935 resultados para security model
Resumo:
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected. The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection. We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux.
Resumo:
This research addressed the development of a consolidated model designed especially to cover the security and usability attributes of a software product. As a starting point, we built a new usability model on the basis of well-known quality standards and models. We then used an existing security model to analyse the relationship between these two approaches. This analysis consisted of a systematic mapping study of the relationship between security and usability as global quality factors. We identified five relationship types: inverse, direct, relative, one-way inverse, and no relationship. Most authors agree that there is an inverse relationship between security and usability. However, this is not a unanimous finding, and this study unveils a number of open questions, like application domain dependency and the need to explore lower-level relationships between attribute subcharacteristics. In order to clarify the questions raised during the research, we conducted a second systematic mapping to further analyse the finer-grained structure of these factors, such as authentication as a subset of security and user efficiency as a subset of usability. The most relevant finding is that efficiency does not depend on the security level during the authentication process. There are other subfactors that require analysis. Accordingly, this research is the first part of a larger project to develop a full-blown consolidated model for security and usability.
Resumo:
Summary The field of public finance focuses on the spending and taxing activities of governments and their influence on the allocation of resources and distribution of income. This work covers in three parts different topics related to public finance which are currently widely discussed in media and politics. The first two parts deal with issues on social security, which is in general one of the biggest spending shares of governments. The third part looks at the main income source of governments by analyzing the perceived value of tax competition. Part one deals with the current problem of increased early retirement by focusing on Switzerland as a special case. Early retirement is predominantly considered to be the result of incentives set by social security and the tax system. But the Swiss example demonstrates that the incidence of early retirement has dramatically increased even in the absence of institutional changes. We argue that the wealth effect also plays an important role in the retirement decision for middle and high income earners. An actuarially fair, but mandatory funded system with a relatively high replacement rate may thus contribute to a low labor market participation rate of elderly workers. We provide evidence using a unique dataset on individual retirement decisions in Swiss pension funds, allowing us to perfectly control for pension scheme details. Our findings suggest that affordability is a key determinant in the retirement decisions. The higher the accumulated pension capital, the earlier men, and to a smaller extent women, tend to leave the workforce. The fact that early retirement has become much more prevalent in the last 15 years is a further indicator of the importance of a wealth effect, as the maturing of the Swiss mandatory funded pension system over that period has led to an increase in the effective replacement rates for middle and high income earners. Part two covers the theoretical side of social security. Theories analyzing optimal social security benefits provide important qualitative results, by mainly using one general type of an economy. Economies are however very diverse concerning numerous aspects, one of the most important being the wealth level. This can lead to significant quantitative benefit differences that imply differences in replacement rates and levels of labor supply. We focus on several aspects related to this fact. In a within cohort social security model, we introduce disability insurance with an imperfect screening mechanism. We then vary the wealth level of the model economy and analyze how the optimal social security benefit structure or equivalently, the optimal replacement rates, changes depending on the wealth level of the economy, and if the introduction of disability insurance into a social security system is preferable for all economies. Second, the screening mechanism of disability insurance and the threshold level at which people are defined as disabled can differ. For economies with different wealth levels, we determine for different thresholds the screening level that maximizes social welfare. Finally, part three turns to the income of governments, by adding an element to the controversy on tax competition versus tax harmonization.2 Inter-jurisdictional tax competition can generate at least two potential benefits or costs: On a public level, tax competition may result in a lower or higher efficiency in the production of public services. But there is also a more private benefit in the form of an option for individuals to move to a community with a lower tax rate in the future. To explore the value citizens attach to tax competition we analyze a unique popular vote for a complete tax harmonization between communities in the third largest Swiss canton, Vaud. Although a majority of voters would have seemingly benefited from replacing the current tax rate by a revenue-neutral average tax rate, the proposal was rejected by a large margin. Our estimates suggest that the estimated combined perceived benefit from tax competition is in the range of 10%.
