Using data envelopment analysis to assess the efficiency of social security systems: the case of income protection in old age

As the number of pensioners in Europe rises relative to the number of people in employment, the gap between the contributions and the benefit levels increases, and consequently ensuring adequate pensions on a sustainable basis has become a major challenge. This study aims to explore the potential of using the Data Envelopment Analysis (DEA) technique in order to access the efficiency of the income protection in old age, one of the most important branches of Social Security. To this effect, we collected data from the 27 European Union Member States regarding this branch. Our results show important differences among the Member States and stress the importance of identifying best practices to achieve more adequate, sustainable and modernised pension systems. Our results also highlight the importance of using DEA as a decision support tool for policy makers.

Protecting children from sex offenders online: when strangers become 'virtual friends'

This article describes findings from research funded by the Metropolitan Police and Crimestoppers which aimed to explore children's online experiences. A non-random, stratified sample of 200 London school children aged 10- 13 participated in focus groups. Preliminary findings are also presented from unpublished ongoing PhD research, which seeks to explore sex offender behaviour online and the policing of the internet (Martellozzo, 2005 ongoing). The findings are discussed in the context of sex offender's use of the internet. This research indicates that children do have some basic knowledge about 'stranger danger' but are not necessarily applying these lessons to cyberspace. The children in this study had sufficient awareness to not give personal details to strangers on the internet, and would not arrange to meet them. However, they made a distinction between 'strangers' and 'virtual friends' and this is an important point. Preliminary findings also highlight the difficulty of policing the internet and serve to illustrate the manner in which the Sexual Offences Act 2003 is applied to internet sexual offending in practice.

What Attitude Changes Are Needed to Cause SMEs to Take a Strategic Approach to Information Security?

Spending on security in an SME usually has to compete with demands for hardware, infrastructure, and strategic applications. In this paper, the authors seek to explore the reasons why smaller SMEs in particular have consistently failed to see securing information as strategic year-on-year spending, and just regard as part of an overall tight IT budget. The authors scrutinise the typical SMEs reasoning for choosing to see non-spending on security as an acceptable strategic risk. They look particularly at possible reasons why SMEs tend not to take much notice of "scare stories" in the media based on research showing they are increasingly at risk, whilst larger businesses are taking greater precautions and become more difficult to penetrate. The results and their analysis provide useful pointers towards broader business environment changes that would cause SMEs to be more risk-averse and ethical in their approach to securing their own and their clients’ information.

Achieving human security through UN human rights law: prospects and challenges

This paper explores the prospects and challenges of achieving human security through United Nations (UN) human rights law. The paper does not aim to pronounce definitively on the achievement of human security by way of UN human rights law that is, to assess the achievement of human security per se 'as a future end state'. Rather the focus of the paper is firmly placed on the capacity of UN human rights law to achieve human security. The paper departs from the premise that if human rights define human security, international human rights law and UN human rights law in particular should have something to say about the achievement of human security.

Resource security impacts men’s female breast size preferences

It has been suggested human female breast size may act as signal of fat reserves, which in turn indicates access to resources. Based on this perspective, two studies were conducted to test the hypothesis that men experiencing relative resource insecurity should perceive larger breast size as more physically attractive than men experiencing resource security. In Study 1, 266 men from three sites in Malaysia varying in relative socioeconomic status (high to low) rated a series of animated figures varying in breast size for physical attractiveness. Results showed that men from the low socioeconomic context rated larger breasts as more attractive than did men from the medium socioeconomic context, who in turn perceived larger breasts as attractive than men from a high socioeconomic context. Study 2 compared the breast size judgements of 66 hungry versus 58 satiated men within the same environmental context in Britain. Results showed that hungry men rated larger breasts as significantly more attractive than satiated men. Taken together, these studies provide evidence that resource security impacts upon men’s attractiveness ratings based on women’s breast size.

