969 resultados para security model
Resumo:
We thank the European Research Council ERC (project GA 335910 VEWA) for funding the VeWa project.
Resumo:
This work contributes to the ELUM (Ecosystem Land Use Modelling & Soil Carbon GHG Flux Trial) project, which was commissioned and funded by the Energy Technologies Institute (ETI). We acknowledge the E-OBS data set from the EU-FP6 project ENSEMBLES (http://ensembles-eu.metoffice.com) and the data providers in the ECA&D project (http://www.ecad.eu).
Resumo:
Using survey data from 358 online customers, the study finds that the e-service quality construct conforms to the structure of a third-order factor model that links online service quality perceptions to distinct and actionable dimensions, including (1) website design, (2) fulfilment, (3) customer service, and (4) security/privacy. Each dimension is found to consist of several attributes that define the basis of e-service quality perceptions. A comprehensive specification of the construct, which includes attributes not covered in existing scales, is developed. The study contrasts a formative model consisting of 4 dimensions and 16 attributes against a reflective conceptualization. The results of this comparison indicate that studies using an incorrectly specified model overestimate the importance of certain e-service quality attributes. Global fit criteria are also found to support the detection of measurement misspecification. Meta-analytic data from 31,264 online customers are used to show that the developed measurement predicts customer behavior better than widely used scales, such as WebQual and E-S-Qual. The results show that the new measurement enables managers to assess e-service quality more accurately and predict customer behavior more reliably.
Resumo:
Due to their informality, the favelas of Rio de Janeiro are in a precarious position. Though the informal neighborhoods have long served as sites of affordable housing for Rio’s poorest residents, changes within in the city related to public security, mega-events, real estate speculation, and urban revitalization jeopardize their permanence. As one possible solution, this study, conducted for the client Catalytic Communities, investigated collective titling in favelas modeled after quilombos, territories recognized and titled by Brazilian federal law as patrimonies of black cultural traditions.
Resumo:
The postwar development of the Intelligence Services in Japan has been based on two contrasting models: the centralized model of the USA and the collegiality of UK, neither of which has been fully developed. This has led to clashes of institutional competencies and poor anticipation of threats towards national security. This problem of opposing models has been partially overcome through two dimensions: externally through the cooperation with the US Intelligence Service under the Treaty of Mutual Cooperation and Security; and internally though the pre-eminence in the national sphere of the Department of Public Safety. However, the emergence of a new global communicative dimension requires that a communicative-viewing remodeling of this dual model is necessary due to the increasing capacity of the individual actors to determine the dynamics of international events. This article examines these challenges for the Intelligence Services of Japan and proposes a reform based on this new global communicative dimension.
Resumo:
This paper begins by outlining and critiquing what we term the dominant anglophone model of neo-liberal community safety and crime prevention. As an alternative to this influential but flawed model, a comparative analysis is provided of the different constitutional-legal settlements in each of the five jurisdictions across the UK and the Republic of Ireland (ROI), and their uneven institutionalization of community safety. In the light of this it is argued that the nature of the anglophone community safety enterprise is actually subject to significant variation. Summarizing the contours of this variation facilitates our articulation of some core dimensions of community safety. Then, making use of Colebatch’s (2002) deconstruction of policy activity into categories of authority and expertise, and Brunsson’s (2002) distinction between policy talk, decisions and action, we put forward a way of understanding policy activity that avoids the twin dangers of ‘false particularism’ and ‘false universalism’ (Edwards and Hughes, 2005); that indicates a path for further empirical enquiry to assess the ‘reality’ of policy convergence; and that enables the engagement of researchers with normative questions about where community safety should be heading.
Resumo:
Provenance plays a pivotal in tracing the origin of something and determining how and why something had occurred. With the emergence of the cloud and the benefits it encompasses, there has been a rapid proliferation of services being adopted by commercial and government sectors. However, trust and security concerns for such services are on an unprecedented scale. Currently, these services expose very little internal working to their customers; this can cause accountability and compliance issues especially in the event of a fault or error, customers and providers are left to point finger at each other. Provenance-based traceability provides a mean to address part of this problem by being able to capture and query events occurred in the past to understand how and why it took place. However, due to the complexity of the cloud infrastructure, the current provenance models lack the expressibility required to describe the inner-working of a cloud service. For a complete solution, a provenance-aware policy language is also required for operators and users to define policies for compliance purpose. The current policy standards do not cater for such requirement. To address these issues, in this paper we propose a provenance (traceability) model cProv, and a provenance-aware policy language (cProvl) to capture traceability data, and express policies for validating against the model. For implementation, we have extended the XACML3.0 architecture to support provenance, and provided a translator that converts cProvl policy and request into XACML type.
