821 resultados para security policy model
Resumo:
A basic tenet of ecological economics is that economic growth and development are ultimately constrained by environmental carrying capacities. It is from this basis that notions of a sustainable economy and of sustainable economic development emerge to undergird the “standard model” of ecological economics. However, the belief in “hard” environmental constraints may be obscuring the important role of the entrepreneur in the co-evolution of economic and environmental relations, and hence limiting or distorting the analytic focus of ecological economics and the range of policy options that are considered for sustainable economic development. This paper outlines a co-evolutionary model of the dynamics of economic and ecological systems as connected by entrepreneurial behaviour. We then discuss some of the key analytic and policy implications.
Resumo:
Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender’s strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker’s incentives and knowledge.
Resumo:
In dynamic and uncertain environments such as healthcare, where the needs of security and information availability are difficult to balance, an access control approach based on a static policy will be suboptimal regardless of how comprehensive it is. The uncertainty stems from the unpredictability of users’ operational needs as well as their private incentives to misuse permissions. In Role Based Access Control (RBAC), a user’s legitimate access request may be denied because its need has not been anticipated by the security administrator. Alternatively, even when the policy is correctly specified an authorised user may accidentally or intentionally misuse the granted permission. This paper introduces a novel approach to access control under uncertainty and presents it in the context of RBAC. By taking insights from the field of economics, in particular the insurance literature, we propose a formal model where the value of resources are explicitly defined and an RBAC policy (entailing those predictable access needs) is only used as a reference point to determine the price each user has to pay for access, as opposed to representing hard and fast rules that are always rigidly applied.
Resumo:
This paper presents a key based generic model for digital image watermarking. The model aims at addressing an identified gap in the literature by providing a basis for assessing different watermarking requirements in various digital image applications. We start with a formulation of a basic watermarking system, and define system inputs and outputs. We then proceed to incorporate the use of keys in the design of various system components. Using the model, we also define a few fundamental design and evaluation parameters. To demonstrate the significance of the proposed model, we provide an example of how it can be applied to formally define common attacks.
Resumo:
This article presents a novel approach to confidentiality violation detection based on taint marking. Information flows are dynamically tracked between applications and objects of the operating system such as files, processes and sockets. A confidentiality policy is defined by labelling sensitive information and defining which information may leave the local system through network exchanges. Furthermore, per application profiles can be defined to restrict the sets of information each application may access and/or send through the network. In previous works, we focused on the use of mandatory access control mechanisms for information flow tracking. In this current work, we have extended the previous information flow model to track network exchanges, and we are able to define a policy attached to network sockets. We show an example application of this extension in the context of a compromised web browser: our implementation detects a confidentiality violation when the browser attempts to leak private information to a remote host over the network.
Resumo:
The Malaysian National Innovation Model blueprint states that there is an urgent need to pursue an innovation-oriented economy to improve the nation’s capacity for knowledge, creativity and innovation. In nurturing a pervasive innovation culture, the Malaysian government has declared the year 2010 as an Innovative Year whereby creativity among its population is highly celebrated. However, while Malaysian citizens are encouraged to be creative and innovative, scientific data and information generated from publicly funded research in Malaysia is locked up because of rigid intellectual property licensing regimes and traditional publishing models. Reflecting on these circumstances, this paper looks at, and argue why, scientific data and information should be made available, accessible and re-useable freely to promote the grassroots level of innovation in Malaysia. Using innovation theory as its platform of argument, this paper calls for an open access policy for publicly funded research output to be adopted and implemented in Malaysia. Simultaneously, a normative analytic approach is used to determine the types of open access policy that ought to be adopted to spur greater innovation among Malaysians.
Resumo:
Video surveillance systems using Closed Circuit Television (CCTV) cameras, is one of the fastest growing areas in the field of security technologies. However, the existing video surveillance systems are still not at a stage where they can be used for crime prevention. The systems rely heavily on human observers and are therefore limited by factors such as fatigue and monitoring capabilities over long periods of time. This work attempts to address these problems by proposing an automatic suspicious behaviour detection which utilises contextual information. The utilisation of contextual information is done via three main components: a context space model, a data stream clustering algorithm, and an inference algorithm. The utilisation of contextual information is still limited in the domain of suspicious behaviour detection. Furthermore, it is nearly impossible to correctly understand human behaviour without considering the context where it is observed. This work presents experiments using video feeds taken from CAVIAR dataset and a camera mounted on one of the buildings Z-Block) at the Queensland University of Technology, Australia. From these experiments, it is shown that by exploiting contextual information, the proposed system is able to make more accurate detections, especially of those behaviours which are only suspicious in some contexts while being normal in the others. Moreover, this information gives critical feedback to the system designers to refine the system.
