Protocol engineering for protection against denial-of-service attacks

Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.

Older patients request more information : a survey of use of written patient education materials in general practice

Objectives: To determine GPs' reported use of written education materials with older patients and older patients' reported receipt of these materials. To determine GPs' and older patients' perceptions of written materials.---------- Method: Using self-report questionnaires, two populations were surveyed; a randomised sample of 50 GPs (29 males and 21 females) practising in Brisbane's southern suburbs and a convenience sample of 188 older community-dwelling people (aged over 64 years).----------- Results: All GPs reported using written materials with patients, although 28% had not given any to the Last 10 patients. This increased to 46% when patients were older. Twenty percent of patients wanted more written information from their GP, while some GPs believed that older patients preferred verbal information and gave out written information only when they perceived patient interest. All GPs reported giving written materials at the time of consultation and over two thirds discussed the content with patients. Just over 50% of patients reported receiving written information from GPs in the Last six months and only hall of these again discussed it directly with their GP. Overall, patients were more positive than GPs about the value of written education materials.---------- Conclusions: Older patients' desire for written information may be better met if they are more assertive in requesting this of GPs and GPs may better serve their patients' needs if they make written information more readily available to them. Better access to materials and more financial incentives to give them out might also increase GPs' use of written materials.

Secure communication protocol for preserving E-tendering integrity.

This paper presents a secure communication protocol which can be used as the framework for an e-tendering scheme. This protocol is focused on securing the integrity of tendering documents and ensuring that a secure record of document generation is kept. Our protocol provides a mechanism to manage e-tendering contract evidence as a legal record in a unique and effective manner. It is the starting point of reliable record keeping. To a certain extent, it also addresses existing security problems in the traditional tendering processes.

A framework for network RTK data processing based on grid computing

Real-Time Kinematic (RTK) positioning is a technique used to provide precise positioning services at centimetre accuracy level in the context of Global Navigation Satellite Systems (GNSS). While a Network-based RTK (N-RTK) system involves multiple continuously operating reference stations (CORS), the simplest form of a NRTK system is a single-base RTK. In Australia there are several NRTK services operating in different states and over 1000 single-base RTK systems to support precise positioning applications for surveying, mining, agriculture, and civil construction in regional areas. Additionally, future generation GNSS constellations, including modernised GPS, Galileo, GLONASS, and Compass, with multiple frequencies have been either developed or will become fully operational in the next decade. A trend of future development of RTK systems is to make use of various isolated operating network and single-base RTK systems and multiple GNSS constellations for extended service coverage and improved performance. Several computational challenges have been identified for future NRTK services including: • Multiple GNSS constellations and multiple frequencies • Large scale, wide area NRTK services with a network of networks • Complex computation algorithms and processes • Greater part of positioning processes shifting from user end to network centre with the ability to cope with hundreds of simultaneous users’ requests (reverse RTK) There are two major requirements for NRTK data processing based on the four challenges faced by future NRTK systems, expandable computing power and scalable data sharing/transferring capability. This research explores new approaches to address these future NRTK challenges and requirements using the Grid Computing facility, in particular for large data processing burdens and complex computation algorithms. A Grid Computing based NRTK framework is proposed in this research, which is a layered framework consisting of: 1) Client layer with the form of Grid portal; 2) Service layer; 3) Execution layer. The user’s request is passed through these layers, and scheduled to different Grid nodes in the network infrastructure. A proof-of-concept demonstration for the proposed framework is performed in a five-node Grid environment at QUT and also Grid Australia. The Networked Transport of RTCM via Internet Protocol (Ntrip) open source software is adopted to download real-time RTCM data from multiple reference stations through the Internet, followed by job scheduling and simplified RTK computing. The system performance has been analysed and the results have preliminarily demonstrated the concepts and functionality of the new NRTK framework based on Grid Computing, whilst some aspects of the performance of the system are yet to be improved in future work.

End-of-life care pathways for improving outcomes in caring for the dying (Protocol)

We aim to assess the effects of end-of-life care pathways, compared with usual care or with care guided by another end-of-life care pathway across all healthcare settings (hospitals, residential aged care facilities, community). In particular, we aim to assess the effects on symptom severity and quality of life of people who are dying and/or those related to the care such as families, caregivers and health professionals.

Treadmill adaptation and verification of self-selected walking speed : a protocol for children

The term self-selected (i.e., individual or comfortable walking pace or speed) is commonly used in the literature (Frost, Dowling, Bar-Or, & Dyson, 1997; Jeng, Liao, Lai, & Hou, 1997; Wergel-Kolmert & Wohlfart, 1999; Maltais, Bar-Or, Pienynowski, & Galea, 2003; Browning & Kram, 2005; Browning, Baker, Herron, & Kram, 2006; Hills, Byrne, Wearing, & Armstrong, 2006) and is identified as the most efficient walking speed, with increased efficiency defined by lower oxygen uptake (VO^sub 2^) per unit mechanical work (Hoyt & Taylor, 1981; Taylor, Heglund, & Maloiy, 1982; Hreljac, 1993). [...] assessing individual and group differences in metabolic energy expenditure using oxygen uptake requires individuals to be comfortable with, and able to accommodate to, the equipment.

Information interventions for orienting patients and their carers to cancer care facilities (Protocol)

To assess the effects of information interventions which orient patients and their carers/family to a cancer care facility and the services available in the facility.

Elliptic curve algorithm integration in the secure shell transport layer

This document describes algorithms based on Elliptic Cryptography (ECC) for use within the Secure Shell (SSH) transport protocol. In particular, it specifies Elliptic Curve Diffie-Hellman (ECDH) key agreement, Elliptic Curve Menezes-Qu-Vanstone (ECMQV) key agreement, and Elliptic Curve Digital Signature Algorithm (ECDSA) for use in the SSH Transport Layer protocol.