The forward and backward processes in health policy planning

This is a study of a legislative conflict over the National Health Insurance policy played out in the 96th Congress of the United States. It attempted to find out whether the policy aimed at restructuring the U.S. health care system was possible. Since previous analysis concluded that the Kennedy NHI plan was such an innovative policy the questions examined here were: (1) Would the Kennedy plan emerge as the adopted national policy? (2) If not, what plan could be a compromise proposal?To answer the first question the forward process of planning was applied. The conflict was structured according to the levels of a conceptual hierarchy. The focus of the hierarchy constituted the first level, the actors involved the second, their objectives and subobjectives formed the third and fourth levels, and the policies pursued by the actors (the NHI proposals) the fifth level. The elements of each level were weighed according to their relative importance by using the principal eigenvectors of a series of pairwise comparison matrices. The priority of the NHI plans promoted by the particular groups was derived on the assumption that a plan with the highest eigenvector will probably emerge as the adopted national health policy. The forward process answered the question: Given the present actors, their objectives, and the strength to influence the outcome, which NHI plan was the most likely to emerge as the adopted national policy?To answer the second question the backward process of planning was applied. It was an attempt to find a compromise solution acceptable to all the parties involved.This method of policy design, developed by Thomas L. Saaty, has great advantages over the traditional methods of policy planning. It brings into focus the matrix of competing interests and sets firm boundaries for planning efforts. It helps in setting pragmatic, not romantic policies, with a great saving of time and money.     

ROI-Driven Cyber Risk Mitigation Using Host Compliance and Network Configuration

Automated cyber security configuration synthesis is the holy grail of cyber risk management. The effectiveness of cyber security is highly dependent on the appropriate configuration hardening of heterogeneous, yet interdependent, network security devices, such as firewalls, intrusion detection systems, IPSec gateways, and proxies, to minimize cyber risk. However, determining cost-effective security configuration for risk mitigation is a complex decision-making process because it requires considering many different factors including end-hosts’ security weaknesses based on compliance checking, threat exposure due to network connectivity, potential impact/damage, service reachability requirements according to business polices, acceptable usability due to security hardness, and budgetary constraints. Although many automated techniques and tools have been proposed to scan end-host vulnerabilities and verify the policy compliance, existing approaches lack metrics and analytics to identify fine-grained network access control based on comprehensive risk analysis using both the hosts’ compliance reports and network connectivity. In this paper, we present new metrics and a formal framework for automatically assessing the global enterprise risk and determining the most cost-effective security configuration for risk mitigation considering both the end-host security compliance and network connectivity. Our proposed metrics measure the global enterprise risk based on the end-host vulnerabilities and configuration weaknesses, collected through compliance scanning reports, their inter-dependencies, and network reachability. We then use these metrics to automatically generate a set of host-based vulnerability fixes and network access control decisions that mitigates the global network risk to satisfy the desired Return on Investment of cyber security. We solve the problem of cyber risk mitigation based on advanced formal methods using Satisfiability Module Theories, which has shown scalability with large-size networks.     

Institutions for Cyber Security: International Responses and Global Imperatives

Almost everyone recognizes the salience of cyberspace as a fact of daily life. Given its ubiquity, scale, and scope, cyberspace has become a fundamental feature of the world we live in and has created a new reality for almost everyone in the developed world and increasingly for people in the developing world. This paper seeks to provide an initial baseline, for representing and tracking institutional responses to a rapidly changing international landscape, real as well as virtual. We shall argue that the current institutional landscape managing security issues in the cyber domain has developed in major ways, but that it is still “under construction.” We also expect institutions for cyber security to support and reinforce the contributions of information technology to the development process. We begin with (a) highlights of international institutional theory and an empirical “census” of the institutions-in-place for cyber security, and then turn to (b) key imperatives of information technology-development linkages and the various cyber processes that enhance developmental processes, (c) major institutional responses to cyber threats and cyber crime as well as select international and national policy postures so critical for industrial countries and increasingly for developing states as well, and (d) the salience of new mechanisms designed specifically in response to cyber threats.     

