Conflict resolution planning relevant to decision support systems for future air traffic management

Iordanova, B. N.

January 2000

No description available.

629.1325

Policy; Conflict resolution

Conflict over public land management : Oregon's Elk River dispute /

Tressler, Karen D.

January 1991

Thesis (M.S.)--Oregon State University, 1992. / Typescript (photocopy). Includes bibliographical references (leaves 112-118). Also available online.

Policy Conflict Management in Distributed SDN Environments

January 2017

abstract: The ease of programmability in Software-Defined Networking (SDN) makes it a great platform for implementation of various initiatives that involve application deployment, dynamic topology changes, and decentralized network management in a multi-tenant data center environment. However, implementing security solutions in such an environment is fraught with policy conflicts and consistency issues with the hardness of this problem being affected by the distribution scheme for the SDN controllers. In this dissertation, a formalism for flow rule conflicts in SDN environments is introduced. This formalism is realized in Brew, a security policy analysis framework implemented on an OpenDaylight SDN controller. Brew has comprehensive conflict detection and resolution modules to ensure that no two flow rules in a distributed SDN-based cloud environment have conflicts at any layer; thereby assuring consistent conflict-free security policy implementation and preventing information leakage. Techniques for global prioritization of flow rules in a decentralized environment are presented, using which all SDN flow rule conflicts are recognized and classified. Strategies for unassisted resolution of these conflicts are also detailed. Alternately, if administrator input is desired to resolve conflicts, a novel visualization scheme is implemented to help the administrators view the conflicts in an aesthetic manner. The correctness, feasibility and scalability of the Brew proof-of-concept prototype is demonstrated. Flow rule conflict avoidance using a buddy address space management technique is studied as an alternate to conflict detection and resolution in highly dynamic cloud systems attempting to implement an SDN-based Moving Target Defense (MTD) countermeasures. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2017

Computer science

Intellectual property

Distributed Environments

Network Security

Policy Conflict

SDN

Medical Marijuana Policy Conflicts within the District of Columbia Private Workplace

Kennedy, Robert B

01 January 2019

The District of Colombia poses a unique challenge to private employers because the passage of a local medical marijuana policy was instituted in a federalized district that is obligated to abide by federal Schedule 1 narcotic laws. Using punctuated equilibrium as the theoretical foundation, the purpose of this case study was to understand how managers maintain compliance and address the conflict between different levels of government. Data were collected from interviews with 8 private industry hiring personnel who operate within the District of Columbia. These interviews were transcribed, inductively coded using a 2 cycle coding procedure, and then subjected to a thematic analysis procedure. Two primary themes emerged; cognizance of the policy, and fear and safety concerns related to enforcement. In the case of the theme of cognizance, punctuated equilibrium was confirmed in that unbalanced policy development had negative or positive interpretations that created a significant subsystem effect. The second theme of “fear” is also explained through punctuated equilibrium as marijuana legalization is perceived as an emotional policy issue in the establishment of new policy. Implications for positive social change stems from recommendations to policy makers to clarify remaining ambiguity about the requirements associated with the juxtaposition of federal and local policy and law. Reconciling the differences between policies may improve the capacity for hiring authorities to better understand and practice effective talent recruitment while at the same time be attentive to the social needs in the District of Columbia related to workplace medical marijuana policies.

District of Columbia

Federal

Medical Marijuana

Policy Conflict

Punctuated Equilibrium

Workplace

Business

Public Policy

Policy conflicts among local government officials: How does officials' engagement with regional governance relate to their position divergence on sustainability policy?

