922 resultados para Security risk
Resumo:
Strategic sourcing has increased in importance in recent years, and now plays an important role in companies’ planning. The current volatility in supply markets means companies face multiple challenges involving lock-in situations, supplier bankruptcies or supply security issues. In addition, their exposure can increase due to natural disasters, as witnessed recently in the form of bird flu, volcanic ash and tsunamis. Therefore, the primary focus of this study is risk management in the context of strategic sourcing. The study presents a literature review on sourcing based on the 15 years from 1998–2012, and considers 131 academic articles. The literature describes strategic sourcing as a strategic, holistic process in managing supplier relationships, with a long-term focus on adding value to the company and realising competitive advantage. Few studies discovered the real risk impact and status of risk management in strategic sourcing, and evaluation across countries and industries was limited, with the construction sector particularly under-researched. This methodology is founded on a qualitative study of twenty cases across Ger-many and the United Kingdom from the construction sector and electronics manufacturing industries. While considering risk management in the context of strategic sourcing, the thesis takes into account six dimensions that cover trends in strategic sourcing, theoretical and practical sourcing models, risk management, supply and demand management, critical success factors and the strategic supplier evaluation. The study contributes in several ways. First, recent trends are traced and future needs identified across the research dimensions of countries, industries and companies. Second, it evaluates critical success factors in contemporary strategic sourcing. Third, it explores the application of theoretical and practical sourcing models in terms of effectiveness and sustainability. Fourth, based on the case study findings, a risk-oriented strategic sourcing framework and a model for strategic sourcing are developed. These are based on the validation of contemporary requirements and a critical evaluation of the existing situation. It contemplates the empirical findings and leads to a structured process to manage risk in strategic sourcing. The risk-oriented framework considers areas such as trends, corporate and sourcing strategy, critical success factors, strategic supplier selection criteria, risk assessment, reporting, strategy alignment and reporting. The proposed model highlights the essential dimensions in strategic sourcing and guides us to a new definition of strategic sourcing supported by this empirical study.
Resumo:
In this paper is proposed a model for researching the capability to influence, by selected methods’ groups of compression, to the co-efficient of information security of selected objects’ groups, exposed to selected attacks’ groups. With the help of methods for multi-criteria evaluation are chosen the methods’ groups with the lowest risk with respect to the information security. Recommendations for future investigations are proposed.
Resumo:
This report examines important issues pertaining to the different ways of affecting the information security of file objects under information attacks through methods of compression. Accordingly, the report analyzes the three-way relationships which may exist among a selected set of attacks, methods and objects. Thus, a methodology is proposed for evaluation of information security, and a coefficient of information security is created. With respects to this coefficient, using different criteria and methods for evaluation and selection of alternatives, the lowest-risk methods of compression are selected.
Resumo:
Mediation techniques provide interoperability and support integrated query processing among heterogeneous databases. While such techniques help data sharing among different sources, they increase the risk for data security, such as violating access control rules. Successful protection of information by an effective access control mechanism is a basic requirement for interoperation among heterogeneous data sources. ^ This dissertation first identified the challenges in the mediation system in order to achieve both interoperability and security in the interconnected and collaborative computing environment, which includes: (1) context-awareness, (2) semantic heterogeneity, and (3) multiple security policy specification. Currently few existing approaches address all three security challenges in mediation system. This dissertation provides a modeling and architectural solution to the problem of mediation security that addresses the aforementioned security challenges. A context-aware flexible authorization framework was developed in the dissertation to deal with security challenges faced by mediation system. The authorization framework consists of two major tasks, specifying security policies and enforcing security policies. Firstly, the security policy specification provides a generic and extensible method to model the security policies with respect to the challenges posed by the mediation system. The security policies in this study are specified by 5-tuples followed by a series of authorization constraints, which are identified based on the relationship of the different security components in the mediation system. Two essential features of mediation systems, i. e., relationship among authorization components and interoperability among heterogeneous data sources, are the focus of this investigation. Secondly, this dissertation supports effective access control on mediation systems while providing uniform access for heterogeneous data sources. The dynamic security constraints are handled in the authorization phase instead of the authentication phase, thus the maintenance cost of security specification can be reduced compared with related solutions. ^
Resumo:
Climate change has been a security issue for mankind since Homo sapiens first emerged on the planet, driving him to find new and better food, water, shelter, and basic resources for survival and the advancement of civilization. Only recently, however, has the rate of climate change coupled with man’s knowledge of his own role in that change accelerated, perhaps profoundly, changing the security paradigm. If we take a ―decades‖ look at the security issue, we see competition for natural resources giving way to Cold War ideological containment and deterrence, itself giving way to non-state terrorism and extremism. While we continue to defend against these threats, we are faced with even greater security challenges that inextricably tie economic, food and human security together and where the flash points may not provide clearly discernable causes, as they will be intrinsically tied to climate change. Several scientific reports have revealed that the modest development gains that can be realized by some regions could be reversed by climate change. This means that climate change is not just a long-term environmental threat as was widely believed, but an economic and developmental disaster that is unfolding. As such, addressing climate change has become central to the development and poverty reduction by the World Bank and other financial institutions. In Latin America, poorer countries and communities, such as those found in Central America, will suffer the hardest because of weaker resilience and greater reliance on climatesensitive sectors such as agriculture. The US should attempt to deliver capability to assist these states to deal with the effects of climate change.
