Incidencia de las agresiones a la seguridad cibernética en el desarrollo informático de las Fuerzas Armadas de Estados Unidos (2003-2013)

La presente investigación tiene como objetivo analizar la incidencia de las agresiones cibernéticas en el desarrollo informático de las Fuerzas Armadas de Estados Unidos. Los diferentes estudios que se han realizado sobre el ciberespacio se han enfocado en el papel del individuo como actor principal y se ha dejado de lado las repercusiones que éste ha tenido para el Estado, como un nuevo eje de amenazas. Teniendo en cuenta lo anterior, esta investigación demostrará a partir del concepto de securitización, que se busca priorizar la “ciberseguridad” dentro de la agenda del gobierno estadounidense. Al ser este un estudio que aborda experiencias concretas durante un periodo de tiempo de más de 10 años, el diseño metodológico de la investigación será longitudinal, ya que abarcará estudios, artículos, textos y resoluciones que se han realizado desde 2003 hasta la actualidad.

Past and future evolution of Abies alba forests in Europe - comparison of a dynamic vegetation model with palaeo data and observations

Information on how species distributions and ecosystem services are impacted by anthropogenic climate change is important for adaptation planning. Palaeo data suggest that Abies alba formed forests under significantly warmer-than-present conditions in Europe and might be a native substitute for widespread drought-sensitive temperate and boreal tree species such as beech (Fagus sylvatica) and spruce (Picea abies) under future global warming conditions. Here, we combine pollen and macrofossil data, modern observations, and results from transient simulations with the LPX-Bern dynamic global vegetation model to assess past and future distributions of A. alba in Europe. LPX-Bern is forced with climate anomalies from a run over the past 21 000 years with the Community Earth System Model, modern climatology, and with 21st-century multimodel ensemble results for the high-emission RCP8.5 and the stringent mitigation RCP2.6 pathway. The simulated distribution for present climate encompasses the modern range of A. alba, with the model exceeding the present distribution in north-western and southern Europe. Mid-Holocene pollen data and model results agree for southern Europe, suggesting that at present, human impacts suppress the distribution in southern Europe. Pollen and model results both show range expansion starting during the Bølling–Allerød warm period, interrupted by the Younger Dryas cold, and resuming during the Holocene. The distribution of A. alba expands to the north-east in all future scenarios, whereas the potential (currently unrealized) range would be substantially reduced in southern Europe under RCP8.5. A. alba maintains its current range in central Europe despite competition by other thermophilous tree species. Our combined palaeoecological and model evidence suggest that A. alba may ensure important ecosystem services including stand and slope stability, infrastructure protection, and carbon sequestration under significantly warmer-than-present conditions in central Europe.

Dialogue, partnership and empowerment for network and information security:the changing role of the private sector from objects of regulation to regulation shapers

The protection of cyberspace has become one of the highest security priorities of governments worldwide. The EU is not an exception in this context, given its rapidly developing cyber security policy. Since the 1990s, we could observe the creation of three broad areas of policy interest: cyber-crime, critical information infrastructures and cyber-defence. One of the main trends transversal to these areas is the importance that the private sector has come to assume within them. In particular in the area of critical information infrastructure protection, the private sector is seen as a key stakeholder, given that it currently operates most infrastructures in this area. As a result of this operative capacity, the private sector has come to be understood as the expert in network and information systems security, whose knowledge is crucial for the regulation of the field. Adopting a Regulatory Capitalism framework, complemented by insights from Network Governance, we can identify the shifting role of the private sector in this field from one of a victim in need of protection in the first phase, to a commercial actor bearing responsibility for ensuring network resilience in the second, to an active policy shaper in the third, participating in the regulation of NIS by providing technical expertise. By drawing insights from the above-mentioned frameworks, we can better understand how private actors are involved in shaping regulatory responses, as well as why they have been incorporated into these regulatory networks.

A cyber exercise post assessment framework: In Malaysia perspectives

Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.

Identificação e Caraterização de Infraestruturas Críticas – Uma Metodologia

A proteção das Infraestruturas Críticas tornou-se numa questão essencial no sistema internacional e nos Estados. Mais recentemente, Portugal começou a acompanhar esta tendência. Neste debate, torna-se de crucial importância, a identificação das infraestruturas que devem ser consideradas como críticas. Esta identificação terá como principal objetivo a redução das suas vulnerabilidades e a eficiência no emprego de recursos para a proteção das mesmas. Mas que critérios e indicadores, em cada setor/subsetor, possibilitam uma adequada metodologia para a identificação e caraterização das Infraestruturas Críticas em Portugal? Com vista a responder a esta problemática será analisada a metodologia adotada por Portugal, bem como as componentes da metodologia de identificação e caraterização de Infraestruturas Críticas utilizadas em países e organizações de referência. Esta investigação tem como objetivo geral identificar de áreas de melhoria na metodologia adotada pela Autoridade Nacional de Proteção Civil e, com base na análise da metodologia usada em organizações e países de referência, contribuir para a identificação e caraterização das IC em Portugal. Conclui-se que a Identificação e Caraterização de Infraestruturas Críticas nacionais deve ser aplicada na primeira fase do processo de elaboração do Programa Nacional de Proteção de Infraestruturas Críticas, apresentando, simultaneamente, uma definição de Infraestrutura Crítica, através de possíveis agrupamentos em setores, critérios e indicadores a adotar. Abstract: Critical infrastructure protection has become a key issue for states in the international system. Recently, Portugal has joined this trend. In this debate, the identification of structures to be considered critical infrastructure becomes crucial. This process of identification should have as key purpose the reduction of these infrastructures, and an efficient use of resources in protecting them. However, which criteria and indicators, for each sector/ sub-sector, allow for an adequate methodology for identifying and characterizing critical infrastructures in Portugal? In order to answer this, this research will analyse the methodology adopted by the National Civil Protection Authority, as well as some methodology components for identifying and characterizing critical infrastructure used by reference countries and organizations. The main purpose of this research is thus to contribute to the development of a methodology to be used in Portugal, through the development of criteria and indicators that prove adequate to identifying and characterizing Portuguese critical infrastructure. It concludes that the identification and characterization of national critical infrastructures should be applied in the first phase of elaborating a national program for the protection of critical infrastructures, while simultaneously presenting a definition of critical infrastructure, through possible grouping in sectors, criteria and indicators to adopt.