Talukdar, Shahidur Rashid

18 August 2023

Policy conflict plays an important role in shaping public policy—both as a process and as a product. The policy conflict framework—a theoretical framework, developed by Christopher Weible and Tanya Heikkila in 2017—considers position divergence among policymakers a key characteristic of policy conflict, which can be affected several factors including organizational and network affiliation of policymakers. This dissertation analyzes position divergence among local and regional officials over community sustainability policy, with a focus on affordable housing, which is a major concern of community sustainability. This research examines if, and how, local government officials' engagement with regional governance can play a role in shaping their policy positions. Understanding what influences officials' policy positions is essential in managing conflicts that arise in the making of sustainability policies in general and affordable housing policies, in particular. This study argues that local government officials' engagement with regional governance can lower policy position divergence among them by influencing their policy core beliefs and policy relevant knowledge. This analysis includes testing several hypotheses using data from a state-wide survey of local and regional policymakers. Employing cross-tabulation, multivariate regression, and ordered logit analysis, this study finds that (a) policymakers share a wide range of policy positions on community sustainability policies and (b) for local government officials engaged with regional governance, position divergence on community sustainability is lower than that among those who are not engaged with regional governance. Although position divergence on affordable housing among those engaged with regional governance is generally lower than those who are not engaged with regional governance, this finding is not robust. In some regions and localities, the relationship between position divergence and engagement with regional governance does not hold. Furthermore, this study finds that local government officials' engagement with regional governance is associated with higher levels of policy relevant knowledge, which can influence the policymakers' policy positions. The relationship, if any, between policymakers' core beliefs and their engagement with regional governance is weak and statistically insignificant. This cross-sectional analysis based on limited data suggests that local government officials' policy core beliefs are not related to their engagement with regional governance. However, future studies with better data may yield different results. / Doctor of Philosophy / Policy conflicts can impede the policymaking process; they usually influence and shape policy goals. Metropolitan governance is rife with policy conflicts. Especially in substantive policy areas such as community sustainability and affordable housing, policy conflicts are quite common. Policy conflicts emerge because of policy actors' divergent views, beliefs, priorities, preferences, and aspirations. To ensure a smoother policymaking process, mechanisms to handle conflicts are imperative. Regional governance can offer one such mechanism to handle policy conflicts that arise due to divergent policy positions of local government officials. This dissertation examines policy conflicts focusing on community sustainability policies. Analyzing survey data from Maryland, this study finds that (a) local government officials share a wide range of policy positions on community sustainability policies, (b) local government officials engaged with regional governance take policy positions that are more homogeneous compared to those who are not engaged with regional governance, and (c) officials engaged regional governance tend to have better policy relevant knowledge than others.

Policy process

policy conflict

position divergence

regional governance

sustainability

affordable housing

local governments

Maryland

Enhancing privacy protection in social network systems through decentralization and policy conflict management / Amélioration de la protection de la vie privée dans les systèmes de réseaux sociaux par la décentralisation et la gestion des conflits de politiques

Paiva Melo Marin, Regina

07 September 2015

Le partage d'informations dans les systèmes de réseaux sociaux (SRS) suscite des inquiétudes concernant de possibles abus impactant la vie privée. La possibilité pour les utilisateurs de contrôler les informations qu'ils partagent avec le fournisseur de SRS et avec les autres utilisateurs peut être améliorée par la décentralisation des données personnelles et par une gestion appropriée des conflits entre politiques. Prenant son inspiration dans l'approche de décentralisation, la première contribution de cette thèse est la proposition de propriétés relevant de la conception du SRS et impactant la vie privée lorsqu'elles sont considérées par rapport à une gradation de la décentralisation. Ces propriétés ont été organises dans une grille d'analyse multicritères conçue pour analyser et comparer les SRS. L'application de la théorie des treillis à cette grille permet d'évaluer, de classifier et de visualiser différents SRS dans une hiérarchie partielle. Alors que la décentralisation résoudre des problèmes impliquant le fournisseur de SRS, les politiques de vie privée jouent un rôle majeur dans la protection contre les accès non autorisés par d'autres utilisateurs. La seconde contribution de cette thèse consiste en l'introduction du concept d'équité dans le contexte de la gestion des conflits entre politiques. Un algorithme conçu pour maintenir l'équité entre les utilisateurs de SRS est introduit pour résoudre les conflits pouvant survenir entre les politiques de plusieurs utilisateurs, évitant que certains puissent gagner un avantage sur d'autres. L'évaluation montre que l'approche introduite dans cette thèse conduit à de meilleurs résultats que les stratégies classiques de résolution de conflits, réduisant ainsi les iniquités existantes en termes d'application des politiques. / In Social Network Systems (SNSs), the sharing of information leads to many privacy concerns about potential abuses of personal information. Users’ control over information shared with the SNS provider and with other users could be improved in SNSs through the decentralization of personal data, and the proper management of policy conflicts. Inspired by the decentralization approach, the firrst contribution of this thesis is the proposal of SNS design properties relevant to privacy when considered along a gradation of decentralization. These properties are organized in a multi-criteria analysis grid, designed to analyze and compare SNSs. The application of a lattice structure on this grid allows to evaluate, classify and visualize different SNSs within a partial hierarchy. While decentralization solves issues involving the SNS provider, privacy policies play a leading role in the protection of unauthorized data access from other users. The second contribution of this thesis consists in the introduction of the concept of equity in the context of policy conflict management. An algorithm to maintain equity between users in SNSs is introduced to solve conflicts that may arise between the privacy policies of several users, avoiding that some users take advantage over others. The evaluation shows that the equity approach introduced in this thesis leads to better results than classical conflict resolution strategies, reducing existing inequities in terms of policy enforcement.

