Subterfuge-safe trust management for delegation of permissions in open environments

Open environments involve distributed entities interacting with each other in an open manner. Many distributed entities are unknown to each other but need to collaborate and share resources in a secure fashion. Usually resource owners alone decide who is trusted to access their resources. Since resource owners in open environments do not have a complete picture of all trusted entities, trust management frameworks are used to ensure that only authorized entities will access requested resources. Every trust management system has limitations, and the limitations can be exploited by malicious entities. One vulnerability is due to the lack of globally unique interpretation for permission specifications. This limitation means that a malicious entity which receives a permission in one domain may misuse the permission in another domain via some deceptive but apparently authorized route; this malicious behaviour is called subterfuge. This thesis develops a secure approach, Subterfuge Safe Trust Management (SSTM), that prevents subterfuge by malicious entities. SSTM employs the Subterfuge Safe Authorization Language (SSAL) which uses the idea of a local permission with a globally unique interpretation (localPermission) to resolve the misinterpretation of permissions. We model and implement SSAL with an ontology-based approach, SSALO, which provides a generic representation for knowledge related to the SSAL-based security policy. SSALO enables integration of heterogeneous security policies which is useful for secure cooperation among principals in open environments where each principal may have a different security policy with different implementation. The other advantage of an ontology-based approach is the Open World Assumption, whereby reasoning over an existing security policy is easily extended to include further security policies that might be discovered in an open distributed environment. We add two extra SSAL rules to support dynamic coalition formation and secure cooperation among coalitions. Secure federation of cloud computing platforms and secure federation of XMPP servers are presented as case studies of SSTM. The results show that SSTM provides robust accountability for the use of permissions in federation. It is also shown that SSAL is a suitable policy language to express the subterfuge-safe policy statements due to its well-defined semantics, ease of use, and integrability.

The roles and importance of formal and informal sources of business support in young firms : evidence from the UK’s 2008 Federation of Small Business Survey

Objectives This research explores the relationship between young firms, their growth orientation-intention and a range of relationships which can be seen to provide business support. Prior-work Research indicates that networks impact the firm’s ability to secure resources (Sirmon and Hitt 2003; Liao and Welsch. 2004; Hanlon and Saunders 2007). Networks have been evaluated in a number of ways ranging from simple counts to characteristics of their composition (Davidsson and Honig 2003), strength of relationships (Granovetter 1973) and network diversity (Carter et al 2003). By providing access to resources and knowledge (from start-up assistance and raising capital, (e.g. Smallbone et al, 2003), networks may assist in enabling continued persistence during those times where firms may experience resource constraints owing to firm growth (Baker and Nelson 2005). Approach The data used in this research was generated in the 2008 UK Federation of Small Businesses (FSB) survey. Over 1,000 of the firms responding were found to fall into the category of “young”, ((defined as firms under 4 years old). Firms were considered the unit of analysis with the entrepreneur being the chief spokesperson for the firm. Preliminary data analysis considered key demographic characteristics and industry classifications, comparing the FSB data with that of the UK government’s own (BERR) Small Business Surveys of 2007 and 2008, to establish some degree of representativeness of the respondents. The analysis then examined networks with varying potential ability to provide support for young firms, the networks measured in terms of number, diversity, characteristic and strength in its relationship to young firm growth orientation. The diversity of business-support-related relationships ranged from friends and family, through professional services, customers and suppliers, and government business services, to trade associations and informal business networks. The characteristics of these formal and informal sources of support for new businesses are examined across a range of business support-type activities for new firms. The number of relationships and types of business support are also explored. Finally, the strength of these relationships is examined by analysis of the source of business support, type of business support, and links to the growth orientation-intention of the firm, after controlling for a number of key variables related to firm and industry status and owner characteristics. Results Preliminary analysis of the data by means of univariate analysis showed that average number of sources of advice was around 2.5 (from a potential total of 6). In terms of the diversity of relationships, universities had by far the smallest percentage of firms receiving beneficial advice from them. Government business services were beneficially used by 40% of young firms, the other relationship types being around the 50-55% mark. In terms of characteristics of the advice, the average number of areas in which benefit was achieved was around 5.5 of a maximum of 15. Start-up advice has by far the highest percentage of firms obtaining beneficial advice, with increasing sales, improving contacts and improving confidence being the other categories at or around the 50% mark. Other market-focused areas where benefits were also received were in the areas of new markets, existing product improvements and new product improvements, where around 40% of the young responding firms obtained benefit. Regression techniques evaluating the strength of these relationships in terms of the links between business support (by source of support, type of support, and range of support) and firm growth orientation-intention focus highlighted a number of significant relationships, even after controlling for a range of other explanatory variables identified in the literature. Specifically, there was found to be a positive relationship between receiving business advice generally (regardless of type or source) and growth orientation. This relationship was seen to be stronger, however, when looking at the number of types of beneficial advice received, and stronger again for the number of sources of this advice. In terms of individual sources of advice, customers and suppliers had the strongest relationship with growth, with Government business services also found to be significant. Combining these two sources was also seen to increase the strength of the relationship between these two sources of advice and growth orientation. In considering areas of support, growth was most strongly positively related to advice that benefited the development of new products and services, and also business confidence, but was negatively related to advice linked to business recovery. Finally, amalgamating the 4 key types and sources of advice to examine the impact of combinations of these types and sources of advice also improved the strength of the relationship. Implications The findings will assist in the understanding of young firms in general and growth more specifically, particularly the role and importance of specific sources, types and combinations of business support used more extensively by new young growth-oriented firms. Value This research may assist in processes designed to allow entrepreneurs to make better decisions; educators and support organizations to develop better advice and assistance, and Governments design better conditions for the creation of new growth-oriented businesses.

Authentication and Authorisation Mechanisms in support of Secure Access to WMN Resources

Over the past several years, a number of design approaches in wireless mesh networks have been introduced to support the deployment of wireless mesh networks (WMNs). We introduce a novel wireless mesh architecture that supports authentication and authorisation functionalities, giving the possibility of a seamless WMN integration into the home's organization authentication and authorisation infrastructure. First, we introduce a novel authentication and authorisation mechanism for wireless mesh nodes. The mechanism is designed upon an existing federated access control approach, i.e. the AAI infrastructure that is using just the credentials at the user's home organization in a federation. Second, we demonstrate how authentication and authorisation for end users is implemented by using an existing web-based captive portal approach. Finally, we observe the difference between the two and explain in detail the process flow of authorized access to network resources in wireless mesh networks. The goal of our wireless mesh architecture is to enable easy broadband network access to researchers at remote locations, giving them additional advantage of a secure access to their measurements, irrespective of their location. It also provides an important basis for the real-life deployment of wireless mesh networks for the support of environmental research.