We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are o...

This paper presents a methodology for anticipating failures in a component up to the end of its life cycle. Often, feedback data is not sufficient and must be complemented by the analysis of expert judgment. The methodology developed aims at anticipating the degradation mechanisms responsible for aging, and evaluating their relevance and related uncertainties. This is necessary information for ...

utility computing, reachability, security modelling, object oriented logical models, security properties, risk analysis In this paper we consider how logic-based object modelling techniques may be used to help Utility Providers and their customers obtain insight concerning the security characteristics of utility infrastructure and networked systems. We briefly describe two modelling tool protot...

The objective of this article is to discuss the potential of economic analysis as a tool for identification and evaluation of corruption in legislative acts. We propose that corruption be perceived as a risk variable within the legislative process. Therefore we find it appropriate to employ risk analysis methods, used in various fields of economics, for the evaluation of corruption in legislati...

This paper reviews and discusses some key concept and principles of risk analysis and risk management, based on a set of statements, formulated as myths about risk. Examples of such myths are: risk is equal to the expected value, risk equals uncertainty, risk can be expressed by probabilities, risk is equal to an event, risk acceptance criteria contribute to obtaining a high safety standard, an...

The problem of coding low-entropy information sources is considered. Since the run-length code was offered about 50 years ago by Shannon, it is known that for such sources there exist coding methods much simpler than for sources of a general type. However, known coding methods of low-entropy sources do not reach the given redundancy. In this correspondence, a new method of coding low-entropy so...

The characterisation of uncertainty and risk analysis are two research domains that have many common elements. Specifically, they are both based on an acknowledgment that decisions are never made using perfect knowledge and therefore always have some degree of associated risk or uncertainty. Research in uncertainty addresses this by seeking to understand the causes of uncertainty, and to quanti...

Growing teratoma syndrome is rare and usually it occurs in the younger aged group. The use of chemotherapy following initial surgical resection will yield the diagnosis following tumour enlargement. Complete resection is usually curative and renders better prognosis.