719 resultados para Political marketing, perception of security, democratic security, Alvaro Uribe Velez.
Resumo:
Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.
Resumo:
Even though security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human machine interface. This paper reports on a diary study conducted in order to investigate what people identify as security decisions that they make while using the web. The study aimed to uncover how security is perceived in the individual's context of use. From this data, themes were drawn, with a focus on addressing security goals such as confidentiality and authentication. This study is the first study investigating users' web usage focusing on their self-documented perceptions of security and the security choices they made in their own environment.
Resumo:
Operators of busy contemporary airports have to balance tensions between the timely flow of passengers, flight operations, the conduct of commercial business activities and the effective application of security processes. In addition to specific onsite issues airport operators liaise with a range of organisations which set and enforce aviation-related policies and regulations as well as border security agencies responsible for customs, quarantine and immigration, in addition to first response security services. The challenging demands of coordinating and planning in such complex socio-technical contexts place considerable pressure on airport management to facilitate coordination of what are often conflicting goals and expectations among groups that have standing in respect to safe and secure air travel. What are, as yet, significantly unexplored issues in large airports are options for the optimal coordination of efforts from the range of public and private sector participants active in airport security and crisis management. A further aspect of this issue is how airport management systems operate when there is a transition from business-as-usual into an emergency/crisis situation and then, on recovery, back to ‘normal’ functioning. Business Continuity Planning (BCP), incorporating sub-plans for emergency response, continuation of output and recovery of degraded operating capacity, would fit such a context. The implementation of BCP practices in such a significant high security setting offers considerable potential benefit yet entails considerable challenges. This paper presents early results of a 4 year nationally funded industry-based research project examining the merger of Business Continuity Planning and Transport Security Planning as a means of generating capability for improved security and reliability and, ultimately, enhanced resilience in major airports. The project is part of a larger research program on the Design of Secure Airports that includes most of the gazetted ‘first response’ international airports in Australia, key Aviation industry groups and all aviation-related border and security regulators as collaborative partners. The paper examines a number of initial themes in the research, including: ? Approaches to integrating Business Continuity & Aviation Security Planning within airport operations; ? Assessment of gaps in management protocols and operational capacities for identifying and responding to crises within and across critical aviation infrastructure; ? Identification of convergent and divergent approaches to crisis management used across Austral-Asia and their alignment to planned and possible infrastructure evolution.
Resumo:
Existing secure software development principles tend to focus on coding vulnerabilities, such as buffer or integer overflows, that apply to individual program statements, or issues associated with the run-time environment, such as component isolation. Here we instead consider software security from the perspective of potential information flow through a program’s object-oriented module structure. In particular, we define a set of quantifiable "security metrics" which allow programmers to quickly and easily assess the overall security of a given source code program or object-oriented design. Although measuring quality attributes of object-oriented programs for properties such as maintainability and performance has been well-covered in the literature, metrics which measure the quality of information security have received little attention. Moreover, existing securityrelevant metrics assess a system either at a very high level, i.e., the whole system, or at a fine level of granularity, i.e., with respect to individual statements. These approaches make it hard and expensive to recognise a secure system from an early stage of development. Instead, our security metrics are based on well-established compositional properties of object-oriented programs (i.e., data encapsulation, cohesion, coupling, composition, extensibility, inheritance and design size), combined with data flow analysis principles that trace potential information flow between high- and low-security system variables. We first define a set of metrics to assess the security quality of a given object-oriented system based on its design artifacts, allowing defects to be detected at an early stage of development. We then extend these metrics to produce a second set applicable to object-oriented program source code. The resulting metrics make it easy to compare the relative security of functionallyequivalent system designs or source code programs so that, for instance, the security of two different revisions of the same system can be compared directly. This capability is further used to study the impact of specific refactoring rules on system security more generally, at both the design and code levels. By measuring the relative security of various programs refactored using different rules, we thus provide guidelines for the safe application of refactoring steps to security-critical programs. Finally, to make it easy and efficient to measure a system design or program’s security, we have also developed a stand-alone software tool which automatically analyses and measures the security of UML designs and Java program code. The tool’s capabilities are demonstrated by applying it to a number of security-critical system designs and Java programs. Notably, the validity of the metrics is demonstrated empirically through measurements that confirm our expectation that program security typically improves as bugs are fixed, but worsens as new functionality is added.
