821 resultados para security policy model
Resumo:
The Lisbon Treaty has introduced significant changes in the field of EU security and defence. On the one hand, important institutional reforms, such as the creation of a renewed High Representative, have of course a great impact on this policy field. On the other hand, the Lisbon Treaty has also introduced specific innovations in the security and defence of the European Union. The mutual defence clause and the new mechanisms for flexible cooperation such as the permanent structured cooperation, are only some of the key innovations. Generally, the European Security and Defence Policy receives its own section in the Treaty on European Union and is rebranded as Common Security and Defence Policy. Thus, the Lisbon Treaty sets the objective for a common policy in this field. However, does this reform really provide for the means for the realization of such a common policy? Furthermore, does the Lisbon Treaty increase the importance of CSDP or is the increasing importance of this policy field just reflected in the Treaty text? These are the main questions that the present paper attempts to address through the analysis of the new institutional setting of the post-Lisbon security and defence policy, as well as through the examination of the specific innovations in this area.
Resumo:
FOREWORD. When one looks at the present state of the CSDP, one cannot help but look on with disenchantment at the energy that appears to have abandoned both institutions and Member States. Commentators increasingly take for granted that nothing much should be expected from this field of EU policy. The reasons for this state of mind are well known: the recent economic and financial strains, which have impacted all EU action since 2008, means that most of the Member States will struggle to keep their defence budgets at their present level in the future, and we may even see reductions. Furthermore, and to put it mildly, most of the recent CSDP operations have also experienced a lack of enthusiasm. Adding to this overall trend, the EU is far from presenting a common vision of what security and defence should really mean. Many of the Member States do not want to be involved in all of today’s international turmoils, and they rarely share the strategic culture which inspires those Member States who see themselves as having special responsibilities in dealing with these crises. In the end it may be that Member States diverge fundamentally on the simple question of whether it is relevant for the EU to engage in most of the ‘hot’ crises Europe faces; many prefer to see Europe as a soft power, mostly dedicated to intervening on less dramatic fronts and more inclined to mend than to fight. For whatever reason given, it remains that if there is a lack of common understanding on what CSDP should really be about, it should not come as a surprise if this policy is presently in stalemate. As an additional blow, the Ukrainian crisis, which dragged on for the whole of last year, could only add to the downward spiral the EU has been experiencing, with a new Russia aggressively confronting Europe in a manner not too distant from the Cold War days. This attitude has triggered the natural reaction among EU Member States to seek reassurances from NATO about their own national security. Coupled with the return of France a few years ago into the integrated military command, NATO’s renewed relevance has sent a strong message to Europe about the military organisation’s credibility with regard to collective defence. Surprisingly, this overall trend was gathering momentum at the same time as other more positive developments. The European Council of December 2013 dedicated its main session to CSDP: it underlined Europe’s role as a ‘security provider’ while adopting a very ambitious road map for Europe in all possible dimensions of the security sector. Hence the impression of a genuine boost to all EU institutions, which have been invited to join efforts and give CSDP a reinvigorated efficiency. In the same way, the increasing instability in Europe’s neighbourhood has also called for more EU operations: most recently in Iraq, Libya, Northern Nigeria or South Sudan. Pressure for further EU engagement has been one of the most constant features of the discussions taking place around these crises. Moreover, a growing number of EU partners in Asia, Latin America or Eastern Europe have shown a renewed eagerness to join CSDP missions in what sounds like a vote of confidence for EU capacities. What kind of conclusion should be drawn from this contradictory situation? Probably that the EU has much more potential than it can sometimes figure out itself, if only it would be ready to adapt to the new global realities. But, more than anything else, an enhanced CSDP needs from all Member States strong political will and a clear vision of what they want this policy to be. Without this indispensable ingredient CSDP may continue to run its course, as it does today. It may even grow in efficiency but it will keep lacking the one resource that would definitely help it overcome all the present shortcomings that have prevented Europe from finding its true role and mission through the CSDP. Member States remain central to EU security and defence policy. This is why this collection of essays is so valuable for assessing in no uncertain way the long road that lies ahead for any progress to be made. Pierre VIMONT Senior Associate at Carnegie Europe Former Executive Secretary-General of the European External Action Service
Resumo:
The European Union (EU) is seen as the leading actor in successfully fighting piracy around the Horn of Africa. As a global trade power with strong economic interests, the EU is also challenged by similar maritime security threats in the Gulf of Guinea. To date, there has been no comprehensive analysis to assess the potential transfer of successful EU instruments from the Horn of Africa to the piracy situation in West African waters. This paper examines to what extent the EU can draw on its experience made in the Horn of Africa to deter piracy in West African waters. Based on qualitative research interviews, lessons learned from East Africa are identified and subsequently applied to the situation in the Gulf of Guinea. The results show that the EU is only partially drawing on its experience made in the Horn of Africa. One the one hand, it is rather reluctant to use crisis management instruments such as naval operations. On the other hand, the EU is drawing on its successful leadership in international political and military cooperation from around the Horn of Africa in order to make more effective use of available resources in the Gulf of Guinea.
