State of the art and future perspectives on security metrics and their applications

In modern society, security issues of IT Systems are intertwined with interdisciplinary aspects, from social life to sustainability, and threats endanger many aspects of every- one’s daily life. To address the problem, it’s important that the systems that we use guarantee a certain degree of security, but to achieve this, it is necessary to be able to give a measure to the amount of security. Measuring security is not an easy task, but many initiatives, including European regulations, want to make this possible. One method of measuring security is based on the use of security metrics: those are a way of assessing, from various aspects, vulnera- bilities, methods of defense, risks and impacts of successful attacks then also efficacy of reactions, giving precise results using mathematical and statistical techniques. I have done literature research to provide an overview on the meaning, the effects, the problems, the applications and the overall current situation over security metrics, with particular emphasis in giving practical examples. This thesis starts with a summary of the state of the art in the field of security met- rics and application examples to outline the gaps in current literature, the difficulties found in the change of application context, to then advance research questions aimed at fostering the discussion towards the definition of a more complete and applicable view of the subject. Finally, it stresses the lack of security metrics that consider interdisciplinary aspects, giving some potential starting point to develop security metrics that cover all as- pects involved, taking the field to a new level of formal soundness and practical usability.

Report of the high-level ministerial dialogue: social security and sustainable social development in the Caribbean

Includes bibliography

Temporary disability insurance; problems in formulating a program administered by a state employment security agency. Rev. ed. 1949. [Prepared by the Division of Research and Statistics and the Bureau of Employment Security of the Social Security Administration].

"Appendix C. Selected references on temporary disability insurance program": pages 63-67.

The Social Engineering framework para el aseguramiento de PYME

El trabajo plantea un aporte al framework de ingeniería social (The Social Engineering Framework) para la evaluación del riesgo y mitigación de distintos vectores de ataque, por medio del análisis de árboles de ataque -- Adicionalmente se muestra una recopilación de estadísticas de ataques realizados a compañías de diferentes industrias relacionadas con la seguridad informática, enfocado en los ataques de ingeniería social y las consecuencias a las que se enfrentan las organizaciones -- Se acompañan las estadísticas con la descripción de ejemplos reales y sus consecuencias

Standards of good engineering practice concerning standard broadcast stations (550-1600 ke.) effective August 1, 1939 (revised to October 30, #)

Mode of access: Internet.

Food and Nutrition Security - meanings and appropriations from the civil society segment of the National Council for Food and Nutrition Security

The huge transformations that occurred in the last two decades had impacts on the standards of food production and consumption, and determined a wider discussion in Brazil about the theme of food and nutrition security. It has also expanded the scope of it, which now considers nourishing aspects regarding the entire population and not only its most vulnerable segments. This research identified different meanings present in the speech about food and nutrition security, terms incorporated by movements and civil society organizations that were represented at the National Council for Food and Nutrition Security (administration 2004-2007). Thematic appropriation could be observed in the following directions: a) privileging the interaction between thematic fields from both production and consumption spheres; b) strengthening the idea of nutrition as a human right; c) including an ethical goal to the country's development; d) development of an intra and intersectorial perspective; e) identifying the need of dialogic and freeing educational processes.

A Cloud-based Framework for Security Analysis of Browser Extensions

In today's internet world, web browsers are an integral part of our day-to-day activities. Therefore, web browser security is a serious concern for all of us. Browsers can be breached in different ways. Because of the over privileged access, extensions are responsible for many security issues. Browser vendors try to keep safe extensions in their official extension galleries. However, their security control measures are not always effective and adequate. The distribution of unsafe extensions through different social engineering techniques is also a very common practice. Therefore, before installation, users should thoroughly analyze the security of browser extensions. Extensions are not only available for desktop browsers, but many mobile browsers, for example, Firefox for Android and UC browser for Android, are also furnished with extension features. Mobile devices have various resource constraints in terms of computational capabilities, power, network bandwidth, etc. Hence, conventional extension security analysis techniques cannot be efficiently used by end users to examine mobile browser extension security issues. To overcome the inadequacies of the existing approaches, we propose CLOUBEX, a CLOUd-based security analysis framework for both desktop and mobile Browser EXtensions. This framework uses a client-server architecture model. In this framework, compute-intensive security analysis tasks are generally executed in a high-speed computing server hosted in a cloud environment. CLOUBEX is also enriched with a number of essential features, such as client-side analysis, requirements-driven analysis, high performance, and dynamic decision making. At present, the Firefox extension ecosystem is most susceptible to different security attacks. Hence, the framework is implemented for the security analysis of the Firefox desktop and Firefox for Android mobile browser extensions. A static taint analysis is used to identify malicious information flows in the Firefox extensions. In CLOUBEX, there are three analysis modes. A dynamic decision making algorithm assists us to select the best option based on some important parameters, such as the processing speed of a client device and network connection speed. Using the best analysis mode, performance and power consumption are improved significantly. In the future, this framework can be leveraged for the security analysis of other desktop and mobile browser extensions, too.

Social security disability : disappointing results from SSA's efforts to improve the disability claims process warrant immediate attention : report to the Chairman, Subcommittee on Social Security, Committee on Ways and Means, House of Representative /

"GAO-02-322."

Agreement on social security between the U.S. and Ireland.

Mode of access: Internet.

Solving social security's computer problems : comprehensive corrective action plan and better management needed : report to the Chairman, Committee on Government Operations, House of Representatives /

"B-201668"--Prelim. p.

A review of the current research and statistics program of the Social Security Administration. Supplement [to] Report of Advisory Group on the Social Security Administration research program.

Mode of access: Internet.

Analysis of social security proposals intended to help women : preliminary results /

"January 2001."