Global ETD Search

51	Access Control Administration with Adjustable Decentralization Chinaei, Amir Hossein 22 August 2007 (has links) Access control is a key function of enterprises that preserve and propagate massive data. Access control enforcement and administration are two major components of the system. On one hand, enterprises are responsible for data security; thus, consistent and reliable access control enforcement is necessary although the data may be distributed. On the other hand, data often belongs to several organizational units with various access control policies and many users; therefore, decentralized administration is needed to accommodate diverse access control needs and to avoid the central bottleneck. Yet, the required degree of decentralization varies within different organizations: some organizations may require a powerful administrator in the system; whereas, some others may prefer a self-governing setting in which no central administrator exists, but users fully manage their own data. Hence, a single system with adjustable decentralization will be useful for supporting various (de)centralized models within the spectrum of access control administration. Giving individual users the ability to delegate or grant privileges is a means of decentralizing access control administration. Revocation of arbitrary privileges is a means of retaining control over data. To provide flexible administration, the ability to delegate a specific privilege and the ability to revoke it should be held independently of each other and independently of the privilege itself. Moreover, supporting arbitrary user and data hierarchies, fine-grained access control, and protection of both data (end objects) and metadata (access control data) with a single uniform model will provide the most widely deployable access control system. Conflict resolution is a major aspect of access control administration in systems. Resolving access conflicts when deriving effective privileges from explicit ones is a challenging problem in the presence of both positive and negative privileges, sophisticated data hierarchies, and diversity of conflict resolution strategies. This thesis presents a uniform access control administration model with adjustable decentralization, to protect both data and metadata. There are several contributions in this work. First, we present a novel mechanism to constrain access control administration for each object type at object creation time, as a means of adjusting the degree of decentralization for the object when the system is configured. Second, by controlling the access control metadata with the same mechanism that controls the users’ data, privileges can be granted and revoked to the extent that these actions conform to the corporation’s access control policy. Thus, this model supports a whole spectrum of access control administration, in which each model is characterized as a network of access control states, similar to a finite state automaton. The model depends on a hierarchy of access banks of authorizations which is supported by a formal semantics. Within this framework, we also introduce the self-governance property in the context of access control, and show how the model facilitates it. In particular, using this model, we introduce a conflict-free and decentralized access control administration model in which all users are able to retain complete control over their own data while they are also able to delegate any subset of their privileges to other users or user groups. We also introduce two measures to compare any two access control models in terms of the degrees of decentralization and interpretation. Finally, as the conflict resolution component of access control models, we incorporate a unified algorithm to resolve access conflicts by simultaneously supporting several combined strategies. Access Control Administration Decentralization Authorization Data Security Enhanced Delegation and Revocation Combined Conflict Resolution Policies Health Informatics E-Commerce Enterprise Content Managment Computer Science
52	Access Control Administration with Adjustable Decentralization Chinaei, Amir Hossein 22 August 2007 (has links) Access control is a key function of enterprises that preserve and propagate massive data. Access control enforcement and administration are two major components of the system. On one hand, enterprises are responsible for data security; thus, consistent and reliable access control enforcement is necessary although the data may be distributed. On the other hand, data often belongs to several organizational units with various access control policies and many users; therefore, decentralized administration is needed to accommodate diverse access control needs and to avoid the central bottleneck. Yet, the required degree of decentralization varies within different organizations: some organizations may require a powerful administrator in the system; whereas, some others may prefer a self-governing setting in which no central administrator exists, but users fully manage their own data. Hence, a single system with adjustable decentralization will be useful for supporting various (de)centralized models within the spectrum of access control administration. Giving individual users the ability to delegate or grant privileges is a means of decentralizing access control administration. Revocation of arbitrary privileges is a means of retaining control over data. To provide flexible administration, the ability to delegate a specific privilege and the ability to revoke it should