785 resultados para Governance of security
Resumo:
This research examines the process of placemaking in LeDroit Park, a residential Washington, DC, neighborhood with a historic district at its core. Unpacking the entwined physical and social evolution of the small community within the context of the Nation’s Capital, this analysis provides insight into the role of urban design and development as well as historic designation on shaping collective identity. Initially planned and designed in 1873 as a gated suburb just beyond the formal L’Enfant-designed city boundary, LeDroit Park was intended as a retreat for middle and upper-class European Americans from the growing density and social diversity of the city. With a mixture of large romantic revival mansions and smaller frame cottages set on grassy plots evocative of an idealized rural village, the physical design was intentionally inwardly-focused. This feeling of refuge was underscored with a physical fence that surrounded the development, intended to prevent African Americans from nearby Howard University and the surrounding neighborhood, from using the community’s private streets to access the City of Washington. Within two decades of its founding, LeDroit Park was incorporated into the District of Columbia, the surrounding fence was demolished, and the neighborhood was racially integrated. Due to increasingly stringent segregation laws and customs in the city, this period of integration lasted less than twenty years, and LeDroit Park developed into an elite African American enclave, using the urban design as a bulwark against the indignities of a segregated city. Throughout the 20th century housing infill and construction increased density, yet the neighborhood never lost the feeling of security derived from the neighborhood plan. Highlighting the architecture and street design, neighbors successfully received historic district designation in 1974 in order to halt campus expansion. After a stalemate that lasted two decades, the neighborhood began another period of transformation, both racial and socio-economic, catalyzed by a multi-pronged investment program led by Howard University. Through interviews with long-term and new community members, this investigation asserts that the 140-year development history, including recent physical interventions, is integral to placemaking, shaping the material character as well as the social identity of residents.
Resumo:
The speed with which data has moved from being scarce, expensive and valuable, thus justifying detailed and careful verification and analysis to a situation where the streams of detailed data are almost too large to handle has caused a series of shifts to occur. Legal systems already have severe problems keeping up with, or even in touch with, the rate at which unexpected outcomes flow from information technology. The capacity to harness massive quantities of existing data has driven Big Data applications until recently. Now the data flows in real time are rising swiftly, become more invasive and offer monitoring potential that is eagerly sought by commerce and government alike. The ambiguities as to who own this often quite remarkably intrusive personal data need to be resolved – and rapidly - but are likely to encounter rising resistance from industrial and commercial bodies who see this data flow as ‘theirs’. There have been many changes in ICT that has led to stresses in the resolution of the conflicts between IP exploiters and their customers, but this one is of a different scale due to the wide potential for individual customisation of pricing, identification and the rising commercial value of integrated streams of diverse personal data. A new reconciliation between the parties involved is needed. New business models, and a shift in the current confusions over who owns what data into alignments that are in better accord with the community expectations. After all they are the customers, and the emergence of information monopolies needs to be balanced by appropriate consumer/subject rights. This will be a difficult discussion, but one that is needed to realise the great benefits to all that are clearly available if these issues can be positively resolved. The customers need to make these data flow contestable in some form. These Big data flows are only going to grow and become ever more instructive. A better balance is necessary, For the first time these changes are directly affecting governance of democracies, as the very effective micro targeting tools deployed in recent elections have shown. Yet the data gathered is not available to the subjects. This is not a survivable social model. The Private Data Commons needs our help. Businesses and governments exploit big data without regard for issues of legality, data quality, disparate data meanings, and process quality. This often results in poor decisions, with individuals bearing the greatest risk. The threats harbored by big data extend far beyond the individual, however, and call for new legal structures, business processes, and concepts such as a Private Data Commons. This Web extra is the audio part of a video in which author Marcus Wigan expands on his article "Big Data's Big Unintended Consequences" and discusses how businesses and governments exploit big data without regard for issues of legality, data quality, disparate data meanings, and process quality. This often results in poor decisions, with individuals bearing the greatest risk. The threats harbored by big data extend far beyond the individual, however, and call for new legal structures, business processes, and concepts such as a Private Data Commons.
