A rights management approach to protection of privacy in a cloud of electronic health records

A patient-centric DRM approach is proposed for protecting privacy of health records stored in a cloud storage based on the patient's preferences and without the need to trust the service provider. Contrary to the current server-side access control solutions, this approach protects the privacy of records from the service provider, and also controls the usage of data after it is released to an authorized user.

Enhanced geoproof : improved geographic assurance for data in the cloud

The geographic location of cloud data storage centres is an important issue for many organisations and individuals due to various regulations that require data and operations to reside in specific geographic locations. Thus, cloud users may want to be sure that their stored data have not been relocated into unknown geographic regions that may compromise the security of their stored data. Albeshri et al. (2012) combined proof of storage (POS) protocols with distance-bounding protocols to address this problem. However, their scheme involves unnecessary delay when utilising typical POS schemes due to computational overhead at the server side. The aim of this paper is to improve the basic GeoProof protocol by reducing the computation overhead at the server side. We show how this can maintain the same level of security while achieving more accurate geographic assurance.

Secure modular password authentication for the web using channel bindings

Secure protocols for password-based user authentication are well-studied in the cryptographic literature but have failed to see wide-spread adoption on the Internet; most proposals to date require extensive modifications to the Transport Layer Security (TLS) protocol, making deployment challenging. Recently, a few modular designs have been proposed in which a cryptographically secure password-based mutual authentication protocol is run inside a confidential (but not necessarily authenticated) channel such as TLS; the password protocol is bound to the established channel to prevent active attacks. Such protocols are useful in practice for a variety of reasons: security no longer relies on users' ability to validate server certificates and can potentially be implemented with no modifications to the secure channel protocol library. We provide a systematic study of such authentication protocols. Building on recent advances in modelling TLS, we give a formal definition of the intended security goal, which we call password-authenticated and confidential channel establishment (PACCE). We show generically that combining a secure channel protocol, such as TLS, with a password authentication protocol, where the two protocols are bound together using either the transcript of the secure channel's handshake or the server's certificate, results in a secure PACCE protocol. Our prototype based on TLS is available as a cross-platform client-side Firefox browser extension and a server-side web application which can easily be installed on deployed web browsers and servers.

Blogging

Weblogs, or blogs, constitute a form and genre of online publishing that emerged in the mid-1990s as a logical consequence of the confluence of personal and professional home pages and new web publishing technologies. To overcome technological limitations, where news updates had to be manually inserted by editing the underlying HTML code, the early content-management systems in the second half of the 1990s built on server-side database technology to dynamically generate web pages; this enabled more convenient and more frequent content updates. Weblogs utilised such technologies to provide an up-to-date news feed, presenting individual news items in reverse chronological order. Most blogging platforms provide commenting functions that enable readers to respond to and discuss individual blog posts...

Password Based Server Aided Key Exchange

We propose a new password-based 3-party protocol with a formal security proof in the standard model. Under reasonable assumptions we show that our new protocol is more efficient than the recent protocol of Abdalla and Pointcheval (FC 2005), proven in the random oracle model. We also observe some limitations in the model due to Abdalla, Fouque and Pointcheval (PKC 2005) for proving security of such protocols.

Desktop Audit and Analysis of Model Server Capability

This report presents the current state and approach in Building Information Modelling (BIM). The report is focussed at providing a desktop audit of the current state and capabilities of the products and applications supporting BIM. This includes discussion on BIM model servers as well as discipline specific applications, for which the distinction is explained below. The report presented here is aimed at giving a broad overview of the tools and applications with respect to their BIM capabilities and in no way claims to be an exhaustive report for individual tools. Chapter 4 of the report includes the research and development agendas pertaining to the BIM approach based on the observations and analysis from the desktop audit.

Motivating construction organisations through incentives : a case study for client-side project managers

Client-side project managers face challenges in motivating project organisations to pursue exceptional design and construction performance. One approach to improving the motivation of project organisations is by offering a financial incentive reward for the achievement of voluntary performance standards above the minimum required standard. However, little investigation has been undertaken into the features of a successful incentive system as a part of an overall procurement strategy. In response to a lack of information available to client-side project managers tasked with the initial design of an incentive system, the paper explores motivation under a successful incentive and identifies key learnings for client-side project managers to consider when designing incentives. Our findings are based on the results of a large Australian case study which is interpreted against a conceptual framework based on both economic and psychological perspectives of motivation. The results suggest that motivation towards incentive goals is influenced by the value the project organisations place on the incentive reward as a commercial opportunity to increase their profit margins. However, perhaps more important are the relationship management processes that promote commitment to the project; and pride in the achievement of project goals. In the case study, these processes intensified the direct motivational effect of the incentive reward on offer. The findings also highlight the importance of ensuring that incentive goals and performance measurement processes remain relevant to the organisations throughout a project to continuously encourage motivation under changing project conditions.

Performance optimization for parallel processing on a multiple-CPU server

Symmetric multi-processor (SMP) systems, or multiple-CPU servers, are suitable for implementing parallel algorithms because they employ dedicated communication devices to enhance the inter-processor communication bandwidth, so that a better performance can be obtained. However, the cost for a multiple-CPU server is high and therefore, the server is usually shared among many users. The work-load due to other users will certainly affect the performance of the parallel programs so it is desirable to derive a method to optimize parallel programs under different loading conditions. In this paper, we present a simple method, which can be applied in SPMD type parallel programs, to improve the speedup by controlling the number of threads within the programs.

Demand side response to mitigate electrical peak demand in Eastern and Southern Australia

The aim of this work is to develop a Demand-Side-Response (DSR) model, which assists electricity end-users to be engaged in mitigating peak demands on the electricity network in Eastern and Southern Australia. The proposed innovative model will comprise a technical set-up of a programmable internet relay, a router, solid state switches in addition to the suitable software to control electricity demand at user's premises. The software on appropriate multimedia tool (CD Rom) will be curtailing/shifting electric loads to the most appropriate time of the day following the implemented economic model, which is designed to be maximizing financial benefits to electricity consumers. Additionally the model is targeting a national electrical load be spread-out evenly throughout the year in order to satisfy best economic performance for electricity generation, transmission and distribution. The model is applicable in region managed by the Australian Energy Management Operator (AEMO) covering states of Eastern-, Southern-Australia and Tasmania.

Optimum demand side response of smart grid with renewable energy source and electrical vehicles

The paper presents a demand side response scheme,which assists electricity consumers to proactively control own demands in such a way to deliberately avert congestion periods on the electrical network. The scheme allows shifting loads from peak to low demand periods in an attempt to flattening the national electricity requirement. The scheme can be concurrently used to accommodate the utilization of renewable energy sources,that might be available at user’s premises. In addition the scheme allows a full-capacity utilization of the available electrical infrastructure by organizing a wide-use of electric vehicles. The scheme is applicable in the Eastern and Southern States of Australia managed by the Australian Energy Market Operator. The results indicate the potential of the scheme to achieve energy savings and release capacity to accommodate renewable energy and electrical vehicle technologies.