Resumo:
With the rise in attacks and attempted attacks on marine‐based critical infrastructure, maritime security is an issue of increasing importance worldwide. However, there are three significant shortfalls in the efforts to overcome potential threats to maritime security: the need for greater understanding of whether current standards of best practice are truly successful in combating and reducing the risks of terrorism and other security issues, the absence of a collective maritime security best practice framework and the need for improved access to maritime security specific graduate and postgraduate (long) courses. This paper presents an overview of existing international, regional national standards of best practice and shows that literature concerning the measurement and/ or success of standards is virtually non‐existent. In addition, despite the importance of maritime workers to ensuring the safety of marine based critical infrastructure, a similar review of available Australian education courses shows a considerable lack of availability of maritime security‐specific courses other than short courses that cover only basic security matters. We argue that the absence of an Australian best practice framework informed by evaluation of current policy responses – particularly in the post 9/11 environment – leaves Australia vulnerable to maritime security threats. As this paper shows, the reality is that despite the security measures put in place post 9/11, there is still considerable work to be done to ensure Australia is equipped to overcome the threats posed to maritime security.
Resumo:
Power system dynamic analysis and security assessment are becoming more significant today due to increases in size and complexity from restructuring, emerging new uncertainties, integration of renewable energy sources, distributed generation, and micro grids. Precise modelling of all contributed elements/devices, understanding interactions in detail, and observing hidden dynamics using existing analysis tools/theorems are difficult, and even impossible. In this chapter, the power system is considered as a continuum and the propagated electomechanical waves initiated by faults and other random events are studied to provide a new scheme for stability investigation of a large dimensional system. For this purpose, the measured electrical indices (such as rotor angle and bus voltage) following a fault in different points among the network are used, and the behaviour of the propagated waves through the lines, nodes, and buses is analyzed. The impact of weak transmission links on a progressive electromechanical wave using energy function concept is addressed. It is also emphasized that determining severity of a disturbance/contingency accurately, without considering the related electromechanical waves, hidden dynamics, and their properties is not secure enough. Considering these phenomena takes heavy and time consuming calculation, which is not suitable for online stability assessment problems. However, using a continuum model for a power system reduces the burden of complex calculations
Resumo:
ICT is becoming a prominent part of healthcare delivery but brings with it information privacy concerns for patients and competing concerns by the caregivers. A proper balance between these issues must be established in order to fully utilise ICT capabilities in healthcare. Information accountability is a fairly new concept to computer science which focuses on fair use of information. In this paper we investigate the different issues that need to be addressed when applying information accountability principles to manage healthcare information. We briefly introduce an information accountability framework for handling electronic health records (eHR). We focus more on digital rights management by considering data in eHRs as digital assets and how we can represent privacy policies and data usage policies as these are key factors in accountability systems.
Resumo:
Purpose: The purpose of this study was to improve the retention of primary healthcare (PHC) nurses through exploring and assessing their quality of work life (QWL) and turnover intention. Design and methods: A cross-sectional survey design was used in this study. Data were collected using a questionnaire comprising four sections (Brooks’ survey of Quality of Nursing Work Life [QNWL], Anticipated Turnover Intention, open-ended questions and demographic characteristics). A convenience sample was recruited from 143 PHC centres in Jazan, Saudi Arabia. A response rate of 87% (n = 508/585) was achieved. The SPSS v17 for Windows and NVivo 8 were used for analysis purposes. Procedures and tests used in this study to analyse the quantitative data were descriptive statistics, t-test, ANOVA, General Linear Model (GLM) univariate analysis, standard multiple regression, and hierarchical multiple regression. Qualitative data obtained from responses to the open-ended questions were analysed using the NVivo 8. Findings: Quantitative findings suggested that PHC nurses were dissatisfied with their work life. Respondents’ scores ranged between 45 and 218 (mean = 139.45), which is lower than the average total score on Brooks’ Survey (147). Major influencing factors were classified under four dimensions. First, work life/home life factors: unsuitable working hours, lack of facilities for nurses, inability to balance work with family needs and inadequacy of vacations’ policy. Second, work design factors: high workload, insufficient workforce numbers, lack of autonomy and undertaking many non-nursing tasks. Third, work context factors: management practices, lack of development opportunities, and inappropriate working environment in terms of the level of security, patient care supplies and unavailability of recreation room. Finally, work world factors: negative public image of nursing, and inadequate payment. More positively, nurses were notably satisfied with their co-workers. Conversely, 40.4% (n = 205) of the respondents indicated that they intended to leave their current employment. The relationships between QWL and demographic variables of gender, age, marital status, dependent children, dependent adults, nationality, ethnicity, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to medium effect size of the variation in QWL scores. Using the GLM univariate analysis, education level was also significantly related to the QWL (p < .05). The relationships between turnover intention and demographic variables including gender, age, marital status, dependent children, education level, nursing tenure, organisational tenure, positional tenure, and payment per month were significant (p < .05). The eta squared test for these demographics indicates a small to moderate effect size of the variation in the turnover intention scores. Using the GLM univariate analysis, the