Protection de la Vie Privée

Réseaux Sociaux

Décentralisation

Conflits de Politiques

Privacy Protection

Social Network Systems

Decentralization

Policy Conflict

378.242

A mediação como mecanismo de pacificação urbana

Isoldi, Ana Luiza Godoy

12 May 2008

Made available in DSpace on 2016-04-26T20:27:14Z (GMT). No. of bitstreams: 1 Ana Luiza Godoy Isoldi.pdf: 623359 bytes, checksum: ceb4b0757ce471daea2a9047c48dcea6 (MD5) Previous issue date: 2008-05-12 / This study aims to identify adequate resolution mechanisms for conflicts in the urban environment, especially those regarding urbanistic policies, for the purpose of concretizing the diffuse interests, collective or individual, public or private, in an ampler, more effective and efficient way, within the context of a Democratic Constitutional State, which requires public participation in city administration. The analysis iniciates with the new trends in Urbanistic Law and Legislation, which include a consensual public administration, describes several means to settle disputes either by agreement or by stipulation, with their respective mechanisms, that integrate the conflict resolution system, especially in what regards mediation and, finally, analizes social community mediation as a tool for urban pacification, as well as the possibilities of urbanistic mediation, mainly when it is applied simultaneously with the urbanistic instruments. The research method was reading of the bibliographic repertoire about the subject in the field of Legal Science, with contributions from other disciplines as well. The results led to the accomplishment of the intended objectives, especially by the identification of an adequate route for the resolution of urbanistic disputes, markedly in the context of judicial case administration / Este trabalho tem como objetivo identificar mecanismos adequados para a solução de conflitos no cenário urbano, especialmente os conflitos urbanísticos, com o fim de concretizar os interesses difusos, coletivos e individuais, públicos e privados, de modo mais amplo, eficiente e efetivo, no contexto do Estado Democrático de Direito, que exige a participação popular na gestão da cidade. O estudo parte das novas tendências do Direito Urbanístico, o que inclui a Administração Pública consensual, discorre sobre os modos autocompositivos e heterocompositivos, e respectivos mecanismos, que integram o sistema de solução de conflitos, especialmente sobre a mediação e, por fim, analisa a mediação social comunitária como mecanismo de pacificação urbana, bem com as possibilidades acerca da mediação urbanística, principalmente quando aplicada junto aos instrumentos urbanísticos. O método de pesquisa foi a leitura do repertório bibliográfico sobre o tema no âmbito da Ciência do Direito, com aportes de outras disciplinas. Os resultados levaram ao cumprimento de seu objetivo, especialmente ao identificar uma via adequada para a solução de conflitos urbanísticos, notadamente no contexto do gerenciamento de causas judiciais

