821 resultados para security policy model
Resumo:
Communication is a key element of diplomatic activity. In the 21st century, the shift from the traditional model of state diplomacy to a post-Westphalian, multi-stakeholder diplomacy has also had an impact on communication within diplomatic systems. In this Policy Brief, Juliane Schmidt (EPC Programme Assistant) argues that the EU should work on developing a more networked communications model so that the European External Action Service (EEAS) can communicate more effectively with all stakeholders of EU external action. Only then can the EEAS shape comprehensive foreign policy strategies and unlock its true potential as a central coordinator for EU external action.
Resumo:
Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.
Resumo:
Airports represent the epitome of complex systems with multiple stakeholders, multiple jurisdictions and complex interactions between many actors. The large number of existing models that capture different aspects of the airport are a testament to this. However, these existing models do not consider in a systematic sense modelling requirements nor how stakeholders such as airport operators or airlines would make use of these models. This can detrimentally impact on the verification and validation of models and makes the development of extensible and reusable modelling tools difficult. This paper develops from the Concept of Operations (CONOPS) framework a methodology to help structure the review and development of modelling capabilities and usage scenarios. The method is applied to the review of existing airport terminal passenger models. It is found that existing models can be broadly categorised according to four usage scenarios: capacity planning, operational planning and design, security policy and planning, and airport performance review. The models, the performance metrics that they evaluate and their usage scenarios are discussed. It is found that capacity and operational planning models predominantly focus on performance metrics such as waiting time, service time and congestion whereas performance review models attempt to link those to passenger satisfaction outcomes. Security policy models on the other hand focus on probabilistic risk assessment. However, there is an emerging focus on the need to be able to capture trade-offs between multiple criteria such as security and processing time. Based on the CONOPS framework and literature findings, guidance is provided for the development of future airport terminal models.
Resumo:
The purpose of the current study was to develop a measurement of information security culture in developing countries such as Saudi Arabia. In order to achieve this goal, the study commenced with a comprehensive review of the literature, the outcome being the development of a conceptual model as a reference base. The literature review revealed a lack of academic and professional research into information security culture in developing countries and more specifically in Saudi Arabia. Given the increasing importance and significant investment developing countries are making in information technology, there is a clear need to investigate information security culture from developing countries perspective such as Saudi Arabia. Furthermore, our analysis indicated a lack of clear conceptualization and distinction between factors that constitute information security culture and factors that influence information security culture. Our research aims to fill this gap by developing and validating a measurement model of information security culture, as well as developing initial understanding of factors that influence security culture. A sequential mixed method consisting of a qualitative phase to explore the conceptualisation of information security culture, and a quantitative phase to validate the model is adopted for this research. In the qualitative phase, eight interviews with information security experts in eight different Saudi organisations were conducted, revealing that security culture can be constituted as reflection of security awareness, security compliance and security ownership. Additionally, the qualitative interviews have revealed that factors that influence security culture are top management involvement, policy enforcement, policy maintenance, training and ethical conduct policies. These factors were confirmed by the literature review as being critical and important for the creation of security culture and formed the basis for our initial information security culture model, which was operationalised and tested in different Saudi Arabian organisations. Using data from two hundred and fifty-four valid responses, we demonstrated the validity and reliability of the information security culture model through Exploratory Factor Analysis (EFA), followed by Confirmatory Factor Analysis (CFA.) In addition, using Structural Equation Modelling (SEM) we were further able to demonstrate the validity of the model in a nomological net, as well as provide some preliminary findings on the factors that influence information security culture. The current study contributes to the existing body of knowledge in two major ways: firstly, it develops an information security culture measurement model; secondly, it presents empirical evidence for the nomological validity for the security culture measurement model and discovery of factors that influence information security culture. The current study also indicates possible future related research needs.
Resumo:
McInnes, C., Lee, K. (2006). Health, security and foreign policy. Review of International Studies, 32 (1), 5-23. RAE2008
Resumo:
Dominant paradigms of causal explanation for why and how Western liberal-democracies go to war in the post-Cold War era remain versions of the 'liberal peace' or 'democratic peace' thesis. Yet such explanations have been shown to rest upon deeply problematic epistemological and methodological assumptions. Of equal importance, however, is the failure of these dominant paradigms to account for the 'neoliberal revolution' that has gripped Western liberal-democracies since the 1970s. The transition from liberalism to neoliberalism remains neglected in analyses of the contemporary Western security constellation. Arguing that neoliberalism can be understood simultaneously through the Marxian concept of ideology and the Foucauldian concept of governmentality – that is, as a complementary set of 'ways of seeing' and 'ways of being' – the thesis goes on to analyse British security in policy and practice, considering it as an instantiation of a wider neoliberal way of war. In so doing, the thesis draws upon, but also challenges and develops, established critical discourse analytic methods, incorporating within its purview not only the textual data that is usually considered by discourse analysts, but also material practices of security. This analysis finds that contemporary British security policy is predicated on a neoliberal social ontology, morphology and morality – an ideology or 'way of seeing' – focused on the notion of a globalised 'network-market', and is aimed at rendering circulations through this network-market amenable to neoliberal techniques of government. It is further argued that security practices shaped by this ideology imperfectly and unevenly achieve the realisation of neoliberal 'ways of being' – especially modes of governing self and other or the 'conduct of conduct' – and the re-articulation of subjectivities in line with neoliberal principles of individualism, risk, responsibility and flexibility. The policy and practice of contemporary British 'security' is thus recontextualised as a component of a broader 'neoliberal way of war'.
