Scalable model-based configuration management of security services in complex enterprise networks

Security administrators face the challenge of designing, deploying and maintaining a variety of configuration files related to security systems, especially in large-scale networks. These files have heterogeneous syntaxes and follow differing semantic concepts. Nevertheless, they are interdependent due to security services having to cooperate and their configuration to be consistent with each other, so that global security policies are completely and correctly enforced. To tackle this problem, our approach supports a comfortable definition of an abstract high-level security policy and provides an automated derivation of the desired configuration files. It is an extension of policy-based management and policy hierarchies, combining model-based management (MBM) with system modularization. MBM employs an object-oriented model of the managed system to obtain the details needed for automated policy refinement. The modularization into abstract subsystems (ASs) segment the system-and the model-into units which more closely encapsulate related system components and provide focused abstract views. As a result, scalability is achieved and even comprehensive IT systems can be modelled in a unified manner. The associated tool MoBaSeC (Model-Based-Service-Configuration) supports interactive graphical modelling, automated model analysis and policy refinement with the derivation of configuration files. We describe the MBM and AS approaches, outline the tool functions and exemplify their applications and results obtained. Copyright (C) 2010 John Wiley & Sons, Ltd.

Formal validation of automated policy refinement in the management of network security systems

Policy hierarchies and automated policy refinement are powerful approaches to simplify administration of security services in complex network environments. A crucial issue for the practical use of these approaches is to ensure the validity of the policy hierarchy, i.e. since the policy sets for the lower levels are automatically derived from the abstract policies (defined by the modeller), we must be sure that the derived policies uphold the high-level ones. This paper builds upon previous work on Model-based Management, particularly on the Diagram of Abstract Subsystems approach, and goes further to propose a formal validation approach for the policy hierarchies yielded by the automated policy refinement process. We establish general validation conditions for a multi-layered policy model, i.e. necessary and sufficient conditions that a policy hierarchy must satisfy so that the lower-level policy sets are valid refinements of the higher-level policies according to the criteria of consistency and completeness. Relying upon the validation conditions and upon axioms about the model representativeness, two theorems are proved to ensure compliance between the resulting system behaviour and the abstract policies that are modelled.

Basic oxygen furnace slag as a treatment material for pathogens: Contribution of inactivation and attachment in virus attenuation

Basic oxygen furnace (BOF) slag media were studied as a potential treatment material in on-site sanitation systems. Batch and column studies were conducted to evaluate attenuation of the bacteriophage PR772 and 0.190 mu m diameter microspheres by BOF media, and to delineate the relative contributions of two principle processes of virus attenuation: inactivation and attachment. In the batch studies, conducted at 4 degrees C, substantial inactivation of PR772 did not occur in the pH 7.6 and 9.5 suspensions. At pH 11.4, bimodal inactivation of PR772 was observed, at an initial rate of 2.1 log C/C(0) day(-1) for the first two days, followed by a much slower rate of 0.124 log C/C(0) day(-1) over the following 10 days. Two column studies were conducted at 4 degrees C at a flow rate of 1 pore volume day(-1) using two slag sources (Stelco, Ontario; Tubarao, Brazil) combined with sand and pea gravel. In both column experiments, the effluent microsphere concentration approached input concentrations over time (reductions of 0.1-0.2 log C/C(0)), suggesting attachment processes for microspheres were negligible. Removal of PR772 virus was more pronounced both during the early stages of the experiments, but also after longer transport times (0.5-1.0 log C/C(0)). PR772 reduction appeared to be primarily as a result of virus inactivation in response to the elevated pH conditions generated by the BOF mixture (10.6-11.4). On-site sanitation systems using BOF media should be designed to maintain sufficient contact time between the BOF media and the wastewater to allow sufficient residence time of pathogens at elevated pH conditions. (C) 2009 Published by Elsevier Ltd.