Conflito urbano

Direito urbanistico -- Brasil

Mediacao

Administracao de conflitos

Urbanistic law

Urbanistic policy conflict

Urbanistic mediation

Coherence in distributed packet filters

Penz, Leandro Lisboa

January 2008

Redes de computadores estão sob constante ameaça, ainda mais quando conectadas à Internet. Para reduzir o risco, dispositivos de segurança como o filtro de pacotes são usados. Uma primeira camada de segurança, o filtro de pacotes é responsável pelo bloqueio do tráfego indesejado em posições chave da rede. Os pacotes que devem ser permitidos ou bloqueados pelo filtro são definidos através de um conjunto de regras programadas pelo administrador da rede. Essas regras tem duas partes: a seleção e a ação. Conforme cresce a rede e o número de serviços, a quantidade de regras tende a aumentar. Passado certo limite, a complexidade de manter uma quantidade grande de regras se torna um fardo para o administrador. Isso aumenta a probabilidade de enganos que podem prejudicar a segurança da rede. Este trabalho desenvolve o conceito de “anomalia”, cada qual representa um problema em potencial, uma contradição ou uma regra supérflua dentro do conjunto de regras; ou seja, cada anomalia alerta o administrador da rede para determinada situação. Há 7 tipos de anomalias, que podem ser divididos em dois grupos: anomalias de filtro único e anomalias em rede. As anomalias de filtro único alertam o administrador sobre regras que se contradizem (“bloqueio”) ou que não possuem efeito no filtro (“invisibilidade” e “redundância”). As anomalias em rede, por sua vez, alertam o administrador sobre filtros que se contradizem (“discordância”), filtros que bloqueiam tráfego desejado (“bloqueio”), regras que não se aplicam a nenhum pacote que passe pelo filtro onde estão (“irrelevância”) e roteadores que permitem a passagem de tráfego indesejado (“vazamento”). Cada um desses tipos de anomalia é definido formalmente e apresentado junto com um algoritmo que a encontra. As anomalias e seus algoritmos foram usados para implementar uma ferramenta, o Packet Filter Checker (PFC), que lê as regras e a descrição da topologia da rede e cria um relatório com todas as anomalias presentes. Este trabalho apresenta um caso de uso fictício que é analisado e corrigido com base nos resultados apresentados pela ferramenta. O caso de uso é apresentado em diversas iterações, cada uma representando alterações nos requisitos da rede. Este caso mostra a ferramenta e os conceitos no contexto-alvo: na ajuda ao administrador da rede. / Computer networks are under constant threat, even more when connected to the Internet. To decrease the risk of invasions and downtime, security devices such as the packet filter are deployed. As a first layer of security, the packet filter is responsible for blocking out unwanted traffic at key network locations. The packets dropped or forwarded by the filter are defined by a set of rules programmed by the network administrator. These rules are in the form of guarded commands, each with a condition and a decision section. As the number of services and networks grow, the number of rules tend to grow as well. Beyond a certain threshold, the complexity of maintaining such a large and distributed set of rules becomes a burden for the network administrator. Mistakes can be easily made, compromising security. This work develops the concept of “anomaly”, each representing a potential problem, a contradiction or a superfluous rule in the rule set; i.e. a warning to the system administrator. There are 7 types of anomalies divided in two groups: single filter anomalies and networked anomalies. The single-filter anomalies warns the administrator about rules that contradict one another (the “conflict” anomaly) or have no effect (“invisibility” and “redundancy”) in the analysed filter. The networked anomalies, on the other hand, analyse the filters in the context of the network topology and warn the administrator about filters that contradict one another (“disagreement”), filters that block desired traffic (“blocking”), rules that have no effect on the given network topology (“irrelevancy”) and routers that are enabling unwanted traffic (“leaking”). Each type of anomaly is formally defined along with its algorithm. The developed concepts were used to implement a tool — the Packet Filter Checker (PFC) — that reads a description of the rules and network topology in a simple custom language and reports all anomalies present. This tool is used to analyse and fix a fictional user case in several iterations of changing requirements. This shows the tool and the anomalies in the target context: where they help the network administrator.