Sustainable urban infrastructure development in south east Asia : evidence from Hong Kong, Kuala Lumpur and Singapore

Many South East Asian cities have experienced substantial physical, economic and social transformations during the past several decades. The rapid pace of globalisation and economic restructuring has resulted in these cities receiving the full impact of urbanisation pressures. In an attempt to ease these pressures, cities such as Singapore, Hong Kong and Kuala Lumpur have advocated growth management approaches focussing especially on urban infrastructure sustainability. These approaches aim to achieve triple bottom line sustainability by balancing economic and social development, and environmental protection. This chapter evaluates three Asia-Pacific city cases, Singapore, Hong Kong and Kuala Lumpur, and assesses their experiences in managing their urban forms and infrastructure whilst promoting sustainable patterns of urban development.

Queue protection parameters’ fine-tuning for variable speed limits

Any incident on motorways potentially can be followed by secondary crashes. Rear-end crashes also could happen as a result of queue formation downstream of high speed platoons. To decrease the occurrence of secondary crashes and rear-end crashes, Variable Speed Limits (VSL) can be applied to protect queue formed downstream. This paper focuses on fine tuning the Queue Protection algorithm of VSL. Three performance indicators: activation time, deactivation time and number of false alarms are selected to optimise the Queue Protection algorithm. A calibrated microscopic traffic simulation model of Pacific Motorway in Brisbane is used for the optimisation. Performance of VSL during an incident and heavy congestion and the benefit of VSL will be presented in the paper.

Sustainable road infrastructure procurement in Australia

According to Tan et al. (2011), the establishment of a clear sustainability policy in the construction industry is paramount, if only as a statement of the commitment of the top management to protecting the environment and enhancing social responsibility. The resulting policies should then translate into proactive strategies and action plans that improve the sustainability performance of contractors and provide a competitive advantage by integrating “long-run profitability” with sustainable development efforts. The strategies should also take into account climatic protection issues through greenhouse gas emissions (GHGe) monitoring and reduction initiatives (Stocker & Luptacik, 2009)...

Sustainable urban infrastructure development in South East Asia : evidence from Hong Kong, Kuala Lumpur and Singapore

Many South East Asian cities have experienced substantial physical, economic and social transformations during the past several decades. The rapid pace of globalization and economic restructuring has resulted in these cities receiving the full impact of urbanization pressures. In an attempt to ease these pressures, cities such as Singapore, Hong Kong and Kuala Lumpur have advocated growth management approaches focusing especially on urban infrastructure sustainability. These approaches aim to achieve triple bottom line sustainability by balancing economic and social development, and environmental protection. This chapter evaluates three Asia-Pacific city cases, Singapore, Hong Kong and Kuala Lumpur, and assesses their experiences in managing their urban forms and infrastructure whilst promoting sustainable patterns of urban development.

IT pricing: Copyright law, consumer rights, and competition policy. A submission to the House of Representatives Standing Committee on Infrastructure and Communications Inquiry into IT Pricing

For a hundred years, since Federation, Australian consumers have suffered the indignity and the tragedy of price discrimination. From the time of imperial publishing networks, Australia has been suffered from cultural colonialism. In respect of pricing of copyright works, Australian consumers have been gouged; ripped-off; and exploited. Digital technologies have not necessarily brought an end to such price discrimination. Australian consumers have been locked out by technological protection measures; subject to surveillance, privacy intrusions and security breaches; locked into walled gardens by digital rights management systems; and geo-blocked.

Foreign Aid Linked to Infrastructure and/or Pollution Abatement

This paper studies the macroeconomic effects of a permanent increase in foreign aid in a model that takes into account environmental quality. We develop a dynamic equilibrium model in which both public investment in infrastructure and environmental protection can be financed using domestic resources and international aid programs. The framework considers four scenarios for international aid: untied aid,aid fully tied to infrastructure, aid fully tied to abatement, and aid equally tied to both types of expenditures. We find that the effects of the transfers may depend on (i) the structural characteristics of the recipient country (the elasticity of substitution in production and its dependence on environment and natural resources) and on (ii) how recipient countries distribute their public expenditure. These results underscore the importance of these factors when deciding how and to what extent to tie aid to infrastructure and/or pollution abatement.

Providing User Security Guarantees in Public Infrastructure Clouds

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants - insulated from the minutiae of hardware maintenance - rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.