Covalent attachment of 3,4,9,10-perylenediimides onto the walls of mesoporous molecular sieves MCM-41 and SBA-15

This work describes the covalent grafting of 3,4,9,10-perylenediimides (PDI), which are fluorescent dyes with very interesting optical properties, onto the walls of mesoporous molecular sieves MCM-41 and SBA-15. The mesoporous materials were first treated with 3-aminopropyltriethoxysilane (APTES) in anhydrous toluene, generating amine-containing surfaces. The amine-containing materials were then reacted with 3,4,9,10-perylenetetracarboxylic dianhydride (PTCA), generating surface-grafted PDI. Infrared spectra of the materials showed that the reaction with amino groups took place at both anhydride ends of the PTCA molecule, resulting in surface attached diimides. No sign of unreacted anhydride groups were found. The new materials, designated as MCMN2PDI and SBAN(2)PDI, presented absorption and emission spectra corresponding to weakly coupled PDI chromophores, in contrast to the strongly coupled rings usually found in solid PDI samples. The materials showed a red fluorescence, which could be observed by the naked eye under UV irradiation or with a fluorescence microscope. The PDI-modified mesoporous materials showed electrical conductivity when pressed into a pellet. The results presented here show that the new materials are potentially useful in the design of nanowires. (C) 2007 Elsevier Inc. All rights reserved.

The Evolution of a Responsibility to Protect in Africa : The African Unions Emerging Peace and Security Regime

The thesis focuses on, and tries to evaluate, the role that the African Union (AU) plays in protecting the peace and security on the African continent. The thesis takes an interdisciplinary approach to the topic by both utilizing international relations and international law theories. The two disciplines are combined in an attempt to understand the evolution of the AU’s commitment to the pragmatist doctrine: responsibility to protect (R2P). The AU charter is considered to be the first international law document to cover R2P as it allows the AU to interfere in the internal affairs of its member states. The R2P doctrine was evolved around the notion of a need to arrive at a consensus in regard to the right to intervene in the face of humanitarian emergencies. A part of the post-Cold War shift in UN behaviour has been to support local solutions to local problems. Hereby the UN acts in collaboration with regional organizations, such as the AU, to achieve the shared aspirations to maintain international peace and security without getting directly involved on the ground. The R2P takes a more holistic and long-term approach to interventions by including an awareness of the need to address the root causes of the crisis in order to prevent future resurrections of conflicts. The doctrine also acknowledges the responsibility of the international community and the intervening parties to actively participate in the rebuilding of the post-conflict state. This requires sustained and well planned support to ensure the development of a stable society.While the AU is committed to implementing R2P, many of the AU’s members are struggling, both ideologically and practically, to uphold the foundations on which legitimate intervention rests, such as the protection of human rights and good governance. The fact that many members are also among the poorest countries in the world adds to the challenges facing the AU. A lack of human and material resources leads to a situation where few countries are willing, or able, to support a long-term commitment to humanitarian interventions. Bad planning and unclear mandates also limit the effectiveness of the interventions. This leaves the AU strongly dependent on regional powerbrokers such as Nigeria and South Africa, which in itself creates new problems in regard to the motivations behind interventions. The current AU charter does not provide sufficient checks and balances to ensure that national interests are not furthered through humanitarian interventions. The lack of resources within the AU also generates worries over what pressure foreign nations and other international actors apply through donor funding. It is impossible for the principle of “local solutions for local problems? to gain ground while this donor conditionality exists.The future of the AU peace and security regime is not established since it still is a work in progress. The direction that these developments will take depends on a wide verity of factors, many of which are beyond the immediate control of the AU.

Immigration, security and the public debate on US language policy : a critical discourse analysis of language attitudes in the United States of America