Resumo:
This study examines the organizational structures and decision-making processes used by school districts to recruit and hire school librarians. For students to acquire the information and technology literacy education they need, school libraries must be staffed with qualified individuals who can fulfill the librarian’s role as leader, teacher, instructional partner, information specialist, and program administrator. Principals are typically given decision rights for hiring staff, including school librarians. Research shows that principals have limited knowledge of the skills and abilities of the school librarian or the specific needs and functions of the library program. Research also indicates that those with specific knowledge of school library programs, namely school district library supervisors, are only consulted on recruiting and hiring about half the time. School districts entrust library supervisors with responsibilities such as professional development of school librarians only after they are hired. This study uses a theoretical lens from research on IT governance, which focuses on the use of knowledge-fit in applying decision rights in an organization. This framework is appropriate because of its incorporation of a specialist with a specific knowledge set in determining the placement of input and decision rights in the decision-making processes. The method used in this research was a multiple-case study design using five school districts as cases, varying by the involvement of the supervisors and other individuals in the hiring process. The data collected from each school district were interviews about the district’s recruiting and hiring practices with principals, an individual in HR, library supervisors, and recently hired school librarians. Data analysis was conducted through iterative coding from themes in the research questions, with continuous adjustments as new themes developed. Results from the study indicate that governance framework is applicable to evaluating the decision-making processes used in recruiting and hiring school librarians. However, a district’s use of governance did not consistently use knowledge-fit in the determination of input and decision rights. In the hiring process, governance was more likely to be based on placing decision rights at a certain level of the district hierarchy rather than the location of specific knowledge, most often resulting in site-based governance for decision rights at the school-building level. The governance of the recruiting process was most affected by the shortage or surplus of candidates available to the district to fill positions. Districts struggling with a shortage of candidates typically placed governance for the decision-making process on recruiting at the district level, giving the library supervisor more opportunity for input and collaboration with human resources. In districts that use site-based governance and that place all input and decision rights at the building level, some principals use their autonomy to eliminate the school library position in the allotment phase or hire librarians that, while certified through testing, do not have the same level of expertise as those who achieve certification through LIS programs. The principals in districts who use site-based governance for decision rights but call on the library supervisor for advisement stated how valuable they found the supervisor’s expertise in evaluating candidates for hire. In no district was a principal or school required to involve the library supervisor in the hiring of school librarians. With a better understanding of the tasks involved, the effect of district governance on decision-making, and the use of knowledge to assign input and decision rights, it is possible to look at how all of these factors affect the outcome in the quality of the hire. A next step is to look at the hiring process that school librarians went through and connect those with the measurable outcomes of hiring: school librarian success, retention, and attrition; the quality of school library program services, outreach, and involvement in a school; and the perceptions of the success of the school librarian and the library program as seen from students, teachers, administrators, parents, and other community stakeholders.
Resumo:
The traditional process of filling the medicine trays and dispensing the medicines to the patients in the hospitals is manually done by reading the printed paper medicinechart. This process can be very strenuous and error-prone, given the number of sub-tasksinvolved in the entire workflow and the dynamic nature of the work environment.Therefore, efforts are being made to digitalise the medication dispensation process byintroducing a mobile application called Smart Dosing application. The introduction ofthe Smart Dosing application into hospital workflow raises security concerns and callsfor security requirement analysis. This thesis is written as a part of the smart medication management project at EmbeddedSystems Laboratory, A˚bo Akademi University. The project aims at digitising the medicine dispensation process by integrating information from various health systems, and making them available through the Smart Dosing application. This application is intended to be used on a tablet computer which will be incorporated on the medicine tray. The smart medication management system include the medicine tray, the tablet device, and the medicine cups with the cup holders. Introducing the Smart Dosing application should not interfere with the existing process carried out by the nurses, and it should result in minimum modifications to the tray design and the workflow. The re-designing of the tray would include integrating the device running the application into the tray in a manner that the users find it convenient and make less errors while using it. The main objective of this thesis is to enhance the security of the hospital medicine dispensation process by ensuring the security of the Smart Dosing application at various levels. The methods used for writing this thesis was to analyse how the tray design, and the application user interface design can help prevent errors and what secure technology choices have to be made before starting the development of the next prototype of the Smart Dosing application. The thesis first understands the context of the use of the application, the end-users and their needs, and the errors made in everyday medication dispensation workflow by continuous discussions with the nursing researchers. The thesis then gains insight to the vulnerabilities, threats and risks of using mobile application in hospital medication dispensation process. The resulting list of security requirements was made by analysing the previously built prototype of the Smart Dosing application, continuous interactive discussions with the nursing researchers, and an exhaustive state-of-the-art study on security risks of using mobile applications in hospital context. The thesis also uses Octave Allegro method to make the readers understand the likelihood and impact of threats, and what steps should be taken to prevent or fix them. The security requirements obtained, as a result, are a starting point for the developers of the next iteration of the prototype for the Smart Dosing application.