be held independently of each other and independently of the privilege itself. Moreover, supporting arbitrary user and data hierarchies, fine-grained access control, and protection of both data (end objects) and metadata (access control data) with a single uniform model will provide the most widely deployable access control system. Conflict resolution is a major aspect of access control administration in systems. Resolving access conflicts when deriving effective privileges from explicit ones is a challenging problem in the presence of both positive and negative privileges, sophisticated data hierarchies, and diversity of conflict resolution strategies. This thesis presents a uniform access control administration model with adjustable decentralization, to protect both data and metadata. There are several contributions in this work. First, we present a novel mechanism to constrain access control administration for each object type at object creation time, as a means of adjusting the degree of decentralization for the object when the system is configured. Second, by controlling the access control metadata with the same mechanism that controls the users’ data, privileges can be granted and revoked to the extent that these actions conform to the corporation’s access control policy. Thus, this model supports a whole spectrum of access control administration, in which each model is characterized as a network of access control states, similar to a finite state automaton. The model depends on a hierarchy of access banks of authorizations which is supported by a formal semantics. Within this framework, we also introduce the self-governance property in the context of access control, and show how the model facilitates it. In particular, using this model, we introduce a conflict-free and decentralized access control administration model in which all users are able to retain complete control over their own data while they are also able to delegate any subset of their privileges to other users or user groups. We also introduce two measures to compare any two access control models in terms of the degrees of decentralization and interpretation. Finally, as the conflict resolution component of access control models, we incorporate a unified algorithm to resolve access conflicts by simultaneously supporting several combined strategies. Access Control Administration Decentralization Authorization Data Security Enhanced Delegation and Revocation Combined Conflict Resolution Policies Health Informatics E-Commerce Enterprise Content Managment Computer Science
53	Certificate revocation list distribution in vehicular ad hoc networks Nowatkowski, Michael E. 05 April 2010 (has links) The objective of this research is to investigate improved methods for distributing certificate revocation lists (CRLs) in vehicular ad hoc networks (VANETs). VANETs are a subset of mobile ad hoc networks composed of network-equipped vehicles and infrastructure points, which will allow vehicles to communicate with other vehicles and with roadside infrastructure points. While sharing some of the same limitations of mobile ad hoc networks, such as lack of infrastructure and limited communications range, VANETs have several dissimilarities that make them a much different research area. The main differences include the size of the network, the speed of the vehicles, and the network security concerns. Confidentiality, authenticity, integrity, and availability are some of the standard goals of network security. While confidentiality and authenticity at times seem in opposition to each other, VANET researchers have developed many methods for enhancing confidentiality while at the same time providing authenticity. The method agreed upon for confidentiality and authenticity by most researchers and the IEEE 1609 working group is a public key infrastructure (PKI) system. An important part of any PKI system is the revocation of certificates. The revocation process, as well as the distribution of revocation information, is an open research problem for VANETs. This research develops new methods of CRL distribution and compares them to existing methods proposed by other researchers. The new methods show improved performance in various vehicle traffic densities. Network security Vehicular ad hoc network Simulation IEEE 1609 Certificate revocation list ns-3 Computer networks Security measures
54	Non-institutionalized political organizations and the Rule of Law in post-Fujimori’s Peru: a research proposal / Organizaciones políticas no institucionalizadas y Estado de Derecho en el Perú post-Fujimori: Una propuesta para la investigación Cameron, Maxwell A., Sosa Villagarcia, Paolo 25 September 2017 (has links) Political science literature has focused itself mostly on the «pro-democracy» role of political parties, identifying them as essential instruments for representation. We agree, but we believe this is not the only aspect to focus on. Democratic parties do not only achieve power through regular elections, but they also aspire to rule within a democratic regime. In that sense, the functioning of political parties can be analyzed not only in terms of their contribution to electoral competition. In order to fulfill their democratic functions, parties need a strong constitutional order that allows them to provide two goods: the achievement of power through legalways and good governance within the Rule of Law. / Por lo general, la literatura sobre los partidos políticos en ciencia política se ha centrado en su rol «pro-democrático», identificándolos como instrumentos