Redes : Comunicacao : Dados

Seguranca : Redes : Computadores

Filtros : Pacotes

Packet filter

Firewall

Security policy

Policy conflict

Rule coherence

Coherence in distributed packet filters

Penz, Leandro Lisboa

January 2008

Redes de computadores estão sob constante ameaça, ainda mais quando conectadas à Internet. Para reduzir o risco, dispositivos de segurança como o filtro de pacotes são usados. Uma primeira camada de segurança, o filtro de pacotes é responsável pelo bloqueio do tráfego indesejado em posições chave da rede. Os pacotes que devem ser permitidos ou bloqueados pelo filtro são definidos através de um conjunto de regras programadas pelo administrador da rede. Essas regras tem duas partes: a seleção e a ação. Conforme cresce a rede e o número de serviços, a quantidade de regras tende a aumentar. Passado certo limite, a complexidade de manter uma quantidade grande de regras se torna um fardo para o administrador. Isso aumenta a probabilidade de enganos que podem prejudicar a segurança da rede. Este trabalho desenvolve o conceito de “anomalia”, cada qual representa um problema em potencial, uma contradição ou uma regra supérflua dentro do conjunto de regras; ou seja, cada anomalia alerta o administrador da rede para determinada situação. Há 7 tipos de anomalias, que podem ser divididos em dois grupos: anomalias de filtro único e anomalias em rede. As anomalias de filtro único alertam o administrador sobre regras que se contradizem (“bloqueio”) ou que não possuem efeito no filtro (“invisibilidade” e “redundância”). As anomalias em rede, por sua vez, alertam o administrador sobre filtros que se contradizem (“discordância”), filtros que bloqueiam tráfego desejado (“bloqueio”), regras que não se aplicam a nenhum pacote que passe pelo filtro onde estão (“irrelevância”) e roteadores que permitem a passagem de tráfego indesejado (“vazamento”). Cada um desses tipos de anomalia é definido formalmente e apresentado junto com um algoritmo que a encontra. As anomalias e seus algoritmos foram usados para implementar uma ferramenta, o Packet Filter Checker (PFC), que lê as regras e a descrição da topologia da rede e cria um relatório com todas as anomalias presentes. Este trabalho apresenta um caso de uso fictício que é analisado e corrigido com base nos resultados apresentados pela ferramenta. O caso de uso é apresentado em diversas iterações, cada uma representando alterações nos requisitos da rede. Este caso mostra a ferramenta e os conceitos no contexto-alvo: na ajuda ao administrador da rede. / Computer networks are under constant threat, even more when connected to the Internet. To decrease the risk of invasions and downtime, security devices such as the packet filter are deployed. As a first layer of security, the packet filter is responsible for blocking out unwanted traffic at key network locations. The packets dropped or forwarded by the filter are defined by a set of rules programmed by the network administrator. These rules are in the form of guarded commands, each with a condition and a decision section. As the number of services and networks grow, the number of rules tend to grow as well. Beyond a certain threshold, the complexity of maintaining such a large and distributed set of rules becomes a burden for the network administrator. Mistakes can be easily made, compromising security. This work develops the concept of “anomaly”, each representing a potential problem, a contradiction or a superfluous rule in the rule set; i.e. a warning to the system administrator. There are 7 types of anomalies divided in two groups: single filter anomalies and networked anomalies. The single-filter anomalies warns the administrator about rules that contradict one another (the “conflict” anomaly) or have no effect (“invisibility” and “redundancy”) in the analysed filter. The networked anomalies, on the other hand, analyse the filters in the context of the network topology and warn the administrator about filters that contradict one another (“disagreement”), filters that block desired traffic (“blocking”), rules that have no effect on the given network topology (“irrelevancy”) and routers that are enabling unwanted traffic (“leaking”). Each type of anomaly is formally defined along with its algorithm. The developed concepts were used to implement a tool — the Packet Filter Checker (PFC) — that reads a description of the rules and network topology in a simple custom language and reports all anomalies present. This tool is used to analyse and fix a fictional user case in several iterations of changing requirements. This shows the tool and the anomalies in the target context: where they help the network administrator.