The narrative of the United States is of a "nation of immigrants" in which the language shift patterns of earlier ethnolinguistic groups have tended towards linguistic assimilation through English. In recent years, however, changes in the demographic landscape and language maintenance by non-English speaking immigrants, particularly Hispanics, have been perceived as threats and have led to calls for an official English language policy.This thesis aims to contribute to the study of language policy making from a societal security perspective as expressed in attitudes regarding language and identity originating in the daily interaction between language groups. The focus is on the role of language and American identity in relation to immigration. The study takes an interdisciplinary approach combining language policy studies, security theory, and critical discourse analysis. The material consists of articles collected from four newspapers, namely USA Today, The New York Times, Los Angeles Times, and San Francisco Chronicle between April 2006 and December 2007.Two discourse types are evident from the analysis namely Loyalty and Efficiency. The former is mainly marked by concerns of national identity and contains speech acts of security related to language shift, choice and English for unity. Immigrants are represented as dehumanised, and harmful. Immigration is given as sovereignty-related, racial, and as war. The discourse type of Efficiency is mainly instrumental and contains speech acts of security related to cost, provision of services, health and safety, and social mobility. Immigrants are further represented as a labour resource. These discourse types reflect how the construction of the linguistic 'we' is expected to be maintained. Loyalty is triggered by arguments that the collective identity is threatened and is itself used in reproducing the collective 'we' through hegemonic expressions of monolingualism in the public space and semi-public space. The denigration of immigrants is used as a tool for enhancing societal security through solidarity and as a possible justification for the denial of minority rights. Also, although language acquisition patterns still follow the historical trend of language shift, factors indicating cultural separateness such as the appearance of speech communities or the use of minority languages in the public space and semi-public space have led to manifestations of intolerance. Examples of discrimination and prejudice towards minority groups indicate that the perception of worth of a shared language differs from the actual worth of dominant language acquisition for integration purposes. The study further indicates that the efficient working of the free market by using minority languages to sell services or buy labour is perceived as conflicting with nation-building notions since it may create separately functioning sub-communities with a new cultural capital recognised as legitimate competence. The discourse types mainly represent securitising moves constructing existential threats. The perception of threat and ideas of national belonging are primarily based on a zero-sum notion favouring monolingualism. Further, the identity of the immigrant individual is seen as dynamic and adaptable to assimilationist measures whereas the identity of the state and its members are perceived as static. Also, the study shows that debates concerning language status are linked to extra-linguistic matters. To conclude, policy makers in the US need to consider the relationship between four factors, namely societal security based on collective identity, individual/human security, human rights, and a changing linguistic demography, for proposed language intervention measures to be successful.

Towards a Protocol for the Attachment of Semantic Descriptions to Grid Services

Service discovery in large scale, open distributed systems is difficult because of the need to filter out services suitable to the task at hand from a potentially huge pool of possibilities. Semantic descriptions have been advocated as the key to expressive service discovery, but the most commonly used service descriptions and registry protocols do not support such descriptions in a general manner. In this paper, we present a protocol, its implementation and an API for registering semantic service descriptions and other task/user-specific metadata, and for discovering services according to these. Our approach is based on a mechanism for attaching structured and unstructured metadata, which we show to be applicable to multiple registry technologies. The result is an extremely flexible service registry that can be the basis of a sophisticated semantically-enhanced service discovery engine, an essential component of a Semantic Grid.

Towards a Protocol for the Attachment of Metadata to Service Descriptions and its Use in Semantic Discovery

Service discovery in large scale, open distributed systems is difficult because of the need to filter out services suitable to the task at hand from a potentially huge pool of possibilities. Semantic descriptions have been advocated as the key to expressive service discovery, but the most commonly used service descriptions and registry protocols do not support such descriptions in a general manner. In this paper, we present a protocol, its implementation and an API for registering semantic service descriptions and other task/user-specific metadata, and for discovering services according to these. Our approach is based on a mechanism for attaching structured and unstructured metadata, which we show to be applicable to multiple registry technologies. The result is an extremely flexible service registry that can be the basis of a sophisticated semantically-enhanced service discovery engine, an essential component of a Semantic Grid.

A security architecture for a semantic Grid registry

Existing registry technologies such as UDDI can be enhanced to support capabilities for semantic reasoning and inquiry, which subsequently increases its usability range. The Grimoires registry was developed to provide such support through the use of metadata attachments to registry entities. The use of such attachments provides a way for allowing service operators to specify security assertions pertaining to registry entities owned by them. These assertions may however have to be reconciled with existing registry policies. A security architecture based on the XACML standard and deployed in the OMII framework is outlined to demonstrate how this goal is achieved in the registry.

Security Issues in a SOA-based Provenance System

Recent work has begun exploring the characterization and utilization of provenance in systems based on the Service Oriented Architecture (such as Web Services and Grid based environments). One of the salient issues related to provenance use within any given system is its security. In a broad sense, security requirements arise within any data archival and retrieval system, however provenance presents unique requirements of its own. These requirements are additionally dependent on the architectural and environmental context that a provenance system operates in. We seek to analyze the security considerations pertaining to a Service Oriented Architecture based provenance system. Towards this end, we describe the components of such a system and illustrate the security considerations that arise within it. Concurrently, we outline possible approaches to address them.