Security analysis of linearly filtered NLFSRs

Non-linear feedback shift register (NLFSR) ciphers are cryptographic tools of choice of the industry especially for mobile communication. Their attractive feature is a high efficiency when implemented in hardware or software. However, the main problem of NLFSR ciphers is that their security is still not well investigated. The paper makes a progress in the study of the security of NLFSR ciphers. In particular, we show a distinguishing attack on linearly filtered NLFSR (or LF-NLFSR) ciphers. We extend the attack to a linear combination of LF-NLFSRs. We investigate the security of a modified version of the Grain stream cipher and show its vulnerability to both key recovery and distinguishing attacks.

Intra-organizational information asymmetry in offshore ISD outsourcing

Purpose - Contemporary offshore Information System Development (ISD) outsourcing is becoming even more complex. Outsourcing partner has begun ‘re-outsourcing’ components of their projects to other outsourcing companies to minimize cost and gain efficiencies. This paper aims to explore intra-organizational Information Asymmetry of re-outsourced offshore ISD outsourcing projects. Design/methodology/approach - An online survey was conducted to get an overall view of Information Asymmetry between Principal and Agents (as per the Agency theory). Findings - Statistical analysis showed that there are significant differences between the Principal and Agent on clarity of requirements, common domain knowledge and communication effectiveness constructs, implying an unbalanced relationship between the parties. Moreover, our results showed that these three are significant measurement constructs of Information Asymmetry. Research limitations/implications - In our study we have only considered three main factors as common domain knowledge, clarity of requirements and communication effectiveness as three measurement constructs of Information Asymmetry. Therefore, researches are encouraged to test the proposed constructs further to increase its precision. Practical implications - Our analysis indicates significant differences in all three measurement constructs, implying the difficulties to ensure that the Agent is performing according to the requirements of the Principal. Using the Agency theory as theoretical view, this study sheds light on the best contract governing methods which minimize Information Asymmetry between the multiple partners within ISD outsourcing organizations. Originality/value - Currently, to the best of our knowledge, no study has undertaken research on Intra-organizational Information Asymmetry in re-outsourced offshore ISD outsourcing projects.

Co-production of actions and activities at airport security screening

In this paper we will examine passenger actions and activities at the security screening points of Australian domestic and international airports. Our findings and analysis provide a more complete understanding of the current airport passenger security screening experience. Data in this paper is comprised of field studies conducted at two Australian airports, one domestic and one international. Video data was collected by cameras situated either side of the security screening point. A total of one hundred and ninety-six passengers were observed. Two methods of analysis are used. First, the activities of passengers are coded and analysed to reveal the common activities at domestic and international security regimes and between quiet and busy periods. Second, observation of passenger activities is used to reveal uncommon aspects. The results show that passengers do more at security screening that being passively scanned. Passengers queue, unpack the required items from their bags and from their pockets, walk through the metal-detector, re-pack and occasionally return to be re-screened. For each of these activities, passengers must understand the procedures at the security screening point and must co-ordinate various actions and objects in time and space. Through this coordination passengers are active participants in making the security checkpoint function – they are co-producers of the security screening process.

The power of hands-on exercises in SCADA cyber security education

For decades Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) have used computers to monitor and control physical processes in many critical industries, including electricity generation, gas pipelines, water distribution, waste treatment, communications and transportation. Increasingly these systems are interconnected with corporate networks via the Internet, making them vulnerable and exposed to the same risks as those experiencing cyber-attacks on a conventional network. Very often SCADA networks services are viewed as a specialty subject, more relevant to engineers than standard IT personnel. Educators from two Australian universities have recognised these cultural issues and highlighted the gap between specialists with SCADA systems engineering skills and the specialists in network security with IT background. This paper describes a learning approach designed to help students to bridge this gap, gain theoretical knowledge of SCADA systems' vulnerabilities to cyber-attacks via experiential learning and acquire practical skills through actively participating in hands-on exercises.

Can water security be achieved in the urban environment through the implementation of the Neo Institutional theory government regulation and legislation?