Resumo:
Secure computation involves multiple parties computing a common function while keeping their inputs private, and is a growing field of cryptography due to its potential for maintaining privacy guarantees in real-world applications. However, current secure computation protocols are not yet efficient enough to be used in practice. We argue that this is due to much of the research effort being focused on generality rather than specificity. Namely, current research tends to focus on constructing and improving protocols for the strongest notions of security or for an arbitrary number of parties. However, in real-world deployments, these security notions are often too strong, or the number of parties running a protocol would be smaller. In this thesis we make several steps towards bridging the efficiency gap of secure computation by focusing on constructing efficient protocols for specific real-world settings and security models. In particular, we make the following four contributions: - We show an efficient (when amortized over multiple runs) maliciously secure two-party secure computation (2PC) protocol in the multiple-execution setting, where the same function is computed multiple times by the same pair of parties. - We improve the efficiency of 2PC protocols in the publicly verifiable covert security model, where a party can cheat with some probability but if it gets caught then the honest party obtains a certificate proving that the given party cheated. - We show how to optimize existing 2PC protocols when the function to be computed includes predicate checks on its inputs. - We demonstrate an efficient maliciously secure protocol in the three-party setting.
Resumo:
Part 19: Knowledge Management in Networks
Resumo:
Whale-watching is one of the fastest growing tourism industries worldwide, often viewed as a sustainable, non-consumptive strategy for the benefits of cetacean conservation and the coastal communities, alternative to and incompatible with whaling. Yet, there is paucity of research on how things actually work out at the community-level. Drawing on the research literature and my own ethnographic fieldwork, this article bridges a knowledge gap in this field while examining an Azorean context where tourism has brought a re-commodification of the whale for the community (observing wildlife as opposed to harpooning it) in the last 20 years. The analysis is focused on four main community-level implications: governance of common maritime resources, and tourism's contribution to economic sustainability, cultural identity and social relations. It is shown that whale-watching, as any other form of community-based ecotourism, is not a panacea that always promotes biodiversity conservation and economic and sociocultural sustainability for the host communities. Moreover, expanding on the theorisation of emerging institutional fields by Lawrence and Phillips, the political, historical, economic and sociocultural context of the community involved is a key factor for understanding local agency and the local specific features of new fields.
Resumo:
Tese (doutorado)—Universidade de Brasília, Centro de Desenvolvimento Sustentável, 2015.
Resumo:
The recent development of the concept of microgrid (μGrid), associated to the emergent interest in microgeneration (μGen), has raised a number of challenges regarding the evaluation of the technical, economical and regulatory impacts of a high penetration of this kind of solutions in the power systems. In this paper, the topic of security of supply is addressed, aiming at evaluating the influence of μGen and μGrids in the medium- and long-term availability of generation to serve the forecasted load. A Monte-Carlo based methodology is used to evaluate this influence and to assess the capacity credit of those entities.
Resumo:
El creciente interés de China por África ha modificado y estructurado una nueva política exterior, en donde el fortalecimiento de las relaciones políticas y económicas se ve ligado al uso de la diplomacia cultural como una herramienta de atracción. Teniendo en cuenta lo anterior, la presente investigación tiene por objetivo principal indagar cómo China construye una identidad a través de su diplomacia cultural en Angola, demostrando así, que este país utiliza sus costumbres, principios y normas para establecer una identidad de rol en la que se asume como una potencia que debe cooperar. No obstante, sus intereses van más allá de la cooperación al profundizar en relaciones de confianza que lo beneficien política y económicamente. Haciendo un uso del concepto de Imperialismo, la investigación mostrará las limitaciones y los vacíos de la noción de identidad para explicar acciones chinas en Angola, mostrando cómo se hacen uso de herramientas imperialistas para un beneficio propio.
