Alternatives to peace keeping in Korea: the role of non-state actors and face-to-face encounters

Korea is one of the world's most volatile areas, not least because traditional UN mediation and peacekeeping missions are impossible. Having intervened in the Korean War on behalf of the southern side, the UN is a party to the conflict, rather than a neutral arbiter. The situation is particularly problematic because political interactions are characterized by a high degree of state-control over security policy. In both parts of the peninsula the state has, at least until recently, exercised the exclusive right to deal with the opponent on the other side of the hermetically divided peninsula. Given these domestic and international constrains, alternative approaches to conflict resolution are urgently needed. The recently proliferating literature on human security offers possible solutions, for it urges policy makers to view security beyond the conventional military-based defence of the state and its territory. Using such a conceptual framework, the essay assesses the potential significance non-state interactions between North and South, particularly those that promote communication, information exchange and face-to-face encounters. Even though these interactions remain limited, they are of crucial importance, for they provide an opportunity to reduce the stereotypical threat images that continue to fuel conflict on the peninsula.

Information flow analysis for fail-secure devices

Information security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our method uses reachability matrices to identify potentially undesirable information flows based on the fault modes of the system's components.

Analysis of Security in Archiving

Some basic types of archiving programs are described in the paper in addition to their advantages and disadvantages with respect to the analysis of security in archiving. Analysis and appraisal are performed on the results obtained during the described experiments.

Computação em nuvem no governo: caminhos para a formação de uma agenda governamental

This work aims to understand how cloud computing contextualizes the IT government and decision agenda, in the light of the multiple streams model, considering the current status of public IT policies, the dynamics of the agenda setting for the area, the interface between the various institutions, and existing initiatives on the use of cloud computing in government. Therefore, a qualitative study was conducted through interviews with a group of policy makers and the other group consists of IT managers. As analysis technique, this work made use of content analysis and analysis of documents, with some results by word cloud. As regards the main results to overregulation to the area, usually scattered in various agencies of the federal government, which hinders the performance of the managers. Identified a lack of knowledge of standards, government programs, regulations and guidelines. Among these he highlighted a lack of understanding of the TI Maior Program, the lack of effectiveness of the National Broadband Plan in view of the respondents, as well as the influence of Internet Landmark as an element that can jam the advances in the use of computing cloud in the Brazilian government. Also noteworthy is the bureaucratization of the acquisition of goods to IT services, limited, in many cases, technological advances. Regarding the influence of the actors, it was not possible to identify the presence of a political entrepreneur, and it was noticed a lack of political force. Political flow was affected only by changes within the government. Fragmentation was a major factor for the theme of weakening the agenda formation. Information security was questioned by the respondents pointed out that the main limitation coupled with the lack of training of public servants. In terms of benefits, resource economy is highlighted, followed by improving efficiency. Finally, the discussion about cloud computing needs to advance within the public sphere, whereas the international experience is already far advanced, framing cloud computing as a responsible element for the improvement of processes, services and economy of public resources

The European Union Foreign Policy in the Caucasus and Central Asia: The Limitations of the Opening towards the East

This article intends to study the evolution of the European Union foreign policy in the Southern Caucasus and Central Area throughout the Post-Cold War era. The aim is to analyze Brussels’ fundamental interests and limitations in the area, the strategies it has implemented in the last few years, and the extent to which the EU has been able to undermine the regional hegemons’ traditional supremacy. As will be highlighted, the Community’s chronic weaknesses, the local determination to preserve sovereignty and an increasing international geopolitical competition undermine any European aspiration to become a pre-eminent actor at the heart of the Eurasian continent in the near future.

La Ciberseguridad como factor crítico en la Seguridad de la Unión Europea

El ciberespacio es un escenario de conflicto altamente complejo al estar en constante evolución. Ni la Unión Europea ni ningún otro actor del sistema internacional se encuentra a salvo de las amenazas procedentes del ciberespacio. Pero los pasos dados desde la UE en el mundo de la ciberseguridad no son en absoluto suficientes. Europa necesita que su Estrategia de ciberseguridad sea realmente capaz de integrar a las diferentes Estrategias nacionales. Es urgente una mayor determinación, unos mayores recursos y unos mejores instrumentos que permitan a la Unión implementar una gestión de crisis y una prevención de ciberconflictos verdaderamente eficaz.

The Challenge of Migration and the Global Security Strategy of the European Union

This article discusses the challenges of irregular migration for the security of the EU. They are analyzed starting with the European Security Strategy 2003, and the Report on its Implementation, 2008, and notes many failures: The EU Members did not follow the directives adopted in Brussels, the mismanagement of migration and asylum policies, and numerous actions that can be characterized or described as improvised, scattered or irresponsible. The 2016 Global Strategy recognizes these failures and call attention to the European leaders to reconsider how the EU functions and operates, suggesting the need for greater unity and cooperation to achieve a more effective migration policy. However, the article points out that practically all of the sections of the new Strategy dealing with migration were already embodied in previous Strategies, and stress that in parallel with the publication of the 2016 Global Strategy, actions are already undertaken, such as the EU readmission agreements signed with several important third countries of origin.

The Weapons of Mass Destruction and the Global Security Strategy of the EU

The proliferation of weapons of mass destruction (WMD), nuclear, biological and chemical (NBC) is one of the main security challenges facing the international community today. However the new Global Security Strategy of 2016 raises the question of non-proliferation of WMD only as an incidental matter, not addressing directly the threat, a fundamental threat in the regional and global security. This is a clear step backwards for the European common security.

