An authorization framework using building information models

A building information model (BIM) is an electronic repository of structured, three-dimensional data that captures both the physical and dynamic functional characteristics of a facility. In addition to its more traditional function as a tool to aid design and construction, a BIM can be used throughout the life cycle of a facility, functioning as a living database that places resources contained within the building in their spatial and temporal context. Through its comprehension of spatial relationships, a BIM can meaningfully represent and integrate previously isolated control and management systems and processes, and thereby provide a more intuitive interface to users. By placing processes in a spatial context, decision-making can be improved, with positive flow-on effects for security and efficiency. In this article, we systematically analyse the authorization requirements involved in the use of BIMs. We introduce the concept of using a BIM as a graphical tool to support spatial access control configuration and management (including physical access control). We also consider authorization requirements for regulating access to the structured data that exists within a BIM as well as to external systems and data repositories that can be accessed via the BIM interface. With a view to addressing these requirements we present a survey of relevant spatiotemporal access control models, focusing on features applicable to BIMs and highlighting capability gaps. Finally, we present a conceptual authorization framework that utilizes BIMs.

Analysis of Object-Specific Authorization Protocol (OSAP) using coloured Petri nets

The use of Trusted Platform Module (TPM) is be- coming increasingly popular in many security sys- tems. To access objects protected by TPM (such as cryptographic keys), several cryptographic proto- cols, such as the Object Specific Authorization Pro- tocol (OSAP), can be used. Given the sensitivity and the importance of those objects protected by TPM, the security of this protocol is vital. Formal meth- ods allow a precise and complete analysis of crypto- graphic protocols such that their security properties can be asserted with high assurance. Unfortunately, formal verification of these protocols are limited, de- spite the abundance of formal tools that one can use. In this paper, we demonstrate the use of Coloured Petri Nets (CPN) - a type of formal technique, to formally model the OSAP. Using this model, we then verify the authentication property of this protocol us- ing the state space analysis technique. The results of analysis demonstrates that as reported by Chen and Ryan the authentication property of OSAP can be violated.

Can water security be achieved in the urban environment through the implementation of the Neo Institutional theory government regulation and legislation?

The research seeks to address the current global water crisis and the built environments effect on the increasing demand for sustainability and water security. The fundamental question in determining the correct approach for water security in the built environment is whether government regulation and legislation could provide the framework for sustainable development and the conscious shift providing that change is the only perceivable option, there is no alternative. This article will attempt to analyse the value of the neo institutional theory as a method for directing individuals and companies to conform to water saving techniques. As is highlighted throughout the article, it will be investigated whether an incentive verse punishment approach to government legislations and regulations would provide the framework required to ensure water security within the built environment. Individuals and companies make certain choices or perform certain actions not because they fear punishment or attempt to conform; neither do they do so because an action is appropriate or feels some sort of social obligation. Instead, the cognitive element of neo institutionalism suggests that individuals make certain choices because they can conceive no alternative. The research seeks to identify whether sustainability and water security can become integrated into all aspects of design and architecture through the perception that 'there is no alternative.' This report seeks to address the omission of water security in the built environment by reporting on a series of investigations, interviews, literature reviews, exemplars and statistics relating to the built environment and the potential for increased water security. The results and analysis support the conclusions that through the support of government and local council, sustainability in the built environment could be achieved and become common practice for developments. Highlighted is the approach required for water management systems integration into the built environment and how these can be developed and maintained effectively between cities, states, countries and cultures.

Analysis of two authorization protocols using Colored Petri Nets

To prevent unauthorized access to protected trusted platform module (TPM) objects, authorization protocols, such as the object-specific authorization protocol (OSAP), have been introduced by the trusted computing group (TCG). By using OSAP, processes trying to gain access to the protected TPM objects need to prove their knowledge of relevant authorization data before access to the objects can be granted. Chen and Ryan’s 2009 analysis has demonstrated OSAP’s authentication vulnerability in sessions with shared authorization data. They also proposed the Session Key Authorization Protocol (SKAP) with fewer stages as an alternative to OSAP. Chen and Ryan’s analysis of SKAP using ProVerif proves the authentication property. The purpose of this paper was to examine the usefulness of Colored Petri Nets (CPN) and CPN Tools for security analysis. Using OSAP and SKAP as case studies, we construct intruder and authentication property models in CPN. CPN Tools is used to verify the authentication property using a Dolev–Yao-based model. Verification of the authentication property in both models using the state space tool produces results consistent with those of Chen and Ryan.

Joseph Ritter von Wertheimer, Moritz Lazarus and Abraham Geiger; Officers of the first Jewish Council of Leipzig Portraits; Groups; Men

"Praesidium der ersten israelitischen Synode zu Leipzig. II Vicepraesident Ritter V. Wertheimer aus Wien. Praesident Prof. Dr. M. Lazarus aus Berlin. I Vicepraesident Dr. A. Geiger aus Frankfurt a/M."

Telephone and security pad at the entrance of the ZFA (Zentrum für Antisemitismusforschung; Center for Research on Antisemitism); Berlin.

Digital Image

Ambassador von Staden and Secretary Califano signing the U.S.-German Social Security Agreement; Washington, D.C.

Digital Image

Telephone and security pad at the entrance of the ZFA (Zentrum für Antisemitismusforschung; Center for Research on Antisemitism); Berlin.