Resumo:
This article investigates the causes in the reduction of labor force participation of the old. We argue that the changes in social security policy, in technology and in demography may account for most of the changes in retirement over the second part of the last century in the U.S. economy. We develop a dynamic general equilibrium model with endogenous retirement that embeds social security legislation. The model is able to match very closely the increase in the retirement rate of males aged 65 and older. It also quanti es the isolated impact on retirement and on the solvency of the social security system of the di¤erent factors. The model suggests that technological and demographic changes had a strong in uence on retirement, so that it would have increased signi cantly even if the social security rules had not changed. However, as the latter became much more generous in the past, changes in social security policy can account not only for a sizeable part of the expansion of retirement, but also for the most of the observed increase in the social security expenses as a share of GDP.
Resumo:
This article investigates the causes in the reduction of labor force participation of the old. We argue that the changes in social security policy, in technology and in demography may account for most of the changes in retirement over the second part of the last century in the U.S. economy. We develop a dynamic general equilibrium model with endogenous retirement that embeds social security legislation. The model is able to match very closely the increase in the retirement rate of males aged 65 and older. It also quanti es the isolated impact on retirement and on the solvency of the social security system of the di¤erent factors. The model suggests that technological and demographic changes had a strong in uence on retirement, so that it would have increased signi cantly even if the social security rules had not changed. However, as the latter became much more generous in the past, changes in social security policy can account not only for a sizeable part of the expansion of retirement, but also for the most of the observed increase in the social security expenses as a share of GDP.
Resumo:
This article studies the determinants of the labor force participation of the elderly and investigates the factors that may account for the increase in retirement in the second half of the last century. We develop a life-cycle general equilibrium model with endogenous retirement that embeds Social Security legislation and Medicare. Individuals are ex ante heterogeneous with respect to their preferences for leisure and face uncertainty about labor productivity, health status and out-of-pocket medical expenses. The model is calibrated to the U.S. economy in 2000 and is able to reproduce very closely the retirement behavior of the American population. It reproduces the peaks in the distribution of Social Security applications at ages 62 and 65 and the observed facts that low earners and unhealthy individuals retire earlier. It also matches very closely the increase in retirement from 1950 to 2000. Changes in Social Security policy - which became much more generous - and the introduction of Medicare account for most of the expansion of retirement. In contrast, the isolated impact of the increase in longevity was a delaying of retirement.
Resumo:
The threat posed by the crisis in Mali is direct, multidimensional and without regard to geographical proximity or historical and colonial heritage, writes Giovanni Faleg. France’s solitary intervention in Mali and the EU’s absence there raise two important questions for the future of the EU’s supposedly ‘Common’ Security and Defence Policy. The first has to do with the crisis itself; its nature and the threat posed by the terrorist groups and militias that are being countered by French armed forces. The second concerns the causes and implications of yet another example of the EU’s inability to take responsibility for security matters in its neighbourhood and beyond.
Resumo:
The true causes of the EU’s inertia as a security actor in its neighbourhood and beyond are not a lack of capability or even austerity measures, but the absence of a core group of states committed to driving integration forward, argues Giovanni Faleg. Member states are reluctant to set clear common strategic priorities and struggle to agree on a revision of the institutional rules. Their strategic cultures and interests differ significantly; they hold different visions of the Common Security and Defence Policy (CSDP) and are unwilling to use the CSDP instruments at their disposal.
Resumo:
The European Union (EU) has increasingly become a comprehensive security actor. With the development of the Common Foreign and Security Policy (CFSP), including the Common Security and Defence Policy (CSDP) as a reaction to the failure of the EU to act during the wars in Yugoslavia/Western Balkans in the 1990s, the EU has a wide range of instruments for crisis prevention, crisis management as well as post-crisis intervention at its disposal. Observers typically agree that “hard power” is no longer sufficient to address the complex security challenges of today’s world while the EU, often criticised for only utilising “soft power”, is now able to exercise “smart power”. Through a comprehensive approach, facilitated by the Lisbon Treaty, the EU can now use the various instruments at its disposal, such as diplomacy, development aid, humanitarian assistance, trade, sanctions, international cooperation and crisis management capabilities in a joined-up manner. This mix of tools and instruments is helping the EU to achieve the aim set out in its European Security Strategy: “a secure Europe in a better world”.
Resumo:
The European Union is a security actor in Central Asia, although with less influence than other players. Russia and China have a much larger impact on Central Asian regimes’ security strategies. These limitations do not dispense with the need for the EU to provide a better security narrative, especially in light of its growing emphasis on human security, and to incorporate this into the current review of its strategy for the region. This policy brief will centre on the EU’s contribution to human security in Central Asia.
Resumo:
Summary. Food security remains a critical issue for the international community. Although significant and positive steps have been taken towards worldwide food governance in recent years, this Policy Brief argues that more can and should be done in the coming years. Additional actions that policy-makers could consider range from enhancing understanding between different actors and improving the engagement of civil society to the extension of capacity-building efforts, regulatory stability and sufficient access to credit. When taken together in a search for strategic policy coordination, these actions offer the possibility to dramatically improve global food security.