Russia and the Global Security Strategy of the European Union

The present article reviews the relations between the EU and Russia in the past decade and shows the deterioration of the bilateral relations. The Putin´s Russia has become a very active geostrategic player, with a worrying behaviour, breaking balances in the international scene established since the end of the Cold War. Russia is a priority in the Foreign and Security Policy of the European Global Security Strategy, but has become also a clear competitor. This last aspect is not sufficiently underlined in the Strategy and thus the strategic framework is not clear. In parallel, it is not clear in the Strategy which are the tools the EU has to defend its neighbourhood when their independence, sovereignty or territorial defence may be put in question. This question goes beyond the support to the resilience of those neighbours.

STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems

Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.

Platform Privacy: The Missing Piece of Data Protection Legislation

After years of deliberation, the EU commission sped up the reform process of a common EU digital policy considerably in 2015 by launching the EU digital single market strategy. In particular, two core initiatives of the strategy were agreed upon: General Data Protection Regulation and the Network and Information Security (NIS) Directive law texts. A new initiative was additionally launched addressing the role of online platforms. This paper focuses on the platform privacy rationale behind the data protection legislation, primarily based on the proposal for a new EU wide General Data Protection Regulation. We analyse the legislation rationale from an Information System perspective to understand the role user data plays in creating platforms that we identify as “processing silos”. Generative digital infrastructure theories are used to explain the innovative mechanisms that are thought to govern the notion of digitalization and successful business models that are affected by digitalization. We foresee continued judicial data protection challenges with the now proposed Regulation as the adoption of the “Internet of Things” continues. The findings of this paper illustrate that many of the existing issues can be addressed through legislation from a platform perspective. We conclude by proposing three modifications to the governing rationale, which would not only improve platform privacy for the data subject, but also entrepreneurial efforts in developing intelligent service platforms. The first modification is aimed at improving service differentiation on platforms by lessening the ability of incumbent global actors to lock-in the user base to their service/platform. The second modification posits limiting the current unwanted tracking ability of syndicates, by separation of authentication and data store services from any processing entity. Thirdly, we propose a change in terms of how security and data protection policies are reviewed, suggesting a third party auditing procedure.

Why Cyber Security is Hard

Abstract There has been a great deal of interest in the area of cyber security in recent years. But what is cyber security exactly? And should society really care about it? We look at some of the challenges of being an academic working in the area of cyber security and explain why cyber security is, to put it rather simply, hard! Speaker Biography Keith Martin Prof. Keith Martin is Professor of Information Security at Royal Holloway, University of London. He received his BSc (Hons) in Mathematics from the University of Glasgow in 1988 and a PhD from Royal Holloway in 1991. Between 1992 and 1996 he held a Research Fellowship at the University of Adelaide, investigating mathematical modelling of cryptographic key distribution problems. In 1996 he joined the COSIC research group of the Katholieke Universiteit Leuven in Belgium, working on security for third generation mobile communications. Keith rejoined Royal Holloway in January 2000, became a Professor in Information Security in 2007 and was Director of the Information Security Group between 2010 and 2015. Keith's research interests range across cyber security, but with a focus on cryptographic applications. He is the author of 'Everyday Cryptography' published by Oxford University Press.

Cyber security in home and small office local area networks - Attack vectors and vulnerabilities

This thesis presents security issues and vulnerabilities in home and small office local area networks that can be used in cyber-attacks. There is previous research done on single vulnerabilities and attack vectors, but not many papers present full scale attack examples towards LAN. First this thesis categorizes different security threads and later in the paper methods to launch the attacks are shown by example. Offensive security and penetration testing is used as research methods in this thesis. As a result of this thesis an attack is conducted using vulnerabilities in WLAN, ARP protocol, browser as well as methods of social engineering. In the end reverse shell access is gained to the target machine. Ready-made tools are used in the attack and their inner workings are described. Prevention methods are presented towards the attacks in the end of the thesis.

Turkish Security Policymaking on Nuclear Issues: Conceptualizing Advanced Cooperative Security Strategies

Turkey is a non-nuclear member of a nuclear alliance in a region where nuclear proliferation is of particular concern. As the only North Atlantic Treaty Organization (NATO) member that has a border with the Middle East, Turkish officials argue that Turkey cannot solely rely on NATO guarantees in addressing the regional security challenges. However, Turkey has not been able to formulate a security policy that reconciles its quest for independence, its NATO membership, the bilateral relationship with the United States, and regional engagement in the Middle East. This dissertation assesses the strategic implications of Turkey’s perceptions of the U.S./NATO nuclear and conventional deterrence on nuclear issues. It explores three case studies by the process tracing of Turkish policymakers’ nuclear-related decisions on U.S. tactical nuclear weapons deployed in Europe, national air and missile defense, and Iran’s nuclear program. The study finds that the principles of Turkish security policymaking do not incorporate a fundamentally different reasoning on nuclear issues than conventional deterrence. Nuclear weapons and their delivery systems do not have a defining role in Turkish security and defense strategy. The decisions are mainly guided by non-nuclear considerations such as Alliance politics, modernization of the domestic defense industry, and regional influence. The dissertation argues that Turkey could formulate more effective and less risky security policies on nuclear issues by emphasizing the cooperative security approaches within the NATO Alliance over confrontational measures. The findings of this dissertation reveal that a major transformation of Turkish security policymaking is required to end the crisis of confidence with NATO, redefinition of the strategic partnership with the US, and a more cautious approach toward the Middle East. The dissertation argues that Turkey should promote proactive measures to reduce, contain, and counter risks before they develop into real threats, as well as contribute to developing consensual confidence-building measures to reduce uncertainty.