Resumo:
This study on risk and disaster management capacities of four Caribbean countries: Barbados, the Dominican Republic, Jamaica, and Trinidad and Tobago, examines three main dimensions: 1) the impact of natural disasters from 1900 to 2010 (number of events, number of people killed, total number affected, and damage in US$); 2) institutional assessments of disaster risk management disparity; and 3) the 2010 Inter-American Bank for Development (IADB) Disaster Risk and Risk Management indicators for the countries under study. The results show high consistency among the different sources examined, pointing out the need to extend the IADB measurements to the rest of the Caribbean countries. Indexes and indicators constitute a comparison measure vis-à-vis existing benchmarks in order to anticipate a capacity to deal with adverse events and their consequences; however, the indexes and indicators could only be tested against the occurrence of a real event. Therefore, the need exists to establish a sustainable and comprehensive evaluation system after important disasters to assess a country’s performance, verify the indicators, and gain feedback on measurement systems and methodologies. There is diversity in emergency and preparedness for disasters in the four countries under study. The nature of the event (hurricanes, earthquakes, floods, and seismic activity), especially its frequency and the intensity of the damage experienced, is related to how each has designed its risk and disaster management policies and programs to face natural disasters. Vulnerabilities to disaster risks have been increasing, among other factors, because of uncontrolled urbanization, demographic density and poverty increase, social and economic marginalization, and lack of building code enforcement. The four countries under study have shown improvements in risk management capabilities, yet they are far from being completed prepared. Barbados’ risk management performance is superior, in comparison, to the majority of the countries of the region. However, is still far in achieving high performance levels and sustainability in risk management, primarily when it has the highest gap between potential macroeconomic and financial losses and the ability to face them. The Dominican Republic has shown steady risk performance up to 2008, but two remaining areas for improvement are hazard monitoring and early warning systems. Jamaica has made uneven advances between 1990 and 2008, requiring significant improvements to achieve high performance levels and sustainability in risk management, as well as macroeconomic mitigation infrastructure. Trinidad and Tobago has the lowest risk management score of the 15 countries in the Latin American and Caribbean region as assessed by the IADB study in 2010, yet it has experienced an important vulnerability reduction. In sum, the results confirmed the high disaster risk management disparity in the Caribbean region.
Resumo:
After the end of the Cold War, democratization and good governance became the organizing concepts for activities of the United Nations, regional organizations and states in the fields of peace, development and security. How can this increasing interest in democratization and its connection with international security be explained? This dissertation applies the theoretical tools developed by Michel Foucault in his discussions of disciplinarity and government to the analysis of the United Nations debate on democracy in the 1990s, and of two United Nations pro-democracy peacekeeping operations and their aftermath: the United Nations interventions in Haiti and Croatia. It probes “how” certain techniques of power came into being and describes their effects, using as data the texts that elaborate the United Nations understanding of democracy and the texts that constitute peacekeeping. ^ In the face of the proliferation of unpredictable threats in the last decades of the twentieth century a new form of international power emerged. Order in the international arena increasingly was maintained through activities aimed at reducing risk and increasing predictability through the normalization of “rogue” states. The dissertation shows that in the context of these activities, which included but were not limited to UN peacekeeping, normality was identified with democracy, non-democratic regimes with international threats, and democratization with international security. “Good governance” doctrines translated the political debate on democracy into the technical language of functioning state institutions. International organizations adopted good governance as the framework that made democratization a universal task within the reach of their expertise. In Haiti, the United Nations engaged in efforts to transform punishment institutions (the judiciary, police and the prison) into disciplined and disciplinary machines. In Croatia, agreements signed in the context of peacekeeping established in detail the rules of functioning of administrations and the monitoring mechanisms for their implementation. However, in Haiti, the institutions promoted were not sustainable. And in Croatia reforms are stalled by lack of consensus. ^ This dissertation puts efforts to bring about democracy through peacekeeping in the context of a specific modality of power and suggests caution in engaging in universal normalizing endeavors. ^
Resumo:
Peer reviewed
Resumo:
The concept of ontological security has a remarkable echo in the current sociology to describe emotional status of men of late modernity. However, the concept created by Giddens in the eighties has been little used in empirical research covering various sources of risk or uncertainty. In this paper, a scale for ontological security is proposed. To do this, we start from the results of a research focused on the relationship between risk, uncertainty and vulnerability in the context of the economic crisis in Spain. These results were produced through nine focus groups and a telephone survey with standardized questionnaire applied to a national sample of 2,408 individuals over 18 years. This work is divided into three main sections. In the fi rst, a scale has been built from the results of the application of different items present in the questionnaire used. The second part explores the relationships of the scale obtained with the variables further approximate the emotional dimensions of individuals. The third part observes the variables that contribute to changes in the scale: These variables show the structural feature of the ontological security.