Resumo:
The emerging principle of a “responsibility to protect” (R2P) presents a direct challenge to China’s traditional emphasis on the twin principles of non-intervention in the domestic affairs of other states and non-use of military force. This paper considers the evolution of China’s relationship with R2P over the past ten years. In particular, it examines how China engaged with R2P during the recent Libyan crisis, and considers what impact this conflict may have first, on Chinese attitudes to R2P, and second, on the future development and implementation of the doctrine itself. This paper argues that China’s decision to allow the passage of Security Council resolution 1973, authorising force in Libya, was shaped by an unusual set of political and factual circumstances, and should not be viewed as evidence of a dramatic shift in Chinese attitudes towards R2P. More broadly, controversy over the scope of NATO’s military action in Libya has raised questions about R2P’s legitimacy, which have contributed to a lack of timely international action in Syria. In the short term at least, this post-Libya backlash against R2P is likely to constrain the Security Council’s ability to respond decisively to other civilian protection situations.
Resumo:
Purpose: The purpose of this study was to improve the retention of primary healthcare (PHC) nurses through exploring and assessing their quality of work life (QWL) and turnover intention. Design and methods: A cross-sectional survey design was used in this study. Data were collected using a questionnaire comprising four sections (Brooks’ survey of Quality of Nursing Work Life [QNWL], Anticipated Turnover Intention, open-ended questions and demographic characteristics). A convenience sample was recruited from 143 PHC centres in Jazan, Saudi Arabia. A response rate of 87% (n = 508/585) was achieved. The SPSS v17 for Windows and NVivo 8 were used for analysis purposes. Procedures and tests used in this study to analyse the quantitative data were descriptive statistics, t-test, ANOVA, General Linear Model (GLM) univariate analysis, standard multiple regression, and hierarchical multiple regression. Qualitative data obtained from responses to the open-ended questions were analysed using the NVivo 8. Findings: Quantitative findings suggested that PHC nurses were dissatisfied with their work life. Respondents’ scores ranged between 45 and 218 (mean = 139.45), which is lower than the average total score on Brooks’ Survey (147). Major influencing factors were classified under four dimensions. First, work life/home life factors: unsuitable working hours, lack of facilities for nurses, inability to balance work with family needs and inadequacy of vacations’ policy. Second, work design factors: high workload, insufficient workforce numbers, lack of autonomy and undertaking many non-nursing tasks. Third, work context factors: management practices, lack of development opportunities, and inappropriate working environment in terms of the level of security, patient care supplies and unavailability of recreation room. Finally, work world factors: negative public image of nursing, and inadequate payment. More positively, nurses were notably satisfied with their co-workers. Conversely, 40.4% (n = 205) of the respondents indicated that they intended to leave their current employment. The relationships between QWL and demographic variables of gender, age, marital status, dependent children, dependent adults, nationality, ethnicity, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to medium effect size of the variation in QWL scores. Using the GLM univariate analysis, education level was also significantly related to the QWL (p < .05). The relationships between turnover intention and demographic variables including gender, age, marital status, dependent children, education level, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to moderate effect size of the variation in the turnover intention scores. Using the GLM univariate analysis, the dependent adults’ variable was also significantly related to turnover intention (p < .05). Turnover intention was significantly related to QWL. Using standard multiple regression, 26% of the variance in turnover intention was explained by the QWL F (4,491), 43.71, p < .001, with R² = .263. Further analysis using hierarchical multiple regression found that the total variance explained by the model as a whole (demographics and QWL) was 32.1%, F (17.433) = 12.04, p < .001. QWL explained an additional 19% of the variance in turnover intention, after controlling for demographic variables, R squared change =.19, F change (4, 433) = 30.190, p < .001. The work context variable makes the strongest unique contribution (-.387) to explain the turnover intention, followed by the work design dimension (-.112). The qualitative findings reaffirmed the quantitative findings in terms of QWL and turnover intention. However, the home life/work life and work world dimensions were of great important to both QWL and turnover intention. The qualitative findings revealed a number of new factors that were not included in the survey questionnaire. These included being away from family, lack of family support, social and cultural aspects, accommodation facilities, transportation, building and infrastructure of PHC, nature of work, job instability, privacy at work, patients and community, and distance between home and workplace. Conclusion: Creating and maintaining a healthy work life for PHC nurses is very important to improve their work satisfaction, reduce turnover, enhance productivity and improve nursing care outcomes. Improving these factors could lead to a higher QWL and increase retention