Security metrics for object-oriented designs

Several studies have developed metrics for software quality attributes of object-oriented designs such as reusability and functionality. However, metrics which measure the quality attribute of information security have received little attention. Moreover, existing security metrics measure either the system from a high level (i.e. the whole system’s level) or from a low level (i.e. the program code’s level). These approaches make it hard and expensive to discover and fix vulnerabilities caused by software design errors. In this work, we focus on the design of an object-oriented application and define a number of information security metrics derivable from a program’s design artifacts. These metrics allow software designers to discover and fix security vulnerabilities at an early stage, and help compare the potential security of various alternative designs. In particular, we present security metrics based on composition, coupling, extensibility, inheritance, and the design size of a given object-oriented, multi-class program from the point of view of potential information flow.

Assessing the impact of refactoring on security-critical object-oriented designs

Refactoring focuses on improving the reusability, maintainability and performance of programs. However, the impact of refactoring on the security of a given program has received little attention. In this work, we focus on the design of object-oriented applications and use metrics to assess the impact of a number of standard refactoring rules on their security by evaluating the metrics before and after refactoring. This assessment tells us which refactoring steps can increase the security level of a given program from the point of view of potential information flow, allowing application designers to improve their system’s security at an early stage.

Toothless tiger, sleeping dragon : implied freedoms, internet filters and the growing culture of internet censorship in Australia

The internet by its very nature challenges an individual’s notions of propriety, moral acuity and social correctness. A tension will always exist between the censorship of obscene and sensitive information and the freedom to publish and/or access such information. Freedom of expression and communication on the internet is not a static concept: ‘Its continual regeneration is the product of particular combinations of political, legal, cultural and philosophical conditions’.

The role of the internet on international market growth of Australian firms : an exploratory study

The Internet has been shown to positively influence the internationalisation activities of firms through enhanced information, knowledge and network development. Although there has been evidence of a positive impact of the Internet on internationalisation process components, it is vague as to whether the Internet has an impact on firm international market growth. This paper examines the role of the Internet in the outward internationalisation of a cross-national sample of 224 firms from Australia. The results show evidence that a there is a link between Internet usage, Internet intensity and the international market growth of the firm. The findings indicate that firms are using Internet technologies beyond simple e-mail and websites in their international marketing. For example, Internet directories and Internet market spaces are assisting international market expansion of the firm. Firms are integrating the Internet into international marketing processes such as advertising, marketing, market research and international market management as well as in data transference between company and supplier and company and customer. Further, there is evidence in this study of the statistical relationships between the use of website, e-mail and online sales with the international market growth of the firm.

Internet usage, internet marketing intensity and international marketing growth

This paper examines the role of the Internet in international marketing growth. Evidence of a positive relationship between e-mail, website usage, online marketing and advertising with international market growth was found, in terms of increased sales from new customers in new countries, new customers in existing countries, and existing customers.

The Guardian reportage of the UK MP expenses scandal: a case study of computational journalism

The Guardian reportage of the United Kingdom Member of