Resumo:
Thesis (Ph.D.)--University of Washington, 2016-08
Resumo:
This dissertation explores why some states consistently secure food imports at prices higher than the world market price, thereby exacerbating food insecurity domestically. I challenge the idea that free market economics alone can explain these trade behaviors, and instead argue that states take into account political considerations when engaging in food trade that results in inefficient trade. In particular, states that are dependent on imports of staple food products, like cereals, are wary of the potential strategic value of these goods to exporters. I argue that this consideration, combined with the importing state’s ability to mitigate that risk through its own forms of political or economic leverage, will shape the behavior of the importing state and contribute to its potential for food security. In addition to cross-national analyses, I use case studies of the Gulf Cooperation Council states and Jordan to demonstrate how the political tools available to these importers affect their food security. The results of my analyses suggest that when import dependent states have access to forms of political leverage, they are more likely to trade efficiently, thereby increasing their potential for food security.
Resumo:
The ever-increasing number and severity of cybersecurity breaches makes it vital to understand the factors that make organizations vulnerable. Since humans are considered the weakest link in the cybersecurity chain of an organization, this study evaluates users’ individual differences (demographic factors, risk-taking preferences, decision-making styles and personality traits) to understand online security behavior. This thesis studies four different yet tightly related online security behaviors that influence organizational cybersecurity: device securement, password generation, proactive awareness and updating. A survey (N=369) of students, faculty and staff in a large mid-Atlantic U.S. public university identifies individual characteristics that relate to online security behavior and characterizes the higher-risk individuals that pose threats to the university’s cybersecurity. Based on these findings and insights from interviews with phishing victims, the study concludes with recommendations to help similat organizations increase end-user cybersecurity compliance and mitigate the risks caused by humans in the organizational cybersecurity chain.
Resumo:
In recent years, security of industrial control systems has been the main research focus due to the potential cyber-attacks that can impact the physical operations. As a result of these risks, there has been an urgent need to establish a stronger security protection against these threats. Conventional firewalls with stateful rules can be implemented in the critical cyberinfrastructure environment which might require constant updates. Despite the ongoing effort to maintain the rules, the protection mechanism does not restrict malicious data flows and it poses the greater risk of potential intrusion occurrence. The contributions of this thesis are motivated by the aforementioned issues which include a systematic investigation of attack-related scenarios within a substation network in a reliable sense. The proposed work is two-fold: (i) system architecture evaluation and (ii) construction of attack tree for a substation network. Cyber-system reliability remains one of the important factors in determining the system bottleneck for investment planning and maintenance. It determines the longevity of the system operational period with or without any disruption. First, a complete enumeration of existing implementation is exhaustively identified with existing communication architectures (bidirectional) and new ones with strictly unidirectional. A detailed modeling of the extended 10 system architectures has been evaluated. Next, attack tree modeling for potential substation threats is formulated. This quantifies the potential risks for possible attack scenarios within a network or from the external networks. The analytical models proposed in this thesis can serve as a fundamental development that can be further researched.
Resumo:
Community gardening in cities is increasing, driven by social interaction and food security. City soils are sinks for heavy metals; including neurotoxic lead (Pb). Exposure routes are primarily through inhalation/ingestion of soil, or second by ingestion of plants that have accumulated Pb. This research evaluates soil at three Liberty City, Florida sites estimating risk of Pb exposure through primary and secondary pathways. Soil cores were collected from Liberty City, and red Malabar spinach (Basella rubra) was grown in Pb soil treatments in a greenhouse. Total soil Pb levels and plant tissues were measured after acid digestion, by ICP-OES. In Liberty City, two sites had hotspots with areas of elevated soil Pb levels. Plants grown on Pb contaminated soil all accumulated statistically significant Pb concentrations. Therefore, there is a potential risk of Pb exposure to residents in Liberty City by exposure in hotspot sites through both the primary and secondary pathways.
Resumo:
Situational Awareness provides a user centric approach to security and privacy. The human factor is often recognised as the weakest link in security, therefore situational perception and risk awareness play a leading role in the adoption and implementation of security mechanisms. In this study we assess the understanding of security and privacy of users in possession of wearable devices. The findings demonstrate privacy complacency, as the majority of users trust the application and the wearable device manufacturer. Moreover the survey findings demonstrate a lack of understanding of security and privacy by the sample population. Finally the theoretical implications of the findings are discussed.