Digital Image

Counterfactual quantum certificate authorization

We present a multipartite protocol in a counterfactual paradigm. In counterfactual quantum cryptography, secure information is transmitted between two spatially separated parties even when there is no physical travel of particles transferring the information between them. We propose here a tripartite counterfactual quantum protocol for the task of certificate authorization. Here a trusted third party, Alice, authenticates an entity Bob (e.g., a bank) that a client Charlie wishes to securely transact with. The protocol is counterfactual with respect to either Bob or Charlie. We prove its security against a general incoherent attack, where Eve attacks single particles.

Biblioteca para a realização de security token services

A família de especificações WS-* define um modelo de segurança para web services, baseado nos conceitos de claim, security token e Security Token Service (STS). Neste modelo, a informação de segurança dos originadores de mensagens (identidade, privilégios, etc.) é representada através de conjuntos de claims, contidos dentro de security tokens. A emissão e obtenção destes security tokens, por parte dos originadores de mensagens, são realizadas através de protocolos legados ou através de serviços especiais, designados de Security Token Services, usando as operações e os protocolos definidos na especificação WS-Trust. O conceito de Security Token Service não é usado apenas no contexto dos web services. Propostas como o modelo dos Information Cards, aplicável no contexto de aplicações web, também utilizam este conceito. Os Security Token Services desempenham vários papéis, dependendo da informação presente no token emitido. São exemplos o papel de Identity Provider, quando os tokens emitidos contêm informação de identidade, ou o papel de Policy Decision Point, quando os tokens emitidos definem autorizações. Este documento descreve o projecto duma biblioteca software para a realização de Security Token Services, tal como definidos na norma WS-Trust, destinada à plataforma .NET 3.5. Propõem-se uma arquitectura flexível e extensível, de forma a suportar novas versões das normas e as diversas variantes que os Security Token Services possuem, nomeadamente: o tipo dos security token emitidos e das claims neles contidas, a inferência das claims e os métodos de autenticação das entidades requerentes. Apresentam-se aspectos de implementação desta arquitectura, nomeadamente a integração com a plataforma WCF, a sua extensibilidade e o suporte a modelos e sistemas externos à norma. Finalmente, descrevem-se as plataformas de teste implementadas para a validação da biblioteca realizada e os módulos de extensão da biblioteca para: suporte do modelo associado aos Information Cards, do modelo OpenID e para a integração com o Authorization Manager.

Les réseaux militaires comme acteurs des relations internationales : le cas du Multinational Interoperability Council

Depuis plus de cinquante ans, les puissances occidentales ont créé toutes sortes de réseaux militaires internationaux, afin de renforcer leurs liens et harmoniser leurs techniques, leurs équipements et leurs façons de faire. Jusqu’à ce jour, ces regroupements sont demeurés largement ignorés de la discipline des relations internationales. Or, la mondialisation des échanges et l’essor des technologies de l’information ont ouvert les processus politiques à de nouveaux acteurs, y compris en matière de sécurité, jetant un éclairage nouveau sur le rôle, la mission et les responsabilités que les États délèguent à ces réseaux. En menant une analyse approfondie d’un réseau militaire, le Multinational Interoperability Council, cette recherche a pour objectifs de définir les réseaux militaires internationaux en tant que catégorie d’analyse des relations internationales, de documenter empiriquement leur fonctionnement et de mieux comprendre leur rôle dans le champ de la sécurité internationale. Pour ce faire, la démarche propose de recourir à l’appareil conceptuel de l’institutionnalisme relationnel, de la théorie des champs et du tournant pratiques en relations internationales. Cette combinaison permet d’aborder les dimensions institutionnelle, cognitive et pratique de l’action collective au sein du réseau étudié. L’analyse nous apprend que, malgré une influence limitée, le MIC produit une identité, des capacités, des préférences et des effets qui lui sont propres. Les acteurs du MIC ont eux-mêmes généré certaines conditions de son institutionnalisation, et sont parvenus à faire du réseau, d’abord conçu comme une structure d’échanges d’informations, un acteur intentionnel du champ de la sécurité internationale. Le MIC ne peut agir de façon autonome, sans contrôle des États. Cependant, les relations établies entre les militaires qui y participent leur offrent des capacités – le capital social, politique et d’expertise – dont ils ne disposeraient pas autrement, et qu’ils peuvent mobiliser dans leurs interactions avec les autres acteurs du champ.

Does the Stockholm Programme matter? The struggles over ownership of AFSJ multiannual programming. CEPS Paper in Liberty and Security No. 51/December 2012

Does the 2009 Stockholm Programme matter? This paper addresses the controversies experienced at EU institutional levels as to ‘who’ should have ownership of the contours of the EU’s policy and legislative multiannual programming in the Area of Freedom, Security and Justice (AFSJ) in a post-Lisbon Treaty landscape. It examines the struggles around the third multiannual programme on the AFSJ, i.e. the Stockholm Programme, and the dilemmas affecting its implementation. The latest affair to emerge relates to the lack of fulfilment by the European Commission of the commitment to provide a mid-term evaluation of the Stockholm Programme’s implementation by mid-2012, as requested by both the Council and the European Parliament. This paper shifts the focus to a broader perspective and raises the following questions: Is the Stockholm Programme actually relevant? What do the discussions behind its implementation tell us about the new institutional dynamics affecting European integration on the AFSJ? Does the EU actually need a new (post- Stockholm) multiannual programme for the period 2015–20? And last, what role should the EP play in legislative and policy programming in order to further strengthen the democratic accountability and legitimacy of the EU’s AFSJ?