Resumo:
Regulatory agencies such as Europol, Frontex, Eurojust, CEPOL as well as bodies such as OLAF, have over the past decade become increasingly active within the institutional architecture constituting the EU’s Area of Freedom, Security and Justice and are now placed at the forefront of implementing and developing the EU’s internal security model. A prominent feature of agency activity is the large-scale proliferation of ‘knowledge’ on security threats via the production of policy tools such as threat assessments, risk analyses, periodic and situation reports. These instruments now play a critical role in providing the evidence-base that supports EU policymaking, with agency-generated ‘knowledge’ feeding political priority setting and decision-making within the EU’s new Internal Security Strategy (ISS). This paper examines the nature and purpose of knowledge generated by EU Home Affairs agencies. It asks where does this knowledge originate? How does it measure against criteria of objectivity, scientific rigour, reliability and accuracy? And how is it processed in order to frame threats, justify actions and set priorities under the ISS?
Resumo:
The ALRED construction is a lightweight strategy for constructing message authentication algorithms from an underlying iterated block cipher. Even though this construction's original analyses show that it is secure against some attacks, the absence of formal security proofs in a strong security model still brings uncertainty on its robustness. In this paper, aiming to give a better understanding of the security level provided by different authentication algorithms based on this design strategy, we formally analyze two ALRED variants-the MARVIN message authentication code and the LETTERSOUP authenticated-encryption scheme,-bounding their security as a function of the attacker's resources and of the underlying cipher's characteristics.
Resumo:
Secure computation involves multiple parties computing a common function while keeping their inputs private, and is a growing field of cryptography due to its potential for maintaining privacy guarantees in real-world applications. However, current secure computation protocols are not yet efficient enough to be used in practice. We argue that this is due to much of the research effort being focused on generality rather than specificity. Namely, current research tends to focus on constructing and improving protocols for the strongest notions of security or for an arbitrary number of parties. However, in real-world deployments, these security notions are often too strong, or the number of parties running a protocol would be smaller. In this thesis we make several steps towards bridging the efficiency gap of secure computation by focusing on constructing efficient protocols for specific real-world settings and security models. In particular, we make the following four contributions: - We show an efficient (when amortized over multiple runs) maliciously secure two-party secure computation (2PC) protocol in the multiple-execution setting, where the same function is computed multiple times by the same pair of parties. - We improve the efficiency of 2PC protocols in the publicly verifiable covert security model, where a party can cheat with some probability but if it gets caught then the honest party obtains a certificate proving that the given party cheated. - We show how to optimize existing 2PC protocols when the function to be computed includes predicate checks on its inputs. - We demonstrate an efficient maliciously secure protocol in the three-party setting.
Resumo:
As a result of the local autonomy program that commenced in Indonesia in Jan 2001, there is a concern regarding the applicability of the formalized model of security & the possibility of that being replaced by a local community-based security model. This rather informal security model is then promoted to be the only form of security used between societies & the nation. However, this model does not solve the problem because of widespread corruption, collusion, & nepotism, & the many limitations of the Indonesian National Police (Polri), a police department that has a mediocre & generalized level of service. In relation to autonomy, the effort of empowering the police units from the regional police down will bridge the gap between the people's ability to protect themselves & the limitations of those that are sworn to uphold the law. 17 References. Adapted from the source document.
Resumo:
Tämän diplomityön tavoitteena oli tutkia liiketoiminnallisessaympäristössä olevia Web-palvelu -teknologialla toteutettujen integraatioprojektien tietoturvaa. Web-palvelut ovat SOAP-muotoisia HTTP-protokollalla välitettäviä viestejä, joilla voidaan välittää tietoa tietojärjestelmästä toiseen tai suorittaa liiketoiminnan tapahtumia. Työssä käsiteltiin erilaisia tietoturvallisuuteen vaikuttavia osa-alueita ja niiden sopivuutta Web-palveluihin. Tietoturvaa on käsitelty enimmäkseen liiketoiminnallisesta näkökulmasta. Työssä havaittiin tietoturvan koostuvan monesta osa-alueesta. Osa-alueista muodostuutietoturvallinen kokonaisuus, jossa on mukana valitut teknologiat, haluttu tietoturvallisuuden taso, integroitavat tietojärjestelmät sekä näiden yhteenliittäminen ja prosessit. Jokaisen integraatioprojektin ollessa oma kokonaisuutensa, on yleispätevän tietoturvan rakentaminen vaikeaa. Tämän seurauksena tietoturvaa tulee käsitellä jatkuvasti integraatioprojektin eri vaiheissa tietoturvan vaatimusten mukaan.