美国网络监控项目法律保障体系及其启示

“棱镜门”事件的曝光引发全球对国家安全和隐私保护的讨论。在美国网络监控法律框架下去审视美国国家安全局情报监控项目,可发现明确的适用范围、严密的审查监督制度与严格的实施程序要求,让美国政府可在维护国家安全利益的同时力求最大限度保护民众隐私权,做到了“有法可依”。构建政府与互联网公司互利共赢的新关系,完善网络监控法律体系和法律运作程序是从美国网络监控法律保障体系分析中所提炼出对我国具有启发性意义的措施。     

位置约束的访问控制模型及验证方法

随着物联网和信息物理融合系统等新一代信息技术的发展,位置约束的访问控制系统的安全性需求不仅体现在虚拟的信息空间,还体现在现实的物理空间.如何在这种新需求下制定位置约束的访问控制模型与验证方法成为保证访问控制系统安全的关键所在.首先提出位置约束访问控制模型,包括LCRBAC模型和EM模型,实现对信息空间和物理空间的静态结构以及两空间中实体动态行为的刻画;其次利用偶图和偶图反应系统建模位置约束访问控制模型,生成访问控制策略标注转移边的标号变迁系统;然后根据标号变迁系统验证结果,提出针对死锁状态、违反状态和不可达状态的策略修改方案;最后通过银行访问控制系统实例分析说明所提方法能够对信息空间和物理空间以及两空间交互行为的访问控制策略进行建模和验证.     

网络虚拟社会的有序活动依赖eID

eID是政府身份管理职能部门签发的、普适性的网络身份证件。本文通过对网络身份证件的需求分析及对国外网络身份管理建设的研究,指出了当前我国网络虚拟社会身份信任体系存在的问题,提出了借鉴我国居民身份证制度管理现实社会的成功经验、依托现有身份管理的行政体系尽早发行网络身份证件;并针对我国数字认证行业发展的状况,提出了对我国网络身份建设统筹规划的建议。     

Cyber Attack Protection and Control of Microgrids

Recently, the smart grid has been considered as a next-generation power system to modernize the traditional grid to improve its security, connectivity, efficiency and sustainability. Unfortunately, the smart grid is susceptible to malicious cyber attacks, which can create serious technical, economical, social and control problems in power network operations. In contrast to the traditional cyber attack minimization techniques, this paper proposes a recursive systematic convolutional (RSC) code and Kalman filter (KF) based method in the context of smart grids. Specifically, the proposed RSC code is used to add redundancy in the microgrid states, and the log maximum a-posterior is used to recover the state information, which is affected by random noises and cyber attacks. Once the estimated states are obtained by KF algorithm, a semidefinite programming based optimal feedback controller is proposed to regulate the system states, so that the power system can operate properly. Test results show that the proposed approach can accurately mitigate the cyber attacks and properly estimate and control the system states.      

Using actor-network theory to analyse strategy formulation

Abstract.  Drawing upon actor-network theory, this article analyses the socio-technological construction of China's strategy for the telecommunications market transformation. We define the telecommunications market as the non-human actor. The public and society, the state, and the operators constitute three groups of human actors representing the social interests in the telecommunications industry. We have observed that these actors' interests are influenced by the situation of technology advance, the telecommunications development level, the macro reform progress and the national policies concerning the political and economic systems, and the international trend in telecommunications reforms. Owing to the dynamics of these contextual elements and the struggle of actors to inscribe their interests into the national strategy, China has transformed the telecommunications market by four stages, each stage with specific foci. Our case study demonstrates that the applications of actor-network theory can be extended to investigate the formulation of a national strategy. The research design in which the social and technological contexts are dynamically connected with strategy formulation can be drawn upon by other actor-network studies.     

The proportionality principle in telecommunications interception and access law in an environment of heightened security and technological convergence†

As nations expand the telecommunications interception and access powers of their law enforcement agencies to address heightened threats to national security and accelerating technological convergence, the proper application of the proportionality principle is becoming an increasingly contentious issue. The ‘proportionality principle’ in telecommunications law mandates the weighing of a likely threat to public security against the potential violation of individual rights so as to ensure that the intrusive impact of a particular interception and access activity is reasonable proportionate to the potential outcome sought. The reform discourse of recent years has largely focused on expanding investigative powers, to the possible detriment of the protection of individual rights. Whilst the present environment makes such a focus wholly understandable, the present paper considers potential legislative and policy measures that could strengthen the proportionality principle in the telecommunications regulatory framework to support a more precise calibration of the relevant competing public and private interests. As Australia has recently undertaken a comprehensive review of its telecommunications access and interception laws, commencing with a 2013 referral to its Senate Committee and culminating in a 2015 law reform report, the article focuses on that nation’s experience. The analysis is, however, placed within an overarching public policy framework to ensure that the discussion is of relevance to nations around the world who are similarly engaged in telecommunications law reform.     

