The Experts below are selected from a list of 99 Experts worldwide ranked by ideXlab platform
Gemma Carr - One of the best experts on this subject based on the ideXlab platform.
-
stakeholder and public participation in river basin management an introduction
Wiley Interdisciplinary Reviews: Water, 2015Co-Authors: Gemma CarrAbstract:Participation of the public and stakeholders in river basin management is increasingly promoted because it is expected to improve resource management and enable participants to engage freely and equally in management (support democratic Processes). Three overlapping and interacting mechanisms by which participation is expected to enhance river basin management are outlined: (1) providing space for deliberation and consensus building for better quality decisions, (2) mobilizing and developing human and social capital for better quality decisions and their implementation, and (3) raising the legitimacy of decisions to facilitate their implementation. There are several complexities associated with each of the mechanisms that add challenges to realizing the expectations of participation. They include the need to carefully manage consensus building and conflict to maximize the quality of the decision without jeopardizing the potential for implementation; being aware of and implementing strategies to manage asymmetrical power relationships between participants; ensuring that participants perceive benefits from participation that exceed costs; and defining criteria for a Legitimate Process, and a Legitimate decision, that satisfy all participants. Strategies identified to address these challenges focus on managing the characteristics of the participation Process. Ongoing evaluation during a participation program or project is essential to reflect and refine how participation is being done, to address the challenges and endeavor to achieve high-quality decisions that can be implemented efficiently. WIREs Water 2015, 2:393–405. doi: 10.1002/wat2.1086 For further resources related to this article, please visit the WIREs website.
Lynette Qu Nguyen - One of the best experts on this subject based on the ideXlab platform.
-
a framework for diversifying windows native apis to tolerate code injection attacks
Computer and Communications Security, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Francis Hsu, Karl LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
-
AsiaCCS - A framework for diversifying windows native APIs to tolerate code injection attacks
Proceedings of the 2nd ACM symposium on Information computer and communications security - ASIACCS '07, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Karl N. LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
Karl N. Levitt - One of the best experts on this subject based on the ideXlab platform.
-
AsiaCCS - A framework for diversifying windows native APIs to tolerate code injection attacks
Proceedings of the 2nd ACM symposium on Information computer and communications security - ASIACCS '07, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Karl N. LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
Karl Levitt - One of the best experts on this subject based on the ideXlab platform.
-
a framework for diversifying windows native apis to tolerate code injection attacks
Computer and Communications Security, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Francis Hsu, Karl LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
Tufan Demir - One of the best experts on this subject based on the ideXlab platform.
-
a framework for diversifying windows native apis to tolerate code injection attacks
Computer and Communications Security, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Francis Hsu, Karl LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
-
AsiaCCS - A framework for diversifying windows native APIs to tolerate code injection attacks
Proceedings of the 2nd ACM symposium on Information computer and communications security - ASIACCS '07, 2007Co-Authors: Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Karl N. LevittAbstract:We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from Legitimate sources are executed. The second tier provides an authentication Process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the Legitimate Process. The Process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead.
