights for water quality management in the Great Lakes basin. The traditional linear thinking paradigm lacks the mental and organizational framework for sustainable development trajectories, and may lead to quick-fix solutions that fail to address key drivers of water resources problems. To facilitate holistic analysis of water resources systems, systems thinking seeks to understand interactions among the subsystems. System dynamics provides a suitable framework for operationalizing systems thinking and its application to water resources problems by offering useful qualitative tools such as causal loop diagrams (CLD), stock-and-flow diagrams (SFD), and system archetypes. The approach provides a high-level quantitative-qualitative modeling framework for "big-picture" understanding of water resources systems, stakeholder participation, policy analysis, and strategic decision making. While quantitative modeling using extensive computer simulations and optimization is still very important and needed for policy screening, qualitative system dynamics models can improve understanding of general trends and the root causes of problems, and thus promote sustainable water resources decision making. Within the system dynamics framework, a growth and underinvestment (G&U) system archetype governing Lake Allegan's eutrophication problem was hypothesized to explain the system's problematic behavior and identify policy leverage points for mitigation. A system dynamics simulation model was developed to characterize the lake's recovery from its hypereutrophic state and assess a number of proposed total maximum daily load (TMDL) reduction policies, including phosphorus load reductions from point sources (PS) and non-point sources (NPS). It was shown that, for a TMDL plan to be effective, it should be considered a component of a continuous sustainability process, which considers the functionality of dynamic feedback relationships between socio-economic growth, land use change, and environmental conditions. Furthermore, a high-level simulation-optimization framework was developed to guide watershed scale BMP implementation in the Kalamazoo watershed. Agricultural BMPs should be given priority in the watershed in order to facilitate cost-efficient attainment of the Lake Allegan's TP concentration target. However, without adequate support policies, agricultural BMP implementation may adversely affect the agricultural producers. Results from a case study of the Maumee River basin show that coordinated BMP implementation across upstream and downstream watersheds can significantly improve cost efficiency of TP load abatement.
Resumo:
Climate change, intensive use, and population growth are threatening the availability of water resources. New sources of water, better knowledge of existing ones, and improved water management strategies are of paramount importance. Ground water is often considered as primary water source due to its advantages in terms of quantity, spatial distribution, and natural quality. Remote sensing techniques afford scientists a unique opportunity to characterize landscapes in order to assess groundwater resources, particularly in tectonically influenced areas. Aquifers in volcanic basins are considered the most productive aquifers in Latin America. Although topography is considered the primary driving force for groundwater flows in mountainous terrains, tectonic activity increases the complexity of these groundwater systems by altering the integrity of sedimentary rock units and the overlying drainage networks. Structural controls affect the primary hydraulic properties of the rock formations by developing barriers to flow in some cases and zones of preferential infiltration and subterranean in others. The study area focuses on the Quito Aquifer System (QAS) in Ecuador. The characterization of the hydrogeology started with a lineament analysis based on a combined remote sensing and digital terrain analysis approach. The application of classical tools for regional hydrogeological evaluation and shallow geophysical methods were useful to evaluate the impact of faulting and fracturing on the aquifer system. Given the spatial extension of the area and the complexity of the system, two levels of analysis were applied in this study. At the regional level, a lineament map was created for the QAS. Relationships between fractures, faults and lineaments and the configuration of the groundwater flow on the QAS were determined. At the local level, on the Plateaus region of the QAS, a detailed lineament map was obtained by using high-spatial-resolution satellite imagery and aspect map derived from a digital elevation model (DEM). This map was complemented by the analysis of morphotectonic indicators and shallow geophysics that characterize fracture patterns. The development of the groundwater flow system was studied, drawing upon data pertaining to the aquifer system physical characteristics and topography. Hydrochemistry was used to ascertain the groundwater evolution and verify the correspondence of the flow patterns proposed in the flow system analysis. Isotopic analysis was employed to verify the origin of groundwater. The results of this study show that tectonism plays a very important role for the hydrology of the QAS. The results also demonstrate that faults influence a great deal of the topographic characteristics of the QAS and subsequently the configuration of the groundwater flow. Moreover, for the Plateaus region, the results demonstrate that the aquifer flow systems are affected by secondary porosity. This is a new conceptualization of the functioning of the aquifers on the QAS that will significantly contribute to the development of better strategies for the management of this important water resource.