Resumo:
Este artículo ofrece una guía teórica para la investigación actual sobre el concepto de seguridad nacional enfocándose en el realismo y sus críticos –liberalismo y teoría crítica. Debido a que la seguridad nacional usualmente ha sido entendida en términos militares en relación con las circunstancias políticas internacionales, es necesario seguir una discusión axiológica que permita analizar el amplio rango de las diferentes manifestaciones de este asunto. Si ello no es considerado, tanto la actividad académica como la política caerán en una profunda oscuridad, especialmente en los países en los que el espíritu de la doctrina militar ha sido hegemónico. En este orden de ideas, en la primera parte, este trabajo explora las premisas de la escuela realista y su visión sobre el modelo de seguridad nacional. La segunda parte examina la aproximación liberal y, especialmente, su propuesta de cambiar el nivel de análisis nacional del realismo. La tercera parte explora los estudios críticos de seguridad y su relación con la teoría crítica con el propósito de esbozar su crítica epistemológica al realismo como una teoría racionalista.-----This article offers theoretical guidelines for the current national security concept research focused on realism and its critics –liberalism and critical theory. Due to the usual understanding of the national security on a military basis with respect to the international political situation, an axiological discussion is required to analyze the wide range of the different aspects of this matter. If not considered, both academic and political activities will be deeply darkened, particularly in those countries where the military doctrine spirit has been hegemonic. In this regard, the first part of this paper explores the premises of the realistic school and their view on the national security model. The second part examines the liberal approach and, in particular, its proposed change of level of the national realism analysis. The third part explores the Critical Security Studies and the relation they keep with the critical theory with the purpose to outline its epistemic criticism to the realism as a rationalistic theory.
Resumo:
This study deals with the rural social security Universalist established by the Constitution of 1988 and its importance in the economy of the municipalities of Rio Grande do Norte. In this context, the study seeks to satisfy two important criteria that guide the selection of objects of social science research: a consideration of issues that have relevance to the real world and the intention to make the contribution to the scholarly literature on theoretical and empirical aspects. The research seeks to reveal what is the economic importance of the subsystem of social security for rural municipalities in RN. The hypothesis is that the transfer of income received by beneficiaries from the rural social security tax exceeds the explicit mechanisms for most municipalities in RN, in many cases significantly, proving the importance of this policy as a mechanism for combating poverty and reducing social inequality, especially before the fragility of the federal system on the national political entity hall. The study presents theoretical cores - chapters 1-3 - and empirical - Chapter 4. The first core is about the evolution of social protection as a state policy, addressing the influential theories and typologies of the State of Social Welfare and the characteristics of the Brazilian social security model, but mainly, its rural social security subsystem, its history until universalistic model inaugurated by the Federal Constitution of 1988. The second begins with an overview of studies that have emphasized the impact of Social Security on the local economy of small municipalities, then passing data and statistics in order to gauge the socioeconomic importance of pension income in the rural municipalities of Rio Grande do Norte. To this end, the final chapter provides a comparison of the monetary value transferred by the payment of social security benefits - rural and urban - to each of the 167 municipalities in RN with the equally important sources of income in the budget of municipal entities. Apart from their own tax revenues, are objects of comparison with the value of pension benefits awarded in RN, transfer quota state relating to the municipality on the federal ICMS and the transfer on the FPM
Resumo:
Pós-graduação em Direito - FCHS
Resumo:
Esta tesis se desarrolla dentro del marco de las comunicaciones satelitales en el innovador campo de los pequeños satélites también llamados nanosatélites o cubesats, llamados así por su forma cubica. Estos nanosatélites se caracterizan por su bajo costo debido a que usan componentes comerciales llamados COTS (commercial off-the-shelf) y su pequeño tamaño como los Cubesats 1U (10cm*10 cm*10 cm) con masa aproximada a 1 kg. Este trabajo de tesis tiene como base una iniciativa propuesta por el autor de la tesis para poner en órbita el primer satélite peruano en mi país llamado chasqui I, actualmente puesto en órbita desde la Estación Espacial Internacional. La experiencia de este trabajo de investigación me llevo a proponer una constelación de pequeños satélites llamada Waposat para dar servicio de monitoreo de sensores de calidad de agua a nivel global, escenario que es usado en esta tesis. Es ente entorno y dadas las características limitadas de los pequeños satélites, tanto en potencia como en velocidad de datos, es que propongo investigar una nueva arquitectura de comunicaciones que permita resolver en forma óptima la problemática planteada por los nanosatélites en órbita LEO debido a su carácter disruptivo en sus comunicaciones poniendo énfasis en las capas de enlace y aplicación. Esta tesis presenta y evalúa una nueva arquitectura de comunicaciones para proveer servicio a una red de sensores terrestres usando una solución basada en DTN (Delay/Disruption Tolerant Networking) para comunicaciones espaciales. Adicionalmente, propongo un nuevo protocolo de acceso múltiple que usa una extensión del protocolo ALOHA no ranurado, el cual toma en cuenta la prioridad del trafico del Gateway (ALOHAGP) con un mecanismo de contienda adaptativo. Utiliza la realimentación del satélite para implementar el control de la congestión y adapta dinámicamente el rendimiento efectivo del canal de una manera óptima. Asumimos un modelo de población de sensores finito y una condición de tráfico saturado en el que cada sensor tiene siempre tramas que transmitir. El desempeño de la red se evaluó en términos de rendimiento efectivo, retardo y la equidad del sistema. Además, se ha definido una capa de convergencia DTN (ALOHAGP-CL) como un subconjunto del estándar TCP-CL (Transmission Control Protocol-Convergency Layer). Esta tesis muestra que ALOHAGP/CL soporta adecuadamente el escenario DTN propuesto, sobre todo cuando se utiliza la fragmentación reactiva. Finalmente, esta tesis investiga una transferencia óptima de mensajes DTN (Bundles) utilizando estrategias de fragmentación proactivas para dar servicio a una red de sensores terrestres utilizando un enlace de comunicaciones satelitales que utiliza el mecanismo de acceso múltiple con prioridad en el tráfico de enlace descendente (ALOHAGP). El rendimiento efectivo ha sido optimizado mediante la adaptación de los parámetros del protocolo como una función del número actual de los sensores activos recibidos desde el satélite. También, actualmente no existe un método para advertir o negociar el tamaño máximo de un “bundle” que puede ser aceptado por un agente DTN “bundle” en las comunicaciones por satélite tanto para el almacenamiento y la entrega, por lo que los “bundles” que son demasiado grandes son eliminados o demasiado pequeños son ineficientes. He caracterizado este tipo de escenario obteniendo una distribución de probabilidad de la llegada de tramas al nanosatélite así como una distribución de probabilidad del tiempo de visibilidad del nanosatélite, los cuales proveen una fragmentación proactiva óptima de los DTN “bundles”. He encontrado que el rendimiento efectivo (goodput) de la fragmentación proactiva alcanza un valor ligeramente inferior al de la fragmentación reactiva. Esta contribución permite utilizar la fragmentación activa de forma óptima con todas sus ventajas tales como permitir implantar el modelo de seguridad de DTN y la simplicidad al implementarlo en equipos con muchas limitaciones de CPU y memoria. La implementación de estas contribuciones se han contemplado inicialmente como parte de la carga útil del nanosatélite QBito, que forma parte de la constelación de 50 nanosatélites que se está llevando a cabo dentro del proyecto QB50. ABSTRACT This thesis is developed within the framework of satellite communications in the innovative field of small satellites also known as nanosatellites (<10 kg) or CubeSats, so called from their cubic form. These nanosatellites are characterized by their low cost because they use commercial components called COTS (commercial off-the-shelf), and their small size and mass, such as 1U Cubesats (10cm * 10cm * 10cm) with approximately 1 kg mass. This thesis is based on a proposal made by the author of the thesis to put into orbit the first Peruvian satellite in his country called Chasqui I, which was successfully launched into orbit from the International Space Station in 2014. The experience of this research work led me to propose a constellation of small satellites named Waposat to provide water quality monitoring sensors worldwide, scenario that is used in this thesis. In this scenario and given the limited features of nanosatellites, both power and data rate, I propose to investigate a new communications architecture that allows solving in an optimal manner the problems of