Resumo:
This paper aims to conceptualise trafficking in human beings (THB) as an organised crime by drawing on the rational choice theory. Utilising crime scripting principles, it proposes trafficking schematics to capture and visualise THB in its entirety. Stemming from its transnational nature and varying conceptualisations, combatting THB faces challenges, such as the lack of harmonisation of policy instruments and differing stakeholder agendas. To mitigate these challenges, this paper proposes trafficking schematics. Their core lies in the modelling of THB constituent elements, including stages and their sequence, key actors and relationships, and financial modus operandi. Trafficking schematics may therefore contribute to addressing THB in a holistic, dynamic and integrated way, by enriching stakeholders’ understanding of the phenomenon and facilitating collaboration to address it. The paper contributes to theory and practice by drawing up a model of the procedural, human, logistical and environmental elements of THB that may be viewed as an instrument of public value creation.
Resumo:
This paper analyzes the dynamics ofthe American Depositary Receipt (ADR) of a Colombian bank (Bancolombia) in relation to its pricing factors (underlying (preferred) shares price, exchange rate and the US market index). The aim is to test if there is a long-term relation among these variables that would imply predictability. One cointegrating relation is found allowing the use of a vector error correction model to examine the transmission of shocks to the underlying prices, the exchange rate, and the US market index. The main finding of this paper is that in the short run, the underlying share price seems to adjust after changes in the ADR price, pointing to the fact that the NYSE (trading market for the ADR) leads the Colombian market. However, in the long run, both, the underlying share price and the ADR price, adjust to changes in one another.
Resumo:
We propose three research problems to explore the relations between trust and security in the setting of distributed computation. In the first problem, we study trust-based adversary detection in distributed consensus computation. The adversaries we consider behave arbitrarily disobeying the consensus protocol. We propose a trust-based consensus algorithm with local and global trust evaluations. The algorithm can be abstracted using a two-layer structure with the top layer running a trust-based consensus algorithm and the bottom layer as a subroutine executing a global trust update scheme. We utilize a set of pre-trusted nodes, headers, to propagate local trust opinions throughout the network. This two-layer framework is flexible in that it can be easily extensible to contain more complicated decision rules, and global trust schemes. The first problem assumes that normal nodes are homogeneous, i.e. it is guaranteed that a normal node always behaves as it is programmed. In the second and third problems however, we assume that nodes are heterogeneous, i.e, given a task, the probability that a node generates a correct answer varies from node to node. The adversaries considered in these two problems are workers from the open crowd who are either investing little efforts in the tasks assigned to them or intentionally give wrong answers to questions. In the second part of the thesis, we consider a typical crowdsourcing task that aggregates input from multiple workers as a problem in information fusion. To cope with the issue of noisy and sometimes malicious input from workers, trust is used to model workers' expertise. In a multi-domain knowledge learning task, however, using scalar-valued trust to model a worker's performance is not sufficient to reflect the worker's trustworthiness in each of the domains. To address this issue, we propose a probabilistic model to jointly infer multi-dimensional trust of workers, multi-domain properties of questions, and true labels of questions. Our model is very flexible and extensible to incorporate metadata associated with questions. To show that, we further propose two extended models, one of which handles input tasks with real-valued features and the other handles tasks with text features by incorporating topic models. Our models can effectively recover trust vectors of workers, which can be very useful in task assignment adaptive to workers' trust in the future. These results can be applied for fusion of information from multiple data sources like sensors, human input, machine learning results, or a hybrid of them. In the second subproblem, we address crowdsourcing with adversaries under logical constraints. We observe that questions are often not independent in real life applications. Instead, there are logical relations between them. Similarly, workers that provide answers are not independent of each other either. Answers given by workers with similar attributes tend to be correlated. Therefore, we propose a novel unified graphical model consisting of two layers. The top layer encodes domain knowledge which allows users to express logical relations using first-order logic rules and the bottom layer encodes a traditional crowdsourcing graphical model. Our model can be seen as a generalized probabilistic soft logic framework that encodes both logical relations and probabilistic dependencies. To solve the collective inference problem efficiently, we have devised a scalable joint inference algorithm based on the alternating direction method of multipliers. The third part of the thesis considers the problem of optimal assignment under budget constraints when workers are unreliable and sometimes malicious. In a real crowdsourcing market, each answer obtained from a worker incurs cost. The cost is associated with both the level of trustworthiness of workers and the difficulty of tasks. Typically, access to expert-level (more trustworthy) workers is more expensive than to average crowd and completion of a challenging task is more costly than a click-away question. In this problem, we address the problem of optimal assignment of heterogeneous tasks to workers of varying trust levels with budget constraints. Specifically, we design a trust-aware task allocation algorithm that takes as inputs the estimated trust of workers and pre-set budget, and outputs the optimal assignment of tasks to workers. We derive the bound of total error probability that relates to budget, trustworthiness of crowds, and costs of obtaining labels from crowds naturally. Higher budget, more trustworthy crowds, and less costly jobs result in a lower theoretical bound. Our allocation scheme does not depend on the specific design of the trust evaluation component. Therefore, it can be combined with generic trust evaluation algorithms.
