The viability of the application of the e-Institution paradigm for obtaining overall desired behavior in open multiagent systems (MAS) lies in the possibility of bringing the norms of the institution to have an actual impact on the MAS. Institutional norms have to be implemented in the society. The paper addresses two possible views on implementing norms, the so-called regimentation of norms, a...

The Distributed Trusted Mach (DTMach) program is developing a design for a high-assurance, secure, distributed system based on Mach. To achieve this goal, it is rst necessary to identify the general threats against which DTMach must protect. The next step is to identify control mechanisms that are suucient to protect against each of the threats. The DTMach design makes extensive use of type enf...

This Article studies the relationship between formal and informal contract enforcement. The theoretical literature treats the two strategies as separate phenomena. By contrast, a rich experimental literature considers whether the introduction of formal contracting and state enforcement “crowds out” the operation of informal contracting. Both literatures focus too narrowly on how formal contract...

The availability of high performance broadband services from the home will allow a growing number of organisations to offer teleworking as an employee work practice. Teleworking delivers cost savings, improved productivity and provides a recruitment policy to attract and retain personnel. Information security is one of the management considerations necessary before an effective organisational t...

This paper focuses on the formal assessment of the properties of cooperation enforcement mechanisms used to detect and prevent selfish behavior of nodes forming a mobile ad hoc network. In the first part, we demonstrate the requirement for a cooperation enforcement mechanism using cooperative game theory that allows us to determine a lower bound on the size of coalitions of cooperating nodes. I...

Sharing information allows businesses to take advantage of hidden knowledge, improve work processes and cooperation both within and across organisations. Thus there is a need for improved information protection capable of restricting how information is used, as opposed to only accessed. Usage Control has been proposed to achieve this by combining and extending traditional access control, Digita...

With the development of frequency agile radios comes a new option for using wireless spectrum: cognitive radio. Under this scheme a hierarchical approach is employed in which legacy “primary” users may use the band as they wish, while “secondary” users may take advantage of any unused spectrum. However, as of yet the question of enforcement in cognitive radio is unaddressed, especially in the c...

Executive Summary This document describes the results of the first two work packages of the research project " Enforcement for Usage Control " , carried out jointly by DoCoMo Euro-Labs and the Information Security group at ETH Zurich. The goal of the project is the development of a server-side architecture that enables the enforcement of usage control requirements at the data consumer's side. D...

We analyze the space of security policies that can be enforced by monitoring and modifying programs at run time. Our program monitors, called edit automata, are abstract machines that examine the sequence of application program actions and transform the sequence when it deviates from a specified policy. Edit automata have a rich set of transformational powers: They may terminate the application...

Information declassification aims for trusted release of secret information to public environment. Existing security specifications and enforcement mechanisms of declassification policies have focused on sequential programs. This paper generalized the specification of gradually delimited release policy for sequential programs to the security condition suited for multi-threaded programs. This se...