esenciales para la representación. Estamos de acuerdo, pero insistimos en matizar el tema dado lo siguiente: Los partidos democráticos no solo conquistan el poder mediante elecciones regulares, sino que también aspiran a gobernar dentro de un régimen democrático. Por tanto, el funcionamiento de los partidos polí- ticos puede ser analizado no solamente en términos de su aporte a la competencia electoral. Para cumplir sus funciones democráticas, los partidos necesitan un orden constitucional fuerte que les permita proveer dos bienes: la conquista legal del poder y el buen gobierno dentro del Estado de derecho. En el presente documento proponemos esta agenda de investigación y revisamos sus componentes a la luz del caso peruano post-Fujimori y las organizaciones políticas dentro de la dinámica de gobierno. Politics Democracy Political Parties Party Systems Constitutional Order Institutions Revocation Autonomous Organisms Congress Democracia Partidos Políticos Sistema De Partidos Orden Constitucional Instituciones Revocatoria Organismos Autónomos Congreso
55	Ato administrativo invalido e a restauração da legalidade / Invalid administrative act and the restoration of legality Marcia Cristina Nogueira Ciampaglia 28 May 2014 (has links) O objetivo da presente dissertação é demonstrar quais são as formas em que a legalidade pode ser restaurada, diante de um ato administrativo inválido, bem como quais os critérios e interesses a serem considerados na opção por uma destas formas. Para tanto, iniciamos pelo estudo do ato administrativo, seus elementos e requisitos de validade. Em seguida, passamos ao estudo do ato administrativo inválido e os diferentes graus de invalidade dependendo do elemento do ato atingido pelo vício. Na sequencia, analisamos os dois princípios que são fundamentais para nortear o administrador na escolha do melhor meio de restaurar a legalidade: o princípio da legalidade e o da segurança jurídica. A partir daí, elencamos as formas de restauração da legalidade por meio da manutenção dos efeitos do ato administrativo inválido (convalidação e suas espécies) e da retirada do ato e extinção dos seus efeitos (revogação e anulação). Ainda sob a ótica da restauração de legalidade, analisamos os institutos da prescrição e decadência, uma vez que estes constituem limites à invalidação. Por fim, demonstramos a imprescindibilidade da instauração do processo administrativo para restauração da legalidade, que em tese pode lesar direitos e interesses de terceiros. / The objective of this dissertation is to demonstrate what are the ways in which legality can be restored before an invalid administrative act, as well as the criteria and interests to be considered in the choice of one of these forms. To this end, we initiated the study of the administrative act, its elements and requirements of validity . Then we move to the study of invalid administrative act and the different degrees depending on the element of invalidity of the act reached by addiction. In the sequel, we analyze the two fundamental principles that are to guide the administrator to choose the best way to restore legality: the principle of legality and legal certainty. From there, we list the forms of restoration of legality by the maintenance of the effects of invalid administrative act (convalidation and its species) and the withdrawal of the act and termination of its effects (revocation and annulment). Yet from the perspective of restoring legality, we analyze the institutes of prescription and decadence, since these are limits to invalidation. Finally, we demonstrate the indispensability of initiation of the administrative procedure for restoration of legality, which in theory would harm the rights and interests of third parties. Administração pública Alimentos transgênicos Atos administrativos Princípio da legalidade Revogação do ato administrativo Administrative act Annulment Convalidation Decadence Legal Legal certainty Prescription Revocation
56	Recall - a revogação do mandato político pelos eleitores: uma proposta para o sistema jurídico brasileiro / Recall: the revocation of the public mandate by electors: a proposal to the Brazilian legal system Caio Marcio de Brito Avila 20 May 2009 (has links) Trata a presente tese de estudo acerca do instituto denominado recall, existente nos Estados Unidos da América do Norte, que constitui mecanismo que permite a destituição de autoridades públicas e a revogação de decisões judiciais, por meio de decisão popular. O ineditismo da tese decorre do aprofundamento que se fez sobre o tema, bem como da análise minuciosa sobre as condições de aplicação desse instituto no Brasil. Para compreensão integral do objeto em análise, inicialmente, buscou-se compreender o fenômeno da representação política, não só sob o aspecto jurídico-formal como também pelo aspecto histórico, político e social. As teorias acerca da representação política são abordadas dentro de uma perspectiva evolutiva, histórica, desde os seus traços primitivos nas sociedades antigas, passando pelas instruções e mandato imperativo do período medieval, até as concepções de Hobbes, Locke, Burke e Siéyès, não deixando de lado as posições mais modernas e os dilemas existentes sobre o tema. Busca-se também a essência desse mecanismo denominado recall. Para tanto, torna-se obrigatória a passagem pelas suas origens e pela sua configuração jurídica, que se encontra relacionada com o princípio federativo, os sistemas eleitorais, sua caracterização como direito político, instituto de democracia participativa e semidireta, bem como seu caráter