Resumo:
Palaces, as an architectural typology, can be found in recreation Quintas that surrounded the main cities in Portugal, which preserved its rural character since the 16th century until the middle of the 19th century. Consisting of cultivated land and farm buildings, the palace of the Quinta was the owner´s temporary residence, for summer holidays and festive events, with gardens, pavilions, fountains and lakes for recreational purposes and leisure. The focus on palaces, as a historic building and as in need of new uses, clearly shows how current the debate on contemporary interventions in this heritage typology is. Interventions in architectural heritage require multidisciplinary teams to identify conservation strategies which enable a qualified use of its spaces, such as for example the experience of security and well-being, which can contribute to a better quality of life and simultaneously to the quality of the urban environment. This paper presents the Palace of Quinta Alegre and its rehabilitation project for contemporary use and public esteem, both of which are considered fundamental prerequisites for its sustainable maintenance in space, in time and in memory. [versão Portuguesa] Sob a denominação de tipologia arquitectónica, o edifício Palácio pode ser encontrado nas Quintas de Recreio que rodeavam as principais cidades Portuguesas, tendo preservado o seu carácter rural, desde o século XVI até metade do século XIX. Consistindo as Quintas em terra cultivada e edifícios rurais, o Palácio da Quinta consistia na residência temporária do proprietário, para férias de verão e eventos comemorativos, dispondo de jardins, pavilhões, fontes e lagos para recreação e lazer. O tema dos Palácios, entendido como edifício histórico que procura novos usos, demonstra como é actual o debate sobre intervenções contemporâneas nesta tipologia de valor patrimonial. A intervenção em património arquitectónico requer a definição de estratégias de conservação por equipas multidisciplinares que permitam estabelecer um uso qualificado dos seus espaços, proporcionando experiências sensoriais de bem-estar e segurança, contribuindo para uma melhor qualidade de vida e, simultaneamente, para a qualidade do ambiente urbano em que se insere. Este artigo tem por objectivo apresentar o Palácio da Quinta Alegre e o projecto de reabilitação, devolvendo-o a um uso contemporâneo e à estima pública, factores fundamentais para a sua manutenção sustentável no espaço, no tempo e na memória.
Resumo:
We propose two public-key schemes to achieve “deniable authentication” for the Internet Key Exchange (IKE). Our protocols can be implemented using different concrete mechanisms and we discuss different options; in particular we suggest solutions based on elliptic curve pairings. The protocol designs use the modular construction method of Canetti and Krawczyk which provides the basis for a proof of security. Our schemes can, in some situations, be more efficient than existing IKE protocols as well as having stronger deniability properties.
Resumo:
A key exchange protocol allows a set of parties to agree upon a secret session key over a public network. Two-party key exchange (2PKE) protocols have been rigorously analyzed under various models considering different adversarial actions. However, the analysis of group key exchange (GKE) protocols has not been as extensive as that of 2PKE protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for the case of GKE protocols. We first model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure even against outsider KCI attacks. The attacks on these protocols demonstrate the necessity of considering KCI resilience for GKE protocols. Finally, we give a new proof of security for an existing GKE protocol under the revised model assuming random oracles.
Resumo:
The security of strong designated verifier (SDV) signature schemes has thus far been analyzed only in a two-user setting. We observe that security in a two-user setting does not necessarily imply the same in a multi-user setting for SDV signatures. Moreover, we show that existing security notions do not adequately model the security of SDV signatures even in a two-user setting. We then propose revised notions of security in a multi-user setting and show that no existing scheme satisfies these notions. A new SDV signature scheme is then presented and proven secure under the revised notions in the standard model. For the purpose of constructing the SDV signature scheme, we propose a one-pass key establishment protocol in the standard model, which is of independent interest in itself.
Resumo:
The construction industry is categorised as being an information-intensive industry and described as one of the most important industries in any developed country, facing a period of rapid and unparalleled change (Industry Science Resources 1999) (Love P.E.D., Tucker S.N. et al. 1996). Project communications are becoming increasingly complex, with a growing need and fundamental drive to collaborate electronically at project level and beyond (Olesen K. and Myers M.D. 1999; Thorpe T. and Mead S. 2001; CITE 2003). Yet, the industry is also identified as having a considerable lack of knowledge and awareness about innovative information and communication technology (ICT) and web-based communication processes, systems and solutions which may prove beneficial in the procurement, delivery and life cycle of projects (NSW Government 1998; Kajewski S. and Weippert A. 2000). The Internet has debatably revolutionised the way in which information is stored, exchanged and viewed, opening new avenues for business, which only a decade ago were deemed almost inconceivable (DCITA 1998; IIB 2002). In an attempt to put these ‘new avenues of business’ into perspective, this report provides an overall ‘snapshot’ of current public and private construction industry sector opportunities and practices in the implementation and application of web-based ICT tools, systems and processes (e-Uptake). Research found that even with a reserved uptake, the construction industry and its participating organisations are making concerted efforts (fortunately with positive results) in taking up innovative forms of doing business via the internet, including e-Tendering (making it possible to manage the entire tender letting process electronically and online) (Anumba C.J. and Ruikar K. 2002; ITCBP 2003). Furthermore, Government (often a key client within the construction industry),and with its increased tendency