Redes : Comunicacao : Dados

Seguranca : Redes : Computadores

Filtros : Pacotes

Packet filter

Firewall

Security policy

Policy conflict

Rule coherence

Coherence in distributed packet filters

Penz, Leandro Lisboa

January 2008

Redes de computadores estão sob constante ameaça, ainda mais quando conectadas à Internet. Para reduzir o risco, dispositivos de segurança como o filtro de pacotes são usados. Uma primeira camada de segurança, o filtro de pacotes é responsável pelo bloqueio do tráfego indesejado em posições chave da rede. Os pacotes que devem ser permitidos ou bloqueados pelo filtro são definidos através de um conjunto de regras programadas pelo administrador da rede. Essas regras tem duas partes: a seleção e a ação. Conforme cresce a rede e o número de serviços, a quantidade de regras tende a aumentar. Passado certo limite, a complexidade de manter uma quantidade grande de regras se torna um fardo para o administrador. Isso aumenta a probabilidade de enganos que podem prejudicar a segurança da rede. Este trabalho desenvolve o conceito de “anomalia”, cada qual representa um problema em potencial, uma contradição ou uma regra supérflua dentro do conjunto de regras; ou seja, cada anomalia alerta o administrador da rede para determinada situação. Há 7 tipos de anomalias, que podem ser divididos em dois grupos: anomalias de filtro único e anomalias em rede. As anomalias de filtro único alertam o administrador sobre regras que se contradizem (“bloqueio”) ou que não possuem efeito no filtro (“invisibilidade” e “redundância”). As anomalias em rede, por sua vez, alertam o administrador sobre filtros que se contradizem (“discordância”), filtros que bloqueiam tráfego desejado (“bloqueio”), regras que não se aplicam a nenhum pacote que passe pelo filtro onde estão (“irrelevância”) e roteadores que permitem a passagem de tráfego indesejado (“vazamento”). Cada um desses tipos de anomalia é definido formalmente e apresentado junto com um algoritmo que a encontra. As anomalias e seus algoritmos foram usados para implementar uma ferramenta, o Packet Filter Checker (PFC), que lê as regras e a descrição da topologia da rede e cria um relatório com todas as anomalias presentes. Este trabalho apresenta um caso de uso fictício que é analisado e corrigido com base nos resultados apresentados pela ferramenta. O caso de uso é apresentado em diversas iterações, cada uma representando alterações nos requisitos da rede. Este caso mostra a ferramenta e os conceitos no contexto-alvo: na ajuda ao administrador da rede. / Computer networks are under constant threat, even more when connected to the Internet. To decrease the risk of invasions and downtime, security devices such as the packet filter are deployed. As a first layer of security, the packet filter is responsible for blocking out unwanted traffic at key network locations. The packets dropped or forwarded by the filter are defined by a set of rules programmed by the network administrator. These rules are in the form of guarded commands, each with a condition and a decision section. As the number of services and networks grow, the number of rules tend to grow as well. Beyond a certain threshold, the complexity of maintaining such a large and distributed set of rules becomes a burden for the network administrator. Mistakes can be easily made, compromising security. This work develops the concept of “anomaly”, each representing a potential problem, a contradiction or a superfluous rule in the rule set; i.e. a warning to the system administrator. There are 7 types of anomalies divided in two groups: single filter anomalies and networked anomalies. The single-filter anomalies warns the administrator about rules that contradict one another (the “conflict” anomaly) or have no effect (“invisibility” and “redundancy”) in the analysed filter. The networked anomalies, on the other hand, analyse the filters in the context of the network topology and warn the administrator about filters that contradict one another (“disagreement”), filters that block desired traffic (“blocking”), rules that have no effect on the given network topology (“irrelevancy”) and routers that are enabling unwanted traffic (“leaking”). Each type of anomaly is formally defined along with its algorithm. The developed concepts were used to implement a tool — the Packet Filter Checker (PFC) — that reads a description of the rules and network topology in a simple custom language and reports all anomalies present. This tool is used to analyse and fix a fictional user case in several iterations of changing requirements. This shows the tool and the anomalies in the target context: where they help the network administrator.

Redes : Comunicacao : Dados

Seguranca : Redes : Computadores

Filtros : Pacotes

Packet filter

Firewall

Security policy

Policy conflict

Rule coherence