sancionador e como forma de expressão da oposição política. Faz-se, além disso, uma análise comparativa do recall no direito contemporâneo. Inicialmente focando o instituto nos Estados Unidos da América do Norte, pelo âmbito de aplicação do instituto na Federação norte-americana, as hipóteses e procedimentos de cada Estado-membro (onde se permite o instituto) e os resultados gerais de sua aplicação. Analisar-se-á, outrossim, institutos semelhantes ao recall existentes em outros sistemas jurídicos. Ao final, será tratada a questão relacionada ao recall e o sistema jurídico brasileiro, apresentando-se a história da revogação do mandato político no país, o panorama jurídico pelo aspecto federativo e dos sistemas eleitorais, bem como as condições para viabilizar a aplicação do instituto no Brasil. Tudo isso, para se demonstrar que o recall deve ser um mecanismo democrático a ser utilizado por eleitores responsáveis contra eleitos irresponsáveis. / This dissertation focuses on the mechanism referred to as recall, which exists in the United States of America, and is a mechanism that provides for the removal of public officials and the repeal of judicial decisions by means of public opinion. The originality of this dissertation arises out of the further understanding of the subject, as well as of the thorough analysis of the conditions under which such mechanism could be applied in Brazil. In order to fully understand the analyzed object, it was first necessary to understand the phenomenon of political representation, not only from the formal-legal aspect, but also from the historical, political and social perspectives. The theories on political representation are approached from a historical-developing standpoint, from its primitive traces in ancient societies, to the medieval instruments and imperative mandate, to the ideas of Hobbes, Locke, Burke and Siéyès, in addition to the more modern schools of thought and existing dilemmas on the subject-matter. The dissertation also focuses on the essence of the recall mechanism. In order to do so, it was necessary to examine its origins and its legal configuration, which has to do with the federative principle, the electoral systems, its characterization as public law, participatory and semi-direct democracy, as well as its sanctioning ability and political opposition form of expression. Furthermore, the comparative analysis of recall in contemporary law is also carried out. The assessment is initially focused on the mechanism in the United States of America, as per its application in the North American Federation, the hypotheses and procedures of each Member-State (in which the mechanism is provided for) and the general results of its application. Moreover, similar mechanisms available in other legal systems are also analyzed. Finally, the issue of the recall mechanism and the Brazilian legal system is assessed, through the history of the repeal of political mandates in the country, its legal framework on the federative aspect and the electoral systems, as well as the conditions necessary in order to render the application of the recall mechanism in Brazil feasible. The objective is to demonstrate that the recall mechanism should be a democratic mechanism to be used by responsible voters against irresponsible elected officials. Democracia Direitos políticos Mandato eletivo Participação política Representação política Revogação Citizen participation Direct democracy Mandate Participatory democracy Political control device Political representation Political right Public mandate Recall Revocation
57	La motivation aux interventions et programmes correctionnels chez les détenus canadiens des pénitenciers fédéraux Dufour, Sophie-Anne 06 1900 (has links) No description available. Motivation Détenus / Délinquants Inmates / Offenders Prison / Pénitencier Prison / Penitentiary Interventions Programmes correctionnels Correctional programs Évolution Complétion Révocation / Récidive Revocation / Recidivism Réhabilitation Prédiction
58	Public certificate management : An analysis of policies and practices used by CAs / Offentlig certifikathantering : En analys av policys och praxis som används av CAs Bergström, Anna, Berghäll, Emily January 2021 (has links) Certificate Authorities (CAs) carry a huge responsibility in today's internet security landscape as they issue certificates that establish secure end-to-end connections. This thesis conducts a policy review and survey of CAs' Certificate Policies and Certificate Practice Statements to find similarities and differences that could lead to possible vulnerabilities. Based on this, the thesis then presents a taxonomy-based analysis as well as comparisons of the top CAs to the Baseline Requirements. The main areas of the policies that were focused on are the issuance, revocation and expiration practices of the top 30 CAs as determined by the use of Tranco's list. We also determine the top CA groups, meaning the CAs whose policies are being used by the most other CAs as well as including a top 100 CAs list. The study suggests that the most popular CAs hold such a position because of two main reasons: they are easy to acquire and/or because they are connected to several other CAs. The results suggest that some of the biggest vulnerabilities in the policies are what the CAs do not mention in any section as it puts the CA at risk for vulnerabilities. The results also suggest that the most dangerous attacks are social engineering attacks, as some of the stipulations for issuance and revocations make it possible to pretend to be the entity of subscribes to the certificate rather than a malicious one. Certificate Issuance Revocation Expiration Certificate Authority Certificate Policy Certificate Practice Statement Certificate Management Policy review Social engineering CA/Browser forum Baseline Requirements Computer Sciences Datavetenskap (datalogi)