to transact its business electronically, undoubtedly has an effect on how various private industry consultants, contractors, suppliers, etc. do business (Murray M. 2003) – by offering a wide range of (current and anticipated) e-facilities / services, including e-Tendering (Ecommerce 2002). Overall, doing business electronically is found to have a profound impact on the way today’s construction businesses operate - streamlining existing processes, with the growth in innovative tools, such as e-Tender, offering the construction industry new responsibilities and opportunities for all parties involved (ITCBP 2003). It is therefore important that these opportunities should be accessible to as many construction industry businesses as possible (The Construction Confederation 2001). Historically, there is a considerable exchange of information between various parties during a tendering process, where accuracy and efficiency of documentation is critical. Traditionally this process is either paper-based (involving large volumes of supporting tender documentation), or via a number of stand-alone, non-compatible computer systems, usually costly to both the client and contractor. As such, having a standard electronic exchange format that allows all parties involved in an electronic tender process to access one system only via the Internet, saves both time and money, eliminates transcription errors and increases speed of bid analysis (The Construction Confederation 2001). Supporting this research project’s aims and objectives, researchers set to determine today’s construction industry ‘current state-of-play’ in relation to e-Tendering opportunities. The report also provides brief introductions to several Australian and International e-Tender systems identified during this investigation. e-Tendering, in its simplest form, is described as the electronic publishing, communicating, accessing, receiving and submitting of all tender related information and documentation via the internet, thereby replacing the traditional paper-based tender processes, and achieving a more efficient and effective business process for all parties involved (NT Governement 2000; NT Government 2000; NSW Department of Commerce 2003; NSW Government 2003). Although most of the e-Tender websites investigated at the time, maintain their tendering processes and capabilities are ‘electronic’, research shows these ‘eTendering’ systems vary from being reasonably advanced to more ‘basic’ electronic tender notification and archiving services for various industry sectors. Research also indicates an e-Tender system should have a number of basic features and capabilities, including: • All tender documentation to be distributed via a secure web-based tender system – thereby avoiding the need for collating paperwork and couriers. • The client/purchaser should be able to upload a notice and/or invitation to tender onto the system. • Notification is sent out electronically (usually via email) for suppliers to download the information and return their responses electronically (online). • During the tender period, updates and queries are exchanged through the same e-Tender system. • The client/purchaser should only be able to access the tenders after the deadline has passed. • All tender related information is held in a central database, which should be easily searchable and fully audited, with all activities recorded. • It is essential that tender documents are not read or submitted by unauthorised parties. • Users of the e-Tender system are to be properly identified and registered via controlled access. In simple terms, security has to be as good as if not better than a manual tender process. Data is to be encrypted and users authenticated by means such as digital signatures, electronic certificates or smartcards. • All parties must be assured that no 'undetected' alterations can be made to any tender. • The tenderer should be able to amend the bid right up to the deadline – whilst the client/purchaser cannot obtain access until the submission deadline has passed. • The e-Tender system may also include features such as a database of service providers with spreadsheet-based pricing schedules, which can make it easier for a potential tenderer to electronically prepare and analyse a tender. Research indicates the efficiency of an e-Tender process is well supported internationally, with a significant number, yet similar, e-Tender benefits identified during this investigation. Both construction industry and Government participants generally agree that the implementation of an automated e-Tendering process or system enhances the overall quality, timeliness and cost-effectiveness of a tender process, and provides a more streamlined method of receiving, managing, and submitting tender documents than the traditional paper-based process. On the other hand, whilst there are undoubtedly many more barriers challenging the successful implementation and adoption of an e-Tendering system or process, researchers have also identified a range of challenges and perceptions that seem to hinder the uptake of this innovative approach to tendering electronically. A central concern seems to be that of security - when industry organisations have to use the Internet for electronic information transfer. As a result, when it comes to e-Tendering, industry participants insist these innovative tendering systems are developed to ensure the utmost security and integrity. Finally, if Australian organisations continue to explore the competitive ‘dynamics’ of the construction industry, without realising the current and future, trends and benefits of adopting innovative processes, such as e-Tendering, it will limit their globalising opportunities to expand into overseas markets and allow the continuation of international firms successfully entering local markets. As such, researchers believe increased knowledge, awareness and successful implementation of innovative systems and processes raises great expectations regarding their contribution towards ‘stimulating’ the globalisation of electronic procurement activities, and improving overall business and project performances throughout the construction industry sectors and overall marketplace (NSW Government 2002; Harty C. 2003; Murray M. 2003; Pietroforte R. 2003). Achieving the successful integration of an innovative e-Tender solution with an existing / traditional process can be a complex, and if not done correctly, could lead to failure (Bourn J. 2002).