nanosatellites in orbit LEO due to the disruptive nature of their communications by putting emphasis on the link and application layers. This thesis presents and evaluates a new communications architecture to provide services to terrestrial sensor networks using a space Delay/Disruption Tolerant Networking (DTN) based solution. In addition, I propose a new multiple access mechanism protocol based on extended unslotted ALOHA that takes into account the priority of gateway traffic, which we call ALOHA multiple access with gateway priority (ALOHAGP) with an adaptive contention mechanism. It uses satellite feedback to implement the congestion control, and to dynamically adapt the channel effective throughput in an optimal way. We assume a finite sensor population model and a saturated traffic condition where every sensor always has frames to transmit. The performance was evaluated in terms of effective throughput, delay and system fairness. In addition, a DTN convergence layer (ALOHAGP-CL) has been defined as a subset of the standard TCP-CL (Transmission Control Protocol-Convergence Layer). This thesis reveals that ALOHAGP/CL adequately supports the proposed DTN scenario, mainly when reactive fragmentation is used. Finally, this thesis investigates an optimal DTN message (bundles) transfer using proactive fragmentation strategies to give service to a ground sensor network using a nanosatellite communications link which uses a multi-access mechanism with priority in downlink traffic (ALOHAGP). The effective throughput has been optimized by adapting the protocol parameters as a function of the current number of active sensors received from satellite. Also, there is currently no method for advertising or negotiating the maximum size of a bundle which can be accepted by a bundle agent in satellite communications for storage and delivery, so that bundles which are too large can be dropped or which are too small are inefficient. We have characterized this kind of scenario obtaining a probability distribution for frame arrivals to nanosatellite and visibility time distribution that provide an optimal proactive fragmentation of DTN bundles. We have found that the proactive effective throughput (goodput) reaches a value slightly lower than reactive fragmentation approach. This contribution allows to use the proactive fragmentation optimally with all its advantages such as the incorporation of the security model of DTN and simplicity in protocol implementation for computers with many CPU and memory limitations. The implementation of these contributions was initially contemplated as part of the payload of the nanosatellite QBito, which is part of the constellation of 50 nanosatellites envisaged under the QB50 project.
Resumo:
La Ley General de Sanidad 14/1986 de 25 de Abril posibilitó el tránsito del antiguo modelo de Seguridad Social al actual modelo de Sistema Nacional de Salud (SNS), financiado con impuestos y de cobertura prácticamente universal. Desde entonces se han producido profundos cambios en el sistema que culminaron en el año 2002 con la descentralización total de competencias en materia de salud en las Comunidades Autónomas. La regulación nacional de competencias en materia de salud se realiza desde el Consejo Interterritorial del Sistema Nacional de Salud, organismo que agrupa a los máximos responsables autonómicos en materia de salud de cada Comunidad Autónoma y que tiene entre otras, la responsabilidad de evitar las desigualdades en servicios sanitarios dentro del territorio nacional. La creación y competencias del Consejo Interterritorial quedan recogidas en la Ley 16/2003 de 28 de mayo de Cohesión de la calidad del Sistema Nacional de Salud. La cartera de servicios comunes del SNS se establece en el Real Decreto 1030/2006 de 15 de Septiembre, actualizando el Real Decreto 63/1995 de 20 de enero sobre Ordenación de las prestaciones sanitarias, resultando del actual marco legislativo con la descentralización de competencias y gestión de los presupuestos un horizonte de posible variabilidad en los modelos de gestión de cada CCAA, que, si bien deben garantizar la universalidad de las prestaciones, también ofrece una diversidad de modalidades de gestionar los recursos en materia de salud. En cuanto al estado de salud de los españoles, destacar que la esperanza de vida al nacer se sitúa en 79,9 años, superior a la media europea, 78,3 años, y la esperanza de vida ajustada por incapacidad fue en 2002 de 72,6 años en España respecto a los 70,8 de la UE. Según cifras del propio Ministerio de Sanidad, la percepción de la salud de los ciudadanos fue positiva para un 73% de los hombres y un 63,2 de las mujeres. Alrededor del 60% de la población tiene un peso normal y la morbilidad sitúa en los primeros lugares las enfermedades del aparato circulatorio, el cáncer y las enfermedades del aparato respiratorio (CIE-9). El gasto sanitario