Linda Dickens There has been considerable expansion in statutory individual employment rights in Britain over the past forty or so years. But the development of a more comprehensive role for legislation in regulating the employment relationship has not been accompanied by any strategic consideration of the mechanisms for enforcement of rights. The Employment Tribunals (ETs) constitute the predo...

Due to the growing interests in XML security, various access control schemes have been proposed recently. However, little effort has been put forth to facilitate a uniform analysis and comparison of these schemes under the same framework. This paper presents a first attempt toward a flexible framework that can capture the design principles and operations of existing XML access control mechanism...

Runtime enforcement aims at verifying the active execution trace of executing software against formally specified properties of the software, and enforcing the properties in case that they are violated in the active execution trace. Enforcement mechanism of individual properties may interfere with each other, causing the overall behavior of the executing software to be erroneous. As the number ...

Program rewriting is defined as transforming a given program into one satisfying some intended properties. This technique has recently been suggested as a means for enforcing security policies. In this paper, we propose rewriting mechanisms based on program dependence graphs to enforce noninterference in programs with observable intermediate values. We first formulate progress-insensitive and p...

We present a new access control mechanism for P2P networks with distributed enforcement, called P2P Access Control System (PACS). PACS enforces powerful access control models like RBAC with administrative delegation inside a P2P network in a pure P2P manner, which is not possible in any of the currently used P2P access control mechanisms. PACS uses client-side enforcement to support the replica...

As computer and network security threats become more sophisticated and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. They should deploy and implement proper network security policy enforcement mechanisms in order to apply the appropriate countermeasures and defense strategy. In this paper, we propose a nov...

Significant programs of speed enforcement have been in operation in a number of State and international jurisdictions for some time and many have been the subject of rigorous evaluation. Such programs aim to reduce crash frequency and/or injury severity through reductions in mean speed and/or changes to the speed distribution. In broad terms, the speed enforcement programs evaluated have been d...

How to enforce privacy policies to protect sensitive personal data has become an urgent research topic for security researchers, as very little has been done in this field apart from some ad hoc research efforts. The sticky policy paradigm, proposed by Karjoth, Schunter, and Waidner, provides very useful inspiration on how we can protect sensitive personal data, but the enforcement is very weak...

Twenty years ago, law enforcement organizations lobbied to require data and communication services to engineer their products to guarantee law enforcement access to all data. After lengthy debate and vigorous predictions of enforcement channels “going dark,” these attempts to regulate the emerging Internet were abandoned. In the intervening years, innovation on the Internet flourished, and law ...