rates and therefore reinforcing the stabilisation of the nursing workforce. Significance of the research: Many countries are examining strategies to attract and retain the health care workforce, particularly nurses. This study identified factors that influence the QWL of PHC nurses as well as their turnover intention. It also determined the significant relationship between QWL and turnover intention. In addition, the present study tested Brooks’ survey of QNWL on PHC nurses for the first time. The qualitative findings of this study revealed a number of new variables regarding QWL and turnover intention of PHC nurses. These variables could be used to improve current survey instruments or to develop new research surveys. The study findings could be also used to develop and appropriately implement plans to improve QWL. This may help to enhance the home and work environments of PHC nurses, improve individual and organisational performance, and increase nurses’ commitment. This study contributes to the existing body of research knowledge by presenting new data and findings from a different country and healthcare system. It is the first of its kind in Saudi Arabia, especially in the field of PHC. It has examined the relationship between QWL and turnover intention of PHC nurses for the first time using nursing instruments. The study also offers a fresh explanation (new framework) of the relationship between QWL and turnover intention among PHC nurses, which could be used or tested by researchers in other settings. Implications for further research: Review of the extant literature reveals little in-depth research on the PHC workforce, especially in terms of QWL and organisational turnover in developing countries. Further research is required to develop a QWL tool for PHC nurses, taking into consideration the findings of the current study along with the local culture. Moreover, the revised theoretical framework of the current study could be tested in further research in other regions, countries or healthcare systems in order to identify its ability to predict the level of PHC nurses’ QWL and their intention to leave. There is a need to conduct longitudinal research on PHC organisations to gain an in-depth understanding of the determents of and changes in QWL and turnover intention of PHC nurses at various points of time. An intervention study is required to improve QWL and retention among PHC nurses using the findings of the current study. This would help to assess the impact of such strategies on reducing turnover of PHC nurses. Focusing on the location of the current study, it would be valuable to conduct another study in five years’ time to examine the percentage of actual turnover among PHC nurses compared with the reported turnover intention in the current study. Further in-depth research would also be useful to assess the impact of the local culture on the perception of expatriate nurses towards their QWL and their turnover intention. A comparative study is required between PHC centres and hospitals as well as the public and private health sector agencies in terms of QWL and turnover intention of nursing personnel. Findings may differ from sector to sector according to variations in health systems, working environments and the case mix of patients.
Resumo:
Collaborative methods are promising tools for solving complex security tasks. In this context, the authors present the security overlay framework CIMD (Collaborative Intrusion and Malware Detection), enabling participants to state objectives and interests for joint intrusion detection and find groups for the exchange of security-related data such as monitoring or detection results accordingly; to these groups the authors refer as detection groups. First, the authors present and discuss a tree-oriented taxonomy for the representation of nodes within the collaboration model. Second, they introduce and evaluate an algorithm for the formation of detection groups. After conducting a vulnerability analysis of the system, the authors demonstrate the validity of CIMD by examining two different scenarios inspired sociology where the collaboration is advantageous compared to the non-collaborative approach. They evaluate the benefit of CIMD by simulation in a novel packet-level simulation environment called NeSSi (Network Security Simulator) and give a probabilistic analysis for the scenarios.
Resumo:
Session Initiation Protocol (SIP) is developed to provide advanced voice services over IP networks. SIP unites telephony and data world, permitting telephone calls to be transmitted over Intranets and Internet. Increase in network performance and new mechanisms for guaranteed quality of service encourage this consolidation to provide toll cost savings. Security comes up as one of the most important issues when voice communication and critical voice applications are considered. Not only the security methods provided by traditional telephony systems, but also additional methods are required to overcome security risks introduced by the public IP networks. SIP considers security problems of such a consolidation and provides a security framework. There are several security methods defined within SIP specifications and extensions. But, suggested methods can not solve all the security problems of SIP systems with various system requirements. In this thesis, a Kerberos based solution is proposed for SIP security problems, including SIP authentication and privacy. The proposed solution tries to establish flexible and scalable SIP system that will provide desired level of security for voice communications and critical telephony applications.
Resumo:
Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.