Resumo:
Existing studies focus on overall support for European integration while less work has been done on explaining public opinion on specific policy areas, such as the development of the Common Security and Defense Policy (CSDP). We hypothesize that the probability of supporting a CSDP increases with greater levels of trust in the European Union member states, most notably the more powerful members. This variable is critical since integration’s development is influenced strongly by, and dependent on, the resources of the relatively more powerful European member states. Binary logistic regression analyses using pooled repeated cross-sectional data from the Eurobarometer surveys conducted from 1992 to 1997 among individuals of 11 member states largely support these claims.
Resumo:
Mediation techniques provide interoperability and support integrated query processing among heterogeneous databases. While such techniques help data sharing among different sources, they increase the risk for data security, such as violating access control rules. Successful protection of information by an effective access control mechanism is a basic requirement for interoperation among heterogeneous data sources. ^ This dissertation first identified the challenges in the mediation system in order to achieve both interoperability and security in the interconnected and collaborative computing environment, which includes: (1) context-awareness, (2) semantic heterogeneity, and (3) multiple security policy specification. Currently few existing approaches address all three security challenges in mediation system. This dissertation provides a modeling and architectural solution to the problem of mediation security that addresses the aforementioned security challenges. A context-aware flexible authorization framework was developed in the dissertation to deal with security challenges faced by mediation system. The authorization framework consists of two major tasks, specifying security policies and enforcing security policies. Firstly, the security policy specification provides a generic and extensible method to model the security policies with respect to the challenges posed by the mediation system. The security policies in this study are specified by 5-tuples followed by a series of authorization constraints, which are identified based on the relationship of the different security components in the mediation system. Two essential features of mediation systems, i. e., relationship among authorization components and interoperability among heterogeneous data sources, are the focus of this investigation. Secondly, this dissertation supports effective access control on mediation systems while providing uniform access for heterogeneous data sources. The dynamic security constraints are handled in the authorization phase instead of the authentication phase, thus the maintenance cost of security specification can be reduced compared with related solutions. ^
Resumo:
An examination of Information Security (IS) and Information Security Management (ISM) research in Saudi Arabia has shown the need for more rigorous studies focusing on the implementation and adoption processes involved with IS culture and practices. Overall, there is a lack of academic and professional literature about ISM and more specifically IS culture in Saudi Arabia. Therefore, the overall aim of this paper is to identify issues and factors that assist the implementation and the adoption of IS culture and practices within the Saudi environment. The goal of this paper is to identify the important conditions for creating an information security culture in Saudi Arabian organizations. We plan to use this framework to investigate whether security culture has emerged into practices in Saudi Arabian organizations.
Resumo:
This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.