The research seeks to address the current global water crisis and the built environments effect on the increasing demand for sustainability and water security. The fundamental question in determining the correct approach for water security in the built environment is whether government regulation and legislation could provide the framework for sustainable development and the conscious shift providing that change is the only perceivable option, there is no alternative. This article will attempt to analyse the value of the neo institutional theory as a method for directing individuals and companies to conform to water saving techniques. As is highlighted throughout the article, it will be investigated whether an incentive verse punishment approach to government legislations and regulations would provide the framework required to ensure water security within the built environment. Individuals and companies make certain choices or perform certain actions not because they fear punishment or attempt to conform; neither do they do so because an action is appropriate or feels some sort of social obligation. Instead, the cognitive element of neo institutionalism suggests that individuals make certain choices because they can conceive no alternative. The research seeks to identify whether sustainability and water security can become integrated into all aspects of design and architecture through the perception that 'there is no alternative.' This report seeks to address the omission of water security in the built environment by reporting on a series of investigations, interviews, literature reviews, exemplars and statistics relating to the built environment and the potential for increased water security. The results and analysis support the conclusions that through the support of government and local council, sustainability in the built environment could be achieved and become common practice for developments. Highlighted is the approach required for water management systems integration into the built environment and how these can be developed and maintained effectively between cities, states, countries and cultures.

Information systems development outsourcing : the role of control configurations

The Control Theory has provided a useful theoretical foundation for Information Systems development outsourcing (ISD-outsourcing) to examine the co-ordination between the client and the vendor. Recent research identified two control mechanisms: structural (structure of the control mode) and process (the process through which the control mode is enacted). Yet, the Control Theory research to-date does not describe the ways in which the two control mechanisms can be combined to ensure project success. Grounded in case study data of eight ISD-outsourcing projects, we derive three ‘control configurations’; i) aligned, ii) negotiated, and 3) self-managed, which describe the combinative patterns of structural and process control mechanisms within and across control modes.

A security system based on human iris identification using wavelet transform

A security system based on the recognition of the iris of human eyes using the wavelet transform is presented. The zero-crossings of the wavelet transform are used to extract the unique features obtained from the grey-level profiles of the iris. The recognition process is performed in two stages. The first stage consists of building a one-dimensional representation of the grey-level profiles of the iris, followed by obtaining the wavelet transform zerocrossings of the resulting representation. The second stage is the matching procedure for iris recognition. The proposed approach uses only a few selected intermediate resolution levels for matching, thus making it computationally efficient as well as less sensitive to noise and quantisation errors. A normalisation process is implemented to compensate for size variations due to the possible changes in the camera-to-face distance. The technique has been tested on real images in both noise-free and noisy conditions. The technique is being investigated for real-time implementation, as a stand-alone system, for access control to high-security areas.

Cloud computing adoption in Australia : the benefits, risks and implications for accounting

The purpose of this paper is to empirically examine the state of cloud computing adoption in Australia. I specifically focus on the drivers, risks, and benefits of cloud computing from the perspective of IT experts and forensic accountants. I use thematic analysis of interview data to answer the research questions of the study. The findings suggest that cloud computing is increasingly gaining foothold in many sectors due to its advantages such as flexibility and the speed of deployment. However, security remains an issue and therefore its adoption is likely to be selective and phased. Of particular concern are the involvement of third parties and foreign jurisdictions, which in the event of damage may complicate litigation and forensic investigations. This is one of the first empirical studies that reports on cloud computing adoption and experiences in Australia.

'Too high in human terms' : the costs of high security imprisonment. Review of Imprisoning Resistance by Bree Carlton and Intractable by Bernie Matthews.

The article discusses the issues of resistance; that is resistance by prisoners to the various manifestations of power operating in high security prisons, as well as that of attempted shifts in the regime from physical to psychological control. Other topics highlighted include legitimacy and 'official discourse', mourning and the construction of 'ungrievable lives' and the importance of finding a way out of the cycle of violence, which high security regimes perpetuate.