Providing User Security Guarantees in Public Infrastructure Clouds

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants - insulated from the minutiae of hardware maintenance - rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Assessing the influence of the Responsibility to Protect on the UN Security Council during the Arab Spring

This article challenges those perspectives which assert first, that the Security Council’s engagement with the Responsibility to Protect (R2P) during the Arab Spring evidences a generally positive trend, and second, that the response to the Arab Spring, particularly Syria, highlights the need for veto restraint. With respect to the first point, the evidence presented in this article suggests that the manner in which R2P has been employed by the Security Council during this period evidences three key trends: first, a willingness to invoke R2P only in the context of Pillar I; second, a pronounced lack of consensus surrounding Pillar III; and third, the persistent prioritisation of national interests over humanitarian concerns. With respect to veto restraint, this article argues that there is no evidence that this idea will have any significant impact on decision-making at the Security Council; the Council’s response to the Arab Spring suggests that national interests continue to trump humanitarian need.

Biblioteca para a realização de security token services

A família de especificações WS-* define um modelo de segurança para web services, baseado nos conceitos de claim, security token e Security Token Service (STS). Neste modelo, a informação de segurança dos originadores de mensagens (identidade, privilégios, etc.) é representada através de conjuntos de claims, contidos dentro de security tokens. A emissão e obtenção destes security tokens, por parte dos originadores de mensagens, são realizadas através de protocolos legados ou através de serviços especiais, designados de Security Token Services, usando as operações e os protocolos definidos na especificação WS-Trust. O conceito de Security Token Service não é usado apenas no contexto dos web services. Propostas como o modelo dos Information Cards, aplicável no contexto de aplicações web, também utilizam este conceito. Os Security Token Services desempenham vários papéis, dependendo da informação presente no token emitido. São exemplos o papel de Identity Provider, quando os tokens emitidos contêm informação de identidade, ou o papel de Policy Decision Point, quando os tokens emitidos definem autorizações. Este documento descreve o projecto duma biblioteca software para a realização de Security Token Services, tal como definidos na norma WS-Trust, destinada à plataforma .NET 3.5. Propõem-se uma arquitectura flexível e extensível, de forma a suportar novas versões das normas e as diversas variantes que os Security Token Services possuem, nomeadamente: o tipo dos security token emitidos e das claims neles contidas, a inferência das claims e os métodos de autenticação das entidades requerentes. Apresentam-se aspectos de implementação desta arquitectura, nomeadamente a integração com a plataforma WCF, a sua extensibilidade e o suporte a modelos e sistemas externos à norma. Finalmente, descrevem-se as plataformas de teste implementadas para a validação da biblioteca realizada e os módulos de extensão da biblioteca para: suporte do modelo associado aos Information Cards, do modelo OpenID e para a integração com o Authorization Manager.

Coordination between mid-term maintenance outage decisions and short-term security-constrained scheduling in smart distribution systems

Distribution systems are the first volunteers experiencing the benefits of smart grids. The smart grid concept impacts the internal legislation and standards in grid-connected and isolated distribution systems. Demand side management, the main feature of smart grids, acquires clear meaning in low voltage distribution systems. In these networks, various coordination procedures are required between domestic, commercial and industrial consumers, producers and the system operator. Obviously, the technical basis for bidirectional communication is the prerequisite of developing such a coordination procedure. The main coordination is required when the operator tries to dispatch the producers according to their own preferences without neglecting its inherent responsibility. Maintenance decisions are first determined by generating companies, and then the operator has to check and probably modify them for final approval. In this paper the generation scheduling from the viewpoint of a distribution system operator (DSO) is formulated. The traditional task of the DSO is securing network reliability and quality. The effectiveness of the proposed method is assessed by applying it to a 6-bus and 9-bus distribution system.

Contexts-management strategy in considering the security in urban computing based on urban design

Urban Computing (UrC) provides users with the situation-proper information by considering context of users, devices, and social and physical environment in urban life. With social network services, UrC makes it possible for people with common interests to organize a virtual-society through exchange of context information among them. In these cases, people and personal devices are vulnerable to fake and misleading context information which is transferred from unauthorized and unauthenticated servers by attackers. So called smart devices which run automatically on some context events are more vulnerable if they are not prepared for attacks. In this paper, we illustrate some UrC service scenarios, and show important context information, possible threats, protection method, and secure context management for people.