Resumo:
This thesis argues that in order to establish a sound information security culture it is necessary to look at organisation's information security systems in a socio- technical context. The motivation for this research stems from the continuing concern of ineffective information security in organisations, leading to potentially significant monetary losses. It is important to address both technical and non- technical aspects when dealing with information security management. Culture has been identified as an underlying determinant of individuals' behaviour and this extends to information security culture, particularly in developing countries. This research investigates information security culture in the Saudi Arabia context. The theoretical foundation for the study is based on organisational and national culture theories. A conceptual framework for this study was constructed based on Peterson and Smith's (1997) model of national culture. This framework guides the study of national, organisational and technological values and their relationships to the development of information security culture. Further, the study seeks to better understand how these values might affect the development and deployment of an organisation's information security culture. Drawing on evidence from three exploratory case studies, an emergent conceptual framework was developed from the traditional human behaviour and the social environment perspectives used in social work, This framework contributes to in- formation security management by identifying behaviours related to four modes of information security practice. These modes provide a sound basis that can be used to evaluate individual organisational members' behaviour and the adequacy of ex- isting security measures. The results confirm the plausibility of the four modes of practice. Furthermore, a final framework was developed by integrating the four modes framework into the research framework. The outcomes of the three case stud- ies demonstrate that some of the national, organisational and technological values have clear impacts on the development and deployment of organisations' informa- tion security culture. This research, by providing an understanding the in uence of national, organi- sational and technological values on individuals' information security behaviour, contributes to building a theory of information security culture development within an organisational context. The research reports on the development of an inte- grated information security culture model that highlights recommendations for developing an information security culture. The research framework, introduced by this research, is put forward as a robust starting point for further related work in this area.
Resumo:
Humankind has been dealing with all kinds of disasters since the dawn of time. The risk and impact of disasters producing mass casualties worldwide is increasing, due partly to global warming as well as to increased population growth, increased density and the aging population. China, as a country with a large population, vast territory, and complex climatic and geographical conditions, has been plagued by all kinds of disasters. Disaster health management has traditionally been a relatively arcane discipline within public health. However, SARS, Avian Influenza, and earthquakes and floods, along with the need to be better prepared for the Olympic Games in China has brought disasters, their management and their potential for large scale health consequences on populations to the attention of the public, the government and the international community alike. As a result significant improvements were made to the disaster management policy framework, as well as changes to systems and structures to incorporate an improved disaster management focus. This involved the upgrade of the Centres for Disease Control and Prevention (CDC) throughout China to monitor and better control the health consequences particularly of infectious disease outbreaks. However, as can be seen in the Southern China Snow Storm and Wenchuan Earthquake in 2008, there remains a lack of integrated disaster management and efficient medical rescue, which has been costly in terms of economics and health for China. In the context of a very large and complex country, there is a need to better understand whether these changes have resulted in effective management of the health impacts of such incidents. To date, the health consequences of disasters, particularly in China, have not been a major focus of study. The main aim of this study is to analyse and evaluate disaster health management policy in China and in particular, its ability to effectively manage the health consequences of disasters. Flood has been selected for this study as it is a common and significant disaster type in China and throughout the world. This information will then be used to guide conceptual understanding of the health consequences of floods. A secondary aim of the study is to compare disaster health management in China and Australia as these countries differ in their length of experience in having a formalised policy response. The final aim of the study is to determine the extent to which Walt and Gilson’s (1994) model of policy explains how disaster management policy in China was developed and implemented after SARS in 2003 to the present day. This study has utilised a case study methodology. A document analysis and literature search of Chinese and English sources was undertaken to analyse and produce a chronology of disaster health management policy in China. Additionally, three detailed case studies of flood health management in China were undertaken along with three case studies in Australia in order to examine the policy response and any health consequences stemming from the floods. A total of 30 key international disaster health management experts were surveyed to identify fundamental elements and principles of a successful policy framework for disaster health management. Key policy ingredients were identified from the literature, the case-studies and the survey of experts. Walt and Gilson (1994)’s policy model that focuses on the actors, content, context and process of policy was found to be a useful model for analysing disaster health management policy development and implementation in China. This thesis is divided into four parts. Part 1 is a brief overview of the issues and context to set the scene. Part 2 examines the conceptual and operational context including the international literature, government documents and the operational environment for disaster health management in China. Part 3 examines primary sources of information to inform the analysis. This involves two key studies: • A comparative analysis of the management of floods in China and Australia • A survey of international