Reinforcement Learning for feedback-enabled cyber resilience

The rapid growth in the number of devices and their connectivity has enlarged the attack surface and made cyber systems more vulnerable. As attackers become increasingly sophisticated and resourceful, mere reliance on traditional cyber protection, such as intrusion detection, firewalls, and encryption, is insufficient to secure the cyber systems. Cyber resilience provides a new security paradigm that complements inadequate protection with resilience mechanisms. A Cyber-Resilient Mechanism (CRM) adapts to the known or zero-day threats and uncertainties in real-time and strategically responds to them to maintain the critical functions of the cyber systems in the event of successful attacks. Feedback architectures play a pivotal role in enabling the online sensing, reasoning, and actuation process of the CRM. Reinforcement Learning (RL) is an important gathering of algorithms that epitomize the feedback architectures for cyber resilience. It allows the CRM to provide dynamic and sequential responses to attacks with limited or without prior knowledge of the environment and the attacker. In this work, we review the literature on RL for cyber resilience and discuss the cyber-resilient defenses against three major types of vulnerabilities, i.e., posture-related, information-related, and human-related vulnerabilities. We introduce moving target defense, defensive cyber deception, and assistive human security technologies as three application domains of CRMs to elaborate on their designs. The RL algorithms also have vulnerabilities themselves. We explain the major vulnerabilities of RL and present develop several attack models where the attacker target the information exchanged between the environment and the agent: the rewards, the state observations, and the action commands. We show that the attacker can trick the RL agent into learning a nefarious policy with minimum attacking effort. The paper introduces several defense methods to secure the RL-enabled systems from these attacks. However, there is still a lack of works that focuses on the defensive mechanisms for RL-enabled systems. Last but not least, we discuss the future challenges of RL for cyber security and resilience and emerging applications of RL-based CRMs.     

Cyber Capabilities and Intent of Terrorist Forces

ABSTRACT

This article defines and explores the utilization of cyber capabilities in order to achieve traditional terrorism goals while investigating the unprecedented role of nonstate actors in both offensive and defensive capabilities. Included in this article are the results of investigation into the Websites and Web-based services of identified terrorist groups as well as several interviews with hackers in order to determine capability and intent.     

Barriers to knowledge sharing and stakeholder alignment in solar energy clusters: Learning from other sectors and regions

Regional and national policy makers have invested heavily in the cluster concept as a means of generating value for regions, particularly through the opportunities it may present for small regional enterprises as vehicles for growth and job creation. Economic theorists such as Porter, have shaped many of policies being adopted, from a macro-economic perspective, yet the process by which actors within the group are helped (or hindered) in aligning knowledge, expertise and interests is less well understood. The implementation and development of clusters is subject to a range of local socio-technical and socio-political dynamics, which also need to be taken account of if the anticipated benefits such as wealth creation and competitiveness are to be realised. The paper uses the outcomes of research in several regional clusters to highlight recurring issues associated with the alignment of distributed knowledge and stakeholder interests, and in particular, the interests of small and medium-sized enterprises (SMEs). The paper suggests that such barriers impact on the ability of clusters to create value for regions, particularly in relation to the opportunities for the creation of employment through local SMEs that are often cited as the basis for such investment. The authors argue for the provision of opportunities to sharing knowledge and expertise within and between clusters, to ensure early identification and collective engagement of stakeholders with issues on the ground, given the evidence that SME are under-represented in policy and strategy development, and that this undermines the competitiveness and the benefits of investment in regional clusters.     