Resumo:
Even though web security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human-machine interface. This paper examines findings from a qualitative study investigating the identification of security decisions used on the web. The study was designed to uncover how security is perceived in an individual user's context. Study participants were tertiary qualified individuals, with a focus on HCI designers, security professionals and the general population. The study identifies that security frameworks for the web are inadequate from an interaction perspective, with even tertiary qualified users having a poor or partial understanding of security, of which they themselves are acutely aware. The result is that individuals feel they must protect themselves on the web. The findings contribute a significant mapping of the ways in which individuals reason and act to protect themselves on the web. We use these findings to highlight the need to design for trust at three levels, and the need to ensure that HCI design does not impact on the users' main identified protection mechanism: separation.
Resumo:
The ‘war on terror’ and ongoing terrorist attacks around the world have generated a growing body of literature on national and international measures to counteract terrorist activity. This detailed study investigates an aspect of contemporary counter-terrorism that has been largely overlooked; the impact of these measures on the continued viability of the democratic state.
Resumo:
Since their introduction, the notions of indistinguishability and non-malleability have been changed and extended by different authors to support different goals. In this paper, we propose new flavors of these notions, investigate their relative strengths with respect to previous notions, and provide the full picture of relationships (i.e., implications and separations) among the security notions for public-key encryption schemes. We take into account the two general security goals of indistinguishability and non-malleability, each in the message space, key space, and hybrid message-key space to find six specific goals, a couple of them, namely complete indistinguishability and key non-malleability, are new. Then for each pair of goals, coming from the indistinguishability or non-malleability classes, we prove either an implication or a separation, completing the full picture of relationships among all these security notions. The implications and separations are respectively supported by formal proofs (i.e., reductions) in the concrete-security framework and by counterexamples.
Resumo:
Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient
Resumo:
As the end of the Cold War approached in 1989, Caroline Thomas argued: “It is important that the discipline [International Relations, IR] should address the issue of disease and more broadly, health, not simply to facilitate containment of disease transmission across international borders but also because central notions of justice, equity, efficiency and order are involved” (1989:273).1 Ten years later, Craig Murphy echoed these sentiments. Murphy (2001: 352) proposed that IR had yet to grapple with the political consequences of growing inequality between the world’s rich and poor, and areas such as health—where these inequalities were most stark—should become the field’s core business. How IR’s theories and methods would approach these issues was less clear. Bettcher and Yach (1998) cautioned that IR would be unable to develop progressive research projects that explored global health diplomacy as a global public good without adopting new perspectives and methods. Others warned that the expansion of security studies into areas such as global health would weaken the intellectual coherency of the field (Walt 1991:213). Taking its cue from the recent Ng and Prah Ruger (2011) study, this paper returns to these concerns to briefly explore key trends and potential future concerns of research in IR on health...
Resumo:
Cities in the 21st century have become layered and complex systems not only in terms of physical form, but also social and cultural structure. Consolidated tools to analyze the urban environment have today to be improved including a strong interdisciplinary perspective in order to understand and manage the unprecedented complexity our cities are facing. Redevelopments, new estates, internal and external migrations are all dynamics which are deeply modifying the built environment directly or indirectly also affecting local identity, culture and social structure. This paper investigates the relationship between urban form and social behaviors, with particular attention to the perception of the built environment and its use by long term residents, recent migrants as well as tourists. A comparative study is suggested between South East Queensland and Florida; this two regions share common features such as subtropical climate, similar lifestyle, leisure cities and canal estates. Neighborhoods on the Gold and Sunshine Coasts have been designed using the communities of Florida, such as Celebration or Seaside, as models. These regions share also significant migration processes, similar social problems and high crime rates, which directly affect the local economies. Comparing Florida and SEQ could provide an understanding of different strategies adopted and how urban development and lifestyle can be managed maintaining social equity and security. This study, investigates people’s perception of built form and how this affects the use of public space. The relationship between built environment and social behaviour has been previously investigated, for example by environmental psychology; the innovation proposed by this research is to study the perception of place in leisure cities at multiple levels. Locals, migrants and tourists have different understanding of the built form in the same location; this understanding affects the use of space and the attitude to visit or avoid some precincts. The research methodology integrates traditional morpho-typological investigations with qualitative methods; data are collected in the first phase through online surveys about perception of urban forms. Findings guide then the selection of neighbourhoods to be investigated in detail through questionnaires and Nolli maps, specifying morphological regions as well as recurrent building typologies. A final phase includes interviews with selected stakeholders. Major urban projects are discussed addressing how they are used and perceived by locals, migrants or tourists; the comparison between SEQ and Florida allows the identification of strategies to address migration issues in both regions with particular attention to urban form and placemaking dynamics.