dependent adults’ variable was also significantly related to turnover intention (p < .05). Turnover intention was significantly related to QWL. Using standard multiple regression, 26% of the variance in turnover intention was explained by the QWL F (4,491), 43.71, p < .001, with R² = .263. Further analysis using hierarchical multiple regression found that the total variance explained by the model as a whole (demographics and QWL) was 32.1%, F (17.433) = 12.04, p < .001. QWL explained an additional 19% of the variance in turnover intention, after controlling for demographic variables, R squared change =.19, F change (4, 433) = 30.190, p < .001. The work context variable makes the strongest unique contribution (-.387) to explain the turnover intention, followed by the work design dimension (-.112). The qualitative findings reaffirmed the quantitative findings in terms of QWL and turnover intention. However, the home life/work life and work world dimensions were of great important to both QWL and turnover intention. The qualitative findings revealed a number of new factors that were not included in the survey questionnaire. These included being away from family, lack of family support, social and cultural aspects, accommodation facilities, transportation, building and infrastructure of PHC, nature of work, job instability, privacy at work, patients and community, and distance between home and workplace. Conclusion: Creating and maintaining a healthy work life for PHC nurses is very important to improve their work satisfaction, reduce turnover, enhance productivity and improve nursing care outcomes. Improving these factors could lead to a higher QWL and increase retention rates and therefore reinforcing the stabilisation of the nursing workforce. Significance of the research: Many countries are examining strategies to attract and retain the health care workforce, particularly nurses. This study identified factors that influence the QWL of PHC nurses as well as their turnover intention. It also determined the significant relationship between QWL and turnover intention. In addition, the present study tested Brooks’ survey of QNWL on PHC nurses for the first time. The qualitative findings of this study revealed a number of new variables regarding QWL and turnover intention of PHC nurses. These variables could be used to improve current survey instruments or to develop new research surveys. The study findings could be also used to develop and appropriately implement plans to improve QWL. This may help to enhance the home and work environments of PHC nurses, improve individual and organisational performance, and increase nurses’ commitment. This study contributes to the existing body of research knowledge by presenting new data and findings from a different country and healthcare system. It is the first of its kind in Saudi Arabia, especially in the field of PHC. It has examined the relationship between QWL and turnover intention of PHC nurses for the first time using nursing instruments. The study also offers a fresh explanation (new framework) of the relationship between QWL and turnover intention among PHC nurses, which could be used or tested by researchers in other settings. Implications for further research: Review of the extant literature reveals little in-depth research on the PHC workforce, especially in terms of QWL and organisational turnover in developing countries. Further research is required to develop a QWL tool for PHC nurses, taking into consideration the findings of the current study along with the local culture. Moreover, the revised theoretical framework of the current study could be tested in further research in other regions, countries or healthcare systems in order to identify its ability to predict the level of PHC nurses’ QWL and their intention to leave. There is a need to conduct longitudinal research on PHC organisations to gain an in-depth understanding of the determents of and changes in QWL and turnover intention of PHC nurses at various points of time. An intervention study is required to improve QWL and retention among PHC nurses using the findings of the current study. This would help to assess the impact of such strategies on reducing turnover of PHC nurses. Focusing on the location of the current study, it would be valuable to conduct another study in five years’ time to examine the percentage of actual turnover among PHC nurses compared with the reported turnover intention in the current study. Further in-depth research would also be useful to assess the impact of the local culture on the perception of expatriate nurses towards their QWL and their turnover intention. A comparative study is required between PHC centres and hospitals as well as the public and private health sector agencies in terms of QWL and turnover intention of nursing personnel. Findings may differ from sector to sector according to variations in health systems, working environments and the case mix of patients.
Resumo:
The ability to detect unusual events in surviellance footage as they happen is a highly desireable feature for a surveillance system. However, this problem remains challenging in crowded scenes due to occlusions and the clustering of people. In this paper, we propose using the Distributed Behavior Model (DBM), which has been widely used in computer graphics, for video event detection. Our approach does not rely on object tracking, and is robust to camera movements. We use sparse coding for classification, and test our approach on various datasets. Our proposed approach outperforms a state-of-the-art work which uses the social force model and Latent Dirichlet Allocation.
Resumo:
Client puzzles are cryptographic problems that are neither easy nor hard to solve. Most puzzles are based on either number theoretic or hash inversions problems. Hash-based puzzles are very efficient but so far have been shown secure only in the random oracle model; number theoretic puzzles, while secure in the standard model, tend to be inefficient. In this paper, we solve the problem of constucting cryptographic puzzles that are secure int he standard model and are very efficient. We present an efficient number theoretic puzzle that satisfies the puzzle security definition of Chen et al. (ASIACRYPT 2009). To prove the security of our puzzle, we introduce a new variant of the interval discrete logarithm assumption which may be of independent interest, and show this new problem to be hard under reasonable assumptions. Our experimental results show that, for 512-bit modulus, the solution verification time of our proposed puzzle can be up to 50x and 89x faster than the Karame-Capkum puzzle and the Rivest et al.'s time-lock puzzle respectively. In particular, the solution verification tiem of our puzzle is only 1.4x slower than that of Chen et al.'s efficient hash based puzzle.