基于MODBUS的SCADA系统网络威胁与入侵检测

数据采集与监视控制（SCADA）系统是国家基础设施的重要组成部分,然而近年来SCADA系统一直遭受网络攻击的威胁。在分析SCADA通信协议脆弱性的基础上,描述了23种基于MODBUS的SCADA系统可能面临的网络威胁,这些威胁可分为四大类：信息扫描、响应注入、命令注入以及拒绝服务。利用SCADA系统与物理系统交互的特性,设计了基于协议缺陷和基于系统状态的检测规则。在实验室天然气管道系统的环境下,进行了基于Snort的入侵检测实验,结果验证了入侵检测规则的有效性。     

Drafting spectrum policy in an access-price targeting perspective and exploring its embedded biological nature

Spectrum policy is the government statement of how it guides information and communication industry growth. Since 5G commercial launch is expected in 2020, ITU has estimated the spectrum requirement is 1340 MHz–1960 MHz. However, the population ageing and the unpredictable pace of telecommunication innovation cause the spectrum demand may be overestimated. The author designs an Access-Price Targeting framework (APT) to help the Taiwan government to draft spectrum policy during 2013–2016 considering the long-term/short-term telecommunication economic activities. APT, in a long-term, estimates the spectrum demand decreases from 1070 MHz in 2013 to 1025 MHz in 2030, when the Taiwan population ages. In a short-term, APT suggests the spectrum authority should decide an explicit targeting online access-price and guide the market development by mediating spectrum supply, just like the relationship between Central Bank and its monetary policy, rather than keeping releasing spectrum and lowering online access-price. This strategy ensures the stable telecommunication industry development. The contributions of APT are (1) ensuring predictability, transparency and accountability of spectrum policy-making process to reduce economic and financial uncertainty, and (2) allowing spectrum policy to focus on guiding the development of domestic telecommunication industries and to respond to shocks from domestic and foreign telecommunication economy.     

基于ATT&CK的APT攻击语义规则构建

从自然语言描述文本中提取网络攻击知识存在语义鸿沟,导致TTPs威胁情报自动化利用低。为提高威胁情报自动分析效率,设计并实现了基于ATT&CK的APT攻击语义规则。首先,构建带标签的有向图语义规则模型,对自然语言文本描述的攻击技术进行知识化描述;其次,定义语义规则,阐释网络实体属性及其逻辑运算关系的形式化描述方法;最后,利用关键词组识别、知识抽取等自然语言处理技术,从攻击技术文本中抽取形成123个APT攻击语义规则,涵盖ATT&CK的115项技术和12种战术。利用模拟场景采集的APT攻击日志数据,对语义规则进行验证,实验结果表明,语义规则检出率达到93.1%,并具备一定的攻击上下文信息还原能力,可有效支撑威胁检测分析。     

Automated prototyping tool-kit (APT)

Automated prototyping tool-kit (APT) is an integrated set of software tools that generate source programs directly from real-time requirements. The APT system uses a fifth-generation prototyping language to model the communication structure, timing constraints, I/O control, and data buffering that comprise the requirements for an embedded software system. The language supports the specification of hard real-time systems with reusable components from domain specific component libraries. APT has been used successfully as a research tool in prototyping large war-fighter control systems (e.g. the command-and-control station, cruise missile flight control system, patriot missile defense systems) and demonstrated its capability to support the development of large complex embedded software.     

