AI News, GAO Report Confirms Major Gaps in Government Cybersecurity ... artificial intelligence

Artificial Intelligence: What Can We Learn from Other Countries’ Approaches?

There is a consensus that there is a need for skills development, especially in inter-disciplinary work: If there was one thing that all panelists agreed upon, other than than that AI will have a profound impact, it is that there is a growing need for skills development.  Interestingly, that does not mean that everybody needs to learn how to write code and become a computer programmer, although there is certainly a need for more coders and more computer programmers.  There is a reason why U.S. college students are demanding more courses in this field as the NYT recently reported.   What it does mean, particularly in this era of growing calls for “explainable AI” (itself a challenging concept), is that there will be an increasing need for individuals who know how to use AI technologies appropriately.  There was a discussion, for instance, about how AI is going to become an increasingly important part of the criminal justice system.  So that means that prosecutors and others have to work with professionals who are conversant with the technology and who also understand the laws and ethical considerations underpinning criminal justice work.  That is a different skill set from the work conducted by today’s IT professionals.      

There is a reason why AI dominated the conversation at the Davos World Economic Forum.  Although AI has experienced period of hype in the past, it seems like “this time it is different,” in terms of usable relatively near term potential AI applications in fields as different as drug discovery, criminal justice, cybersecurity, financial services, fraud prevention and many many other spaces.  SIIA will continue to work with academic institutions such as George Washington University in exploring the policy implications of AI developments.  We also hope to work with the U.S. Congress and international institutions in understanding better what kind of inter-disciplinary training is needed to prepare the professionals of tomorrow.   Given the U.S., Japanese, EU, and Canadian interest in skills development, this need for inter-disciplinary expertise could perhaps be supported at the June 8-9, 2019 G20 meeting in Japan. 

How to Configure Chroot Environments for SFTP Access on Ubuntu 16.04

Chrooted users can't break the jail but they would still be able to run normal SFTP commands to manage their directories and files.

This is a step-by-step guide for creating an SFTP chroot environment on an Alibaba Cloud Elastic Compute Service (ECS) Ubuntu 16.04 instance that locks users to their home directory while restricting shell access for security purposes.

Match Group sftpusers: This directive instructs the system to apply the commands below it to users that belong to the group sftpusers.

You may also use a Match User directive to chroot a specific user to a certain directory, but this will require multiple chroot configuration blocks for each user.

X11Forwarding no: This disables X11 forwarding for the current group and limits group users from executing graphical interface programs through SSH.

Since the directory /home/jacob is now owned by the root, user jacob won't be in a position to create files or folders in the directory.

We can also create a private document directory for our user with restricted permissions to the outside users using the command below:

Our user will still be able to upload files to the private_docs directory, but no one else will have permissions to read, execute or write on that folder.

Once the chroot settings are in place, you can try to connect to your Ubuntu 16.04 Alibaba Cloud server through sftp using the credentials of the user that we have created.

If you are running Linux on your local computer, run the command below and remember to replace jacob with the correct username and with the public IP address associated with Alibaba ECS instance.

With the settings in place, chrooted users will be restricted to their home directories, but they can't run shell commands.

We believe this guide will help you to add more flexibility to your users while still taking care of the system-wide settings of your file system hosted on Alibaba Cloud.

Grails With Spring Security

Spring Security touts a number of authentication, authorization, instance-based, and various other features that make it so attractive to secure applications with.

If we are using the recommended approach for mapping many-to-many relationship betweenPersonandGroup,and betweenGroupandAuthority, we’ll need a domain class for each to map the join tables.

The syntax is quite easy: grails s2-quickstart DOMAIN_CLASS_PACKAGE USER_CLASS_NAME ROLE_CLASS_NAME [REQUESTMAP_CLASS_NAME] [--groupClassName=GROUP_CLASS_NAME] An example with Person,Authority, andRequestmap: grails s2-quickstart com.ourapp Person Authority Requestmap We can choose among the following approaches to configure request mappings for securing URLs: We can only use one method at a time.

The Spring Security Core plugin and other extension plugins support restricting access to URLs via rules that include checking a user’s authentication status, roles, etc.

The four annotations typically available in Spring Security are available for use with Spring Expression Language (SpEL) expressions to perform Expression-Based Access Control: The above annotations are all documented in the Method Security Expressions portion of the Spring Security documentation.

Some various features of the Spring Security ACL Plugin include: The Spring Security Core Plugin offers a number of very useful features for securing Grails with Spring Security, but in order to implement more sophisticated, fine-grained authorization, it is necessary to use the Spring Security ACL Plugin in conjunction.

Day one of William Barr's attorney general confirmation hearing

The Senate Judiciary Committee holds a hearing on the confirmation of William P. Barr to be the next attorney general. Subscribe to The Washington Post on ...

AI in the Administrative State | Keynote Addresses

Marjory Blumenthal, RAND Max Stier, Partnership for Public Service Moderators: Stephen Merrill, The Center for Innovation Policy at Duke Law Stuart Benjamin, ...

CIGIE Conference, July 11, 2018: Building on 40 Years of Excellence in Independent Oversight

Inspectors General are Building on 40 Years of Excellence in Independent Oversight. Learn more: 12:00 Welcome ..

National Security Agency | Wikipedia audio article

The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of ...