experts in the field of disaster management so as to inform the evaluation of the policy framework in existence in China and the criteria upon which the expression of that policy could be evaluated Part 4 describes the key outcomes of this research which include: • A conceptual framework for describing the health consequences of floods • A conceptual framework for disaster health management • An evaluation of the disaster health management policy and its implementation in China. The research outcomes clearly identified that the most significant improvements are to be derived from improvements in the generic management of disasters, rather than the health aspects alone. Thus, the key findings and recommendations tend to focus on generic issues. The key findings of this research include the following: • The health consequences of floods may be described in terms of time as ‘immediate’, ‘medium term’ and ‘long term’ and also in relation to causation as ‘direct’ and ‘indirect’ consequences of the flood. These two aspects form a matrix which in turn guides management responses. • Disaster health management in China requires a more comprehensive response throughout the cycle of prevention, preparedness, response and recovery but it also requires a more concentrated effort on policy implementation to ensure the translation of the policy framework into effective incident management. • The policy framework in China is largely of international standard with a sound legislative base. In addition the development of the Centres for Disease Control and Prevention has provided the basis for a systematic approach to health consequence management. However, the key weaknesses in the current system include: o The lack of a key central structure to provide the infrastructure with vital support for policy development, implementation and evaluation. o The lack of well-prepared local response teams similar to local government based volunteer groups in Australia. • The system lacks structures to coordinate government action at the local level. The result of this is a poorly coordinated local response and lack of clarity regarding the point at which escalation of the response to higher levels of government is advisable. These result in higher levels of risk and negative health impacts. The key recommendations arising from this study are: 1. Disaster health management policy in China should be enhanced by incorporating disaster management considerations into policy development, and by requiring a disaster management risk analysis and disaster management impact statement for development proposals. 2. China should transform existing organizations to establish a central organisation similar to the Federal Emergency Management Agency (FEMA) in the USA or the Emergency Management Australia (EMA) in Australia. This organization would be responsible for leading nationwide preparedness through planning, standards development, education and incident evaluation and to provide operational support to the national and local government bodies in the event of a major incident. 3. China should review national and local plans to reflect consistency in planning, and to emphasize the advantages of the integrated planning process. 4. Enhance community resilience through community education and the development of a local volunteer organization. China should develop a national strategy which sets direction and standards in regard to education and training, and requires system testing through exercises. Other initiatives may include the development of a local volunteer capability with appropriate training to assist professional response agencies such as police and fire services in a major incident. An existing organisation such as the Communist Party may be an appropriate structure to provide this response in a cost effective manner. 5. Continue development of professional emergency services, particularly ambulance, to ensure an effective infrastructure is in place to support the emergency response in disasters. 6. Funding for disaster health management should be enhanced, not only from government, but also from other sources such as donations and insurance. It is necessary to provide a more transparent mechanism to ensure the funding is disseminated according to the needs of the people affected. 7. Emphasis should be placed on prevention and preparedness, especially on effective disaster warnings. 8. China should develop local disaster health management infrastructure utilising existing resources wherever possible. Strategies for enhancing local infrastructure could include the identification of local resources (including military resources) which could be made available to support disaster responses. It should develop operational procedures to access those resources. Implementation of these recommendations should better position China to reduce the significant health consequences experienced each year from major incidents such as floods and to provide an increased level of confidence to the community about the country’s capacity to manage such events.
Resumo:
A short-term real-time operation model with fuzzy state variables is developed for irrigation of multiple crops based on earlier work on long-term steady-state policy. The features of the model that distinguish it from the earlier work are (1) apart from inclusion of fuzziness in reservoir storage and in soil moisture of crops, spatial variations in rainfall and soil moisture of crops are included in the real-time operation model by considering gridded command area with a grid size of 0.5 degrees latitude by 0.5 degrees longitude; (2) the water allocation model and soil moisture balance equations are integrated with the real-time operation model with consideration of ponding water depth for Paddy crop; the model solution specifies reservoir releases for irrigation in a 10-day time period and allocations among the crops on a daily basis at each grid by maintaining soil moisture balance at the end of the day; and (3) the release policy is developed using forecasted daily rainfall data of each grid and is implemented for the current time period using actual 10-day inflow and actual daily rainfall of each grid. The real-time operation model is applied to Bhadra Reservoir in Karnataka, India. The results obtained using the real-time operation model are compared with those of the standard operating policy model. Inclusion of fuzziness in reservoir storage and soil moisture of crops captures hydrologic uncertainties in real time. Considerations of irrigation decisions on a daily basis and the gridded command area result in variations in allocating water to the crops, variations in actual crop evapotranspiration, and variations in soil moisture of the crops on a daily basis for each grid of the command area. (C) 2015 American Society of Civil Engineers.