59	Förvaltningsrättens resonemang kring barns behov av fortsatt vård enligt LVU : En kvalitativ dokumentstudie av förvaltningsrättens domar / The Administrative Court’s reasoning regarding children’s need for continued care according to the Swedish Care of Young Persons (Special Provisions) Act Eriksson, Emelie, Svensson, Lina January 2022 (has links) Syftet med studien var att undersöka hur förvaltningsrätten resonerar kring barns behov när bedömning görs att vården enligt 21 § LVU (SFS 1990:52) inte kan upphöra. Studiens teoretiska ramverk bestod av socialekologisk systemteori, och barns behov användes som ett analytiskt verktyg. Studiens design var en kvalitativ dokumentstudie med abduktiv ansats. Materialet bestod av tjugotre domar från en förvaltningsrätt i Mellansverige som berörde prövning av möjlighet till upphörande av vård enligt LVU. Data har analyserats med hjälp av en kvalitativ innehållsanalys och resultatet visar sju subkategorier insorterade under följande huvudkategorier; ”barnets utveckling”, ”familj och miljö” samt ”föräldrarnas förmåga”. Studien visar att förvaltningsrätten resonerar kring barns behov utifrån att barnets utveckling kan påverkas negativt av föräldrarnas oförmåga att tillgodose barnets behov, samt utifrån att det inte skett tillräckliga förändringar i barnets miljö. / The purpose of the study was to examine the administrative court’s reasoning regarding children’s needs when care under 21 § the Swedish Care of Young Persons (Special Provisions) Act (SFS 1990: 52) is not revoked. Social Ecological systems theory constituted the theoretical framework while children’s needs was used as an analytical tool. The design was a qualitative document study with an abductive approach. Twentythree court orders were analyzed with a qualitative content analysis and the results show seven subcategories sorted under the following three main categories; "The child’s development", "family and environment" and "parent’s ability". The study shows that the court's reasons are based on the fact that the child’s development can be negatively affected by parent’s inability to meet the child’s needs and that there have not been sufficient changes in the child’s environment. children’s needs resource revocation of care Administrative Court barns behov resurs upphörande av vård förvaltningsrätten LVU Social Work Socialt arbete
60	A mixed method research study on parole violations in South Africa Louw, Francois Christiaan Marthinus 15 July 2014 (has links) The researcher conducted a mixed method research study on parole violations from a South African perspective. In South Africa, there is limited research regarding the causes of parole violations. Thus, the study is mainly descriptive, but also exploratory in nature and considered a first of its kind. The study aimed to explore parole violation as a phenomenon through the perceptions, opinions, attitudes and incident recall of re-incarcerated parolees. Furthermore, the study aimed to describe the causes for parolees to fail on parole. A two-phase sequential mixed methods research design was used that involved the collection and analysis of primarily quantitative data from self-administered questionnaires. These questionnaires were complemented by a qualitative data collection phase consisting of focus group interviews. A representative sample (n=111) chosen according to the various ethnic groups was drawn from a population of 1 111 adult male parole violators in the Gauteng region (aligned to the regional divisions used by the Department of Correctional Services and not to the provincial borders) for the quantitative phase. Non-probability sampling was used to select 22 participants who volunteered for the second, qualitative phase of the study (focus group interviews). Descriptive statistical analysis was used to analyse the data collected from the questionnaires. The data was analysed by means of frequencies (frequency tables and graphs) to describe one variable and cross tabulations (contingency tables) to show bivariate quantitative data. All the focus group interviews were recorded and transcribed verbatim for analysis. The transcripts provided a complete record of the discussions and helped to facilitate the analysis of the data according to identified, recurring themes. On release, many stigmatised and rejected parolees face widespread post-release challenges that prevent successful reintegration. The study revealed that poor pre-release planning and post-release support, a lack of education, unemployment, substance abuse, and a loss of family support are described as the main causes of parole violations. The recommendations from the research findings showed the importance of pre-release planning, risk assessment, employment, education, treatment for drug and alcohol abuse, community partnerships, family involvement, and graduated responses to parole violations that are fair, consistent, and legal. / Penology / D.Lit. et Phil. (Penology) Community corrections Correctional centre Monitoring Offender Parole Parolee Recidivism Rehabilitation Reintegration Release Re-offending Revocation Supervision Violation 364.620968 Parole -- South Africa Parole revocation -- South Africa Recidivism -- South Africa

Search results