A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

一种支持动态调节的最小特权安全策略架构

最小特权机制可为安全操作系统提供恰当的安全保证级.本文描述了一种支持动态调节的最小特权安全策略架构,它结合角色的职责隔离和域的功能隔离特性,通过一种基于进程上下文一角色、执行域和运行映像的权能控制机制,将每个进程始终约束在这些上下文允许的最小特权范围内.本文实例分析了该架构在安胜OS v4.0,一种自主开发的、符合GB17859-1999第四级--结构化保护级的安全操作系统中的实现.结果表明,它可支持安全操作系统实施动态调节的最小特权控制,并提供灵活有效的系统.

多策略适应的一种POSIX权能遗传算法

多数支持POSIX权能机制的安全操作系统提出了各自的权能遗传算法，但这些算法都只适用于特定的最小特权控制策略，并且存在语义冲突、安全目标不明确等问题，不能有效支持多种安全需求不同的特权策略。通过对一些现有算法的深入分析，提出了一种新的权能遗传算法，该算法引入策略关联的权能控制变量以及可信应用属性。实例分析表明本算法具有策略适应性和可用性，形式化分析和验证表明它可使系统满足特权策略的基本安全定理。

一个支持可信主体特权最小化的多级安全模型

对已有多级安全模型的可信主体支持进行回顾和分析,提出了DLS(离散标记序列)多级安全模型.该模型将可信主体的生命周期分解为一系列非可信状态,对每一个状态赋予一个敏感标记.可信主体的当前敏感标记等于当前非可信状态的敏感标记,非可信状态的切换由预定义的可信请求事件触发.从而可信主体的当前敏感标记可以根据其应用逻辑而动态调整.同时给出了模型保持系统安全性的安全状态和规则.与Bell模型等可信主体敏感标记范围模型相比,该模型在多级安全的策略范围内实现了可信主体的特权最小化.

An Exorbitant Privilege in the First Age of International Financial Integration

The exorbitant privilege literature analyzes the positive differential returns on net foreign assets enjoyed by the United States in the last quarter of the twentieth century as the issuer of the global reserve currency. In the first age of international financial integration (1870-1914), the global reserve currency of the period was the British pound sterling. Whether the United Kingdom enjoyed a similar privilege is analyzed with a new dataset, encompassing microdata on railroad and government financial securities. The use of microdata avoids the flaws that have plagued the US studies, particularly the use of incompatible aggregate variables. New measures of Britain’s net external position provide estimates on capital gains and dividend yields. As the issuer of the global reserve currency, Britain received average revenues of 13.4% of GDP from its international investment position. The country satisfied the necessary condition for the existence of an exorbitant privilege. Nonetheless, Britain’s case is slightly different from the American one. British external assets received higher returns than were paid on external liabilities for each class, but British invested mostly in securities with low profile of risk. The low return on its net external position meant that, for most of the time, Britain would not receive positive revenues from the rest of the world if it were a net debtor country, but this pattern changed after 1900. The finding supports the claim that, at least partially, exorbitant privilege is a general characteristic of the issuer of the global reserve currency and not unique to the late twentieth century US.

A second order control-volume finite-element least-squares strategy for simulating diffusion in strongly anisotropic media

An unstructured mesh �nite volume discretisation method for simulating di�usion in anisotropic media in two-dimensional space is discussed. This technique is considered as an extension of the fully implicit hybrid control-volume �nite-element method and it retains the local continuity of the ux at the control volume faces. A least squares function recon- struction technique together with a new ux decomposition strategy is used to obtain an accurate ux approximation at the control volume face, ensuring that the overall accuracy of the spatial discretisation maintains second order. This paper highlights that the new technique coincides with the traditional shape function technique when the correction term is neglected and that it signi�cantly increases the accuracy of the previous linear scheme on coarse meshes when applied to media that exhibit very strong to extreme anisotropy ratios. It is concluded that the method can be used on both regular and irregular meshes, and appears independent of the mesh quality.

The epistemology that maintains white race privilege, power and control of Indigenous Studies and Indigenous peoples' participation in universities

This paper represents my attempt to turn the gaze and demonstrate how Indigenous Studies is controlled in some Australian universities in ways that witness Indigenous peoples being further marginalised, denigrated and exploited. I have endeavoured to do this through sharing an experience as a case study. I have opted to write about it as a way of exposing the problematic nature of racism, systemic marginalisation, white race privilege and radicalised subjectivity played out within an Australian higher education institution and because I am dissatisfied with the on-going status quo. In bringing forth analysis to this case study, I reveal the relationships between oppression, white race privilege and institutional privilege and the epistemology that maintains them. In moving from the position of being silent on this experience to speaking about it, I am able to move from the position of object to subject and to gain a form of liberated voice (hooks 1989:9). Furthermore, I am hopeful that it will encourage others to examine their own practices within universities and to challenge the domination that continues to subjugate Indigenous peoples.

Numerical investigations of linear least squares methods for derivative estimation

The results of a numerical investigation into the errors for least squares estimates of function gradients are presented. The underlying algorithm is obtained by constructing a least squares problem using a truncated Taylor expansion. An error bound associated with this method contains in its numerator terms related to the Taylor series remainder, while its denominator contains the smallest singular value of the least squares matrix. Perhaps for this reason the error bounds are often found to be pessimistic by several orders of magnitude. The circumstance under which these poor estimates arise is elucidated and an empirical correction of the theoretical error bounds is conjectured and investigated numerically. This is followed by an indication of how the conjecture is supported by a rigorous argument.