Resumo:
No final do século XX, observamos a restruturação produtiva do capital sob a concepção neoliberal. As transformações econômicas impactariam a estrutura do Estado, o modo de controle social, bem como a função do cárcere na sociedade. A hipertrofia do Estado penal ganha novos agravantes com a política de guerra às drogas, declarada pelos EUA na década de 1970. A combinação destes ingredientes impactaram a forma de vigiar e punir a classe trabalhadora no Brasil, com o aumento da repressão e criminalização da pobreza. As heranças históricas de desigualdade social e racial agravam o controle sobre as classes perigosas. A violência urbana torna-se uma verdadeira questão social com a crescente militarização da política de segurança pública do Rio de Janeiro, em particular. Todas estas questões nos levam a pesquisar a história da consolidação do atual modelo de controle social e criminalização da pobreza no Brasil recente no contexto de guerra às drogas.
Resumo:
A partially observable Markov decision process has been proposed as a dialogue model that enables robustness to speech recognition errors and automatic policy optimisation using reinforcement learning (RL). However, conventional RL algorithms require a very large number of dialogues, necessitating a user simulator. Recently, Gaussian processes have been shown to substantially speed up the optimisation, making it possible to learn directly from interaction with human users. However, early studies have been limited to very low dimensional spaces and the learning has exhibited convergence problems. Here we investigate learning from human interaction using the Bayesian Update of Dialogue State system. This dynamic Bayesian network based system has an optimisation space covering more than one hundred features, allowing a wide range of behaviours to be learned. Using an improved policy model and a more robust reward function, we show that stable learning can be achieved that significantly outperforms a simulator trained policy. © 2013 IEEE.
Resumo:
Jackson, Peter, 'France and the Problems of Security and Disarmament after the First World War', Journal of Strategic Studies (2006) 29(2) pp.247-280 Special Issue: Enforcing arms limits: Germany post 1919; Iraq post 1991 RAE2008
Resumo:
Open environments involve distributed entities interacting with each other in an open manner. Many distributed entities are unknown to each other but need to collaborate and share resources in a secure fashion. Usually resource owners alone decide who is trusted to access their resources. Since resource owners in open environments do not have a complete picture of all trusted entities, trust management frameworks are used to ensure that only authorized entities will access requested resources. Every trust management system has limitations, and the limitations can be exploited by malicious entities. One vulnerability is due to the lack of globally unique interpretation for permission specifications. This limitation means that a malicious entity which receives a permission in one domain may misuse the permission in another domain via some deceptive but apparently authorized route; this malicious behaviour is called subterfuge. This thesis develops a secure approach, Subterfuge Safe Trust Management (SSTM), that prevents subterfuge by malicious entities. SSTM employs the Subterfuge Safe Authorization Language (SSAL) which uses the idea of a local permission with a globally unique interpretation (localPermission) to resolve the misinterpretation of permissions. We model and implement SSAL with an ontology-based approach, SSALO, which provides a generic representation for knowledge related to the SSAL-based security policy. SSALO enables integration of heterogeneous security policies which is useful for secure cooperation among principals in open environments where each principal may have a different security policy with different implementation. The other advantage of an ontology-based approach is the Open World Assumption, whereby reasoning over an existing security policy is easily extended to include further security policies that might be discovered in an open distributed environment. We add two extra SSAL rules to support dynamic coalition formation and secure cooperation among coalitions. Secure federation of cloud computing platforms and secure federation of XMPP servers are presented as case studies of SSTM. The results show that SSTM provides robust accountability for the use of permissions in federation. It is also shown that SSAL is a suitable policy language to express the subterfuge-safe policy statements due to its well-defined semantics, ease of use, and integrability.
Resumo:
The approach used to model technological change in a climate policy model is a critical determinant of its results in terms of the time path of CO2 prices and costs required to achieve various emission reduction goals. We provide an overview of the different approaches used in the literature, with an emphasis on recent developments regarding endogenous technological change, research and development, and learning. Detailed examination sheds light on the salient features of each approach, including strengths, limitations, and policy implications. Key issues include proper accounting for the opportunity costs of climate-related knowledge generation, treatment of knowledge spillovers and appropriability, and the empirical basis for parameterizing technological relationships. No single approach appears to dominate on all these dimensions, and different approaches may be preferred depending on the purpose of the analysis, be it positive or normative. © 2008 Elsevier B.V. All rights reserved.