Resumo:
This paper applies a stochastic viability approach to a tropical small-scale fishery, offering a theoretical and empirical example of ecosystem-based fishery management approach that accounts for food security. The model integrates multi-species, multi-fleet and uncertainty as well as profitability, food production, and demographic growth. It is calibrated over the period 2006–2010 using monthly catch and effort data from the French Guiana's coastal fishery, involving thirteen species and four fleets. Using projections at the horizon 2040, different management strategies and scenarios are compared from a viability viewpoint, thus accounting for biodiversity preservation, fleet profitability and food security. The analysis shows that under certain conditions, viable options can be identified which allow fishing intensity and production to be increased to respond to food security requirements but with minimum impacts on the marine resources.
Resumo:
The major function of this model is to access the UCI Wisconsin Breast Cancer data-set[1] and classify the data items into two categories, which are normal and anomalous. This kind of classification can be referred as anomaly detection, which discriminates anomalous behaviour from normal behaviour in computer systems. One popular solution for anomaly detection is Artificial Immune Systems (AIS). AIS are adaptive systems inspired by theoretical immunology and observed immune functions, principles and models which are applied to problem solving. The Dendritic Cell Algorithm (DCA)[2] is an AIS algorithm that is developed specifically for anomaly detection. It has been successfully applied to intrusion detection in computer security. It is believed that agent-based modelling is an ideal approach for implementing AIS, as intelligent agents could be the perfect representations of immune entities in AIS. This model evaluates the feasibility of re-implementing the DCA in an agent-based simulation environment called AnyLogic, where the immune entities in the DCA are represented by intelligent agents. If this model can be successfully implemented, it makes it possible to implement more complicated and adaptive AIS models in the agent-based simulation environment.
Resumo:
Database schemas, in many organizations, are considered one of the critical assets to be protected. From database schemas, it is not only possible to infer the information being collected but also the way organizations manage their businesses and/or activities. One of the ways to disclose database schemas is through the Create, Read, Update and Delete (CRUD) expressions. In fact, their use can follow strict security rules or be unregulated by malicious users. In the first case, users are required to master database schemas. This can be critical when applications that access the database directly, which we call database interface applications (DIA), are developed by third party organizations via outsourcing. In the second case, users can disclose partially or totally database schemas following malicious algorithms based on CRUD expressions. To overcome this vulnerability, we propose a new technique where CRUD expressions cannot be directly manipulated by DIAs any more. Whenever a DIA starts-up, the associated database server generates a random codified token for each CRUD expression and sends it to the DIA that the database servers can use to execute the correspondent CRUD expression. In order to validate our proposal, we present a conceptual architectural model and a proof of concept.
Resumo:
The past several years have seen the surprising and rapid rise of Bitcoin and other “cryptocurrencies.” These are decentralized peer-to-peer networks that allow users to transmit money, tocompose financial instruments, and to enforce contracts between mutually distrusting peers, andthat show great promise as a foundation for financial infrastructure that is more robust, efficientand equitable than ours today. However, it is difficult to reason about the security of cryptocurrencies. Bitcoin is a complex system, comprising many intricate and subtly-interacting protocol layers. At each layer it features design innovations that (prior to our work) have not undergone any rigorous analysis. Compounding the challenge, Bitcoin is but one of hundreds of competing cryptocurrencies in an ecosystem that is constantly evolving. The goal of this thesis is to formally reason about the security of cryptocurrencies, reining in their complexity, and providing well-defined and justified statements of their guarantees. We provide a formal specification and construction for each layer of an abstract cryptocurrency protocol, and prove that our constructions satisfy their specifications. The contributions of this thesis are centered around two new abstractions: “scratch-off puzzles,” and the “blockchain functionality” model. Scratch-off puzzles are a generalization of the Bitcoin “mining” algorithm, its most iconic and novel design feature. We show how to provide secure upgrades to a cryptocurrency by instantiating the protocol with alternative puzzle schemes. We construct secure puzzles that address important and well-known challenges facing Bitcoin today, including wasted energy and dangerous coalitions. The blockchain functionality is a general-purpose model of a cryptocurrency rooted in the “Universal Composability” cryptography theory. We use this model to express a wide range of applications, including transparent “smart contracts” (like those featured in Bitcoin and Ethereum), and also privacy-preserving applications like sealed-bid auctions. We also construct a new protocol compiler, called Hawk, which translates user-provided specifications into privacy-preserving protocols based on zero-knowledge proofs.
Resumo:
This paper researches the information security value in e-entrepreneurship by revising the literature that establishes the entrepreneurial domain and by relating it with the development of technological resources that create value for the customer in an online business. It details multiple paradigms regarding consumer’s values of information security, while relating them with common practices and previous researches in technological entrepreneurship. This research presents and discusses the benefits of information security standards in e-entrepreneurship. It details and discusses the ISO 27001 and PCI-DSS information security standards that can be used to differentiate security initiatives to achieve competitive advantage, while preserving information leadership as a critical resource for online business success. Based on the literature review, a theoretical research model is presented and research hypotheses are discussed. This model believes that information security affects information leadership and that information leadership, as a unique resource in e-business, contributes to e-entrepreneurship success. The adoption of information security standards affects customer’s trust in e-business, which also benefits e-entrepreneurial strategy.