en España, es un capítulo presupuestario importante, al situarse en torno al 7,5 del P.I.B, y los recursos e inversiones presentan aparentes desigualdades autonómicas. Los modelos de gestión y dependencia patrimonial de los recursos, variables entre Autonomías, plantean la necesidad de monitorizar un seguimiento que permita evaluar en los próximos diez años el impacto de la descentralización de competencias del Sistema. La estructura del Sistema tiene dos niveles asistenciales mayoritarios, atención primaria y especializada, absorbiendo la atención especializada la mayor parte del presupuesto. El incremento del gasto sanitario y la universalidad de las prestaciones han condicionado en gran medida la implantación de modelos de gestión diferentes a los tradicionales. Esta situación no es exclusiva del Estado Español. En los Estados del entorno de la Unión Europea, el Consejo de Ministros de Sanidad de la UE en su sesión celebrada los días 1 y 2 de Junio de 200625 concluyeron un documento que recoge los valores y principios comunes de los sistemas sanitarios de los países de la Unión Europea, resaltando los principios y valores de los sistemas sanitarios como soporte estructural de dichos estados. Como conclusión, en este momento (2007) el Sistema Nacional de Salud Español, está inmerso en un proceso de trasformación orientado a garantizar la eficiencia de las prestaciones de manera responsable, es decir, ofertar al ciudadano la mejor calidad de servicios al mínimo coste.
Resumo:
Over the last decade, the Colombian military has successfully rolled back insurgent groups, cleared and secured conflict zones, and enabled the extraction of oil and other key commodity exports. As a result, official policies of both the Uribe and Santos governments have promoted the armed forces to participate to an unprecedented extent in economic activities intended to consolidate the gains of the 2000s. These include formal involvement in the economy, streamlined in a consortium of military enterprises and social foundations that are intended to put the Colombian defense sector “on the map” nationally and internationally, and informal involvement expanded mainly through new civic action development projects intended to consolidate the security gains of the 2000s. However, failure to roll back paramilitary groups other than through the voluntary amnesty program of 2005 has facilitated the persistence of illicit collusion by military forces with reconstituted “neoparamilitary” drug trafficking groups. It is therefore crucially important to enhance oversight mechanisms and create substantial penalties for collusion with illegal armed groups. This is particularly important if Colombia intends to continue its new practice of exporting its security model to other countries in the region. The Santos government has initiated several promising reforms to enhance state capacity, institutional transparence, and accountability of public officials to the rule of law, which are crucial to locking in security gains and revitalizing democratic politics. Efforts to diminish opportunities for illicit association between the armed forces and criminal groups should complement that agenda, including the following: Champion breaking existing ties between the military and paramilitary successor groups through creative policies involving a mixture of punishments and rewards directed at the military; Investigation and extradition proceedings of drug traffickers, probe all possible ties, including as a matter of course the possibility of Colombian military collaboration. Doing so rigorously may have an important effect deterring military collusion with criminal groups. Establish and enforce zero-tolerance policies at all military ranks regarding collusion with criminal groups; Reward military units that are effective and also avoid corruption and criminal ties by providing them with enhanced resources and recognition; Rely on the military for civic action and development assistance as minimally as possible in order to build long-term civilian public sector capacity and to reduce opportunities for routine exposure of military forces to criminal groups circulating in local populations.
Resumo:
App collusion refers to two or more apps working together to achieve a malicious goal that they otherwise would not be able to achieve individually. The permissions based security model (PBSM) for Android does not address this threat, as it is rather limited to mitigating risks due to individual apps. This paper presents a technique for assessing the threat of collusion for apps, which is a first step towards quantifying collusion risk, and allows us to narrow down to candidate apps for collusion, which is critical given the high volume of Android apps available. We present our empirical analysis using a classified corpus of over 29000 Android apps provided by Intel Security.