Urban Food Security, Urban Resilience and Climate Change

The growing importance of logistics in increasingly globalised production and consumption systems strengthens the case for explicit consideration of the climate risks that may impact on the operation of ports in the future, as well as the formulation of adaptation responses that act to enhance their resilience. Within a logistics chain, seaports are functional nodes of significant strategic importance, and are considered as critical gateways linking local and national supply chains to global markets. However, they are more likely to be exposed to vagaries of climate-related extreme events due to their coastal locations. As such, they need to be adaptive and respond to the projected impacts of climate change, in particular extreme weather events. These impacts are especially important in the logistics context as they could result in varying degrees of business interruption; including business closure in the worst case scenario. Since trans-shipment of freight for both the import and export of goods and raw materials has a significant impact on Australia’s sustained economic growth it was considered important to undertake a study of port functional assets, to assess their vulnerability to climate change, to model the potential impacts of climate-related extreme events, and to highlight possible adaptation responses.

Food security in Australia in an era of neoliberalism, productivism and climate change

For over 150 years Australia has exported bulk, undifferentiated, commodities such as wool, wheat, meat and sugar to the UK and more recently to Japan, Korea, and the Middle East. It is estimated that, each year, Australia's farming system feeds a domestic population of some 22 million people, while exporting enough food to feed another 40 million. With the Australian population expected to double in the next 40 years, and with the anticipated growth in the world's population to reach a level of some 9 billion (from its present level of 7 billion) in the same period, there are strong incentives for an expansion of food production in Australia. Neoliberal settings are encouraging this expansion at the same time as they are facilitating importation of foods, higher levels of foreign direct investment and the commoditisation of resources (such as water). Yet, expansion in food production – and in an era of climate change – will continue to compromise the environment. After discussing Australia's neoliberal framework and its relation to farming, this paper outlines how Australia is attempting to address the issue of food security. It argues that productivist farming approaches that are favoured by both industry and government are proving incapable of bringing about long-term production outcomes that will guarantee national food security.

From "Secondary Punishment" to "Supermax" : the human costs of high-security regimes in Australia

“Supermax” prisons, conceived by the United States in the early 1980s, are typically reserved for convicted political criminals such as terrorists and spies and for other inmates who are considered to pose a serious ongoing threat to the wider community, to the security of correctional institutions, or to the safety of other inmates. Prisoners are usually restricted to their cells for up to twenty-three hours a day and typically have minimal contact with other inmates and correctional staff. Not only does the Federal Bureau of Prisons operate one of these facilities, but almost every state has either a supermax wing or stand-alone supermax prison. The Globalization of Supermax Prisons examines why nine advanced industrialized countries have adopted the supermax prototype, paying particular attention to the economic, social, and political processes that have affected each state. Featuring essays that look at the U.S.-run prisons of Abu Ghraib and Guantanemo, this collection seeks to determine if the American model is the basis for the establishment of these facilities and considers such issues as the support or opposition to the building of a supermax and why opposition efforts failed; the allegation of human rights abuses within these prisons; and the extent to which the decision to build a supermax was influenced by developments in the United States. Additionally, contributors address such domestic matters as the role of crime rates, media sensationalism, and terrorism in each country’s decision to build a supermax prison.

Responsibility to protect and women, peace and security : aligning the protection agendas

In Responsibility to Protect and Women, Peace and Security: Aligning the Protection Agendas, editors Davies, Nwokora, Stamnes and Teitt address the intersections of the Responsibility to Protect (R2P) principle and the Women, Peace, and Security (WPS) agenda. Widespread or systematic sexual or gender-based violence is a war crime, a crime against humanity and an act of genocide, all of which are clearly addressed in the R2P principle. The protection of those at risk of widespread sexual violence is therefore not only relative to the Women, Peace and Security (WPS) agenda, but a fundamental sovereign obligation for all states as part of their commitment to R2P. Contributions from policy-makers and academics consider both the merits and the utility of aligning the protection agendas of R2P and WPS. Ultimately, a number of actionable recommendations are made concerning a unification of the agendas to best support the global empowerment of women and prevention of mass atrocities.

Formal analysis of security properties in trusted computing protocols

This research introduces a general methodology in order to create a Coloured Petri Net (CPN) model of a security protocol. Then standard or user-defined security properties of the created CPN model are identified. After adding an attacker model to the protocol model, the security property is verified using state space method. This approach is applied to analyse a number of trusted computing protocols. The results show the applicability of proposed method to analyse both standard and user-defined properties.