An attack-norm separation approach for detecting cyber attacks

The two existing approaches to detecting cyber attacks on computers and networks, signature recognition and anomaly detection, have shortcomings related to the accuracy and efficiency of detection. This paper describes a new approach to cyber attack (intrusion) detection that aims to overcome these shortcomings through several innovations. We call our approach attack-norm separation. The attack-norm separation approach engages in the scientific discovery of data, features and characteristics for cyber signal (attack data) and noise (normal data). We use attack profiling and analytical discovery techniques to generalize the data, features and characteristics that exist in cyber attack and norm data. We also leverage well-established signal detection models in the physical space (e.g., radar signal detection), and verify them in the cyberspace. With this foundation of information, we build attack-norm separation models that incorporate both attack and norm characteristics. This enables us to take the least amount of relevant data necessary to achieve detection accuracy and efficiency. The attack-norm separation approach considers not only activity data, but also state and performance data along the cause-effect chains of cyber attacks on computers and networks. This enables us to achieve some detection adequacy lacking in existing intrusion detection systems. Nong Ye is a Professor of Industrial Engineering and an Affiliated Professor of Computer Science and Engineering at Arizona State University (ASU) the Director of the Information Systems Assurance Laboratory at ASU. Her research interests lie in security and Quality of Service assurance of information systems and infrastructures. She holds a Ph.D. degree in Industrial Engineering from Purdue University, West Lafayette, and M.S. and B.S. degrees in Computer Science from the Chinese Academy of Sciences and Peking University in China respectively. She is a senior member of IIE and IEEE, and an Associate Editor for IEEE Transactions on Systems, Man, and Cybernetics and IEEE Transactions on Reliability. Toni Farley is the Assistant Director of the Information and Systems Assurance Laboratory, and a doctoral student of Computer Science at Arizona State University (ASU), Tempe, Arizona. She is studying under a Graduate Fellowship from AT&T Labs-Research. Her research interests include graphs, networks and network security. She holds a B.S. degree in Computer Science and Engineering from ASU. She is a member of IEEE and the IEEE Computer Society. Her email address is toni@asu.edu. Deepak Lakshminarasimhan is a Research Assistant at the Information and Systems Assurance Laboratory, and a Master of Science student of Electrical engineering at Arizona State University (ASU), Tempe, Arizona. His research interests include network security, digital signal processing and statistical data analysis. He holds a B.S degree in Electronics and Communication Engineering from Bharathidasan University in India.     

An EEG emotion recognition method based on transfer learning and echo state network for HilCPS

As a new cyber physical application, emotion recognition has been shown to make human-in-the-loop cyber-physical system (HilCPS) more efficient and sustainable. Therefore, emotion recognition is of great significance for HilCPS. Electroencephalogram (EEG) signals contain abundant and useful information, and can objectively reflect human emotional states. According to EEG signals, using machine learning to recognize emotion is the main method at present. This method depends on the quantity and quality of samples as well as the capability of classification model. However, the quantity of EEG samples is often insufficient and the quality of EEG samples is often irregular. Meanwhile, EEG samples possess strong nonlinearity. Therefore, an EEG emotion recognition method based on transfer learning (TL) and echo state network (ESN) for HilCPS is proposed in this paper. First, a selection algorithm of EEG samples based on average Frechet distance is proposed to improve the sample quality. Second, a feature transfer algorithm of EEG samples based on transfer component analysis is proposed to expand the sample quantity. Third, in order to solve the problem of the nonlinearity of EEG samples, a classification model of EEG samples based on ESN is constructed to accurately classify emotional states. Finally, experimental results show that compared with traditional methods, the proposed method can expand the quantity of the high-quality EEG samples and effectively improve the accuracy of emotion recognition.     

Global Production and Global Consumption: Designing Organisations and Networks for the Next Century

Globalisation has increased the significance of intellectual capital leveraged by the information and communication technologies on which it depends. Ultimately global production, distribution and consumption forces a shift in focus towards the end of the production chain where product differentiation and customer support can be used to maintain demand for goods and services. However, development is not uniform, specific markets and specific technologies are at different points in the cycle of growth, maturity and decline, rapid growth at favoured locations also creates regional imbalances within regions and nation states. The organisations and alliances which comprise the global production system must deliver continuous innovation at the cutting edge while ensuring effective diffusion of more mature technologies. Often available infrastructure and skills cannot support full integration into the global economy. While such problems may be most marked within the rapidly development in countries such as China, they exist to some extent in all economies. The stresses inherent in this emerging global system of have been highlighted by the current difficulties of the East Asian economies. The tight coupling of the system propagates the diverse problems of these individual nation states across the globe. This paper argues that globalisation undermines the separation of manufacturing and service activities and the distinction between products and services and examines the emergence of strategies and alliances across regional and organisational boundaries with a model derived from design management.     

“火焰”病毒分析与防范

随着网络技术的飞速发展,计算机病毒逐渐成为网络安全领域的主要威胁。近年来,网络攻击事件频繁发生,并且规模逐渐增大,已经从传统意义上对个人电脑的攻击演变成对国家网络基础设施及重要信息系统的攻击。文章通过对“火焰”病毒的分析,分别从传播、启动、攻击、防范等方面进行研究,并提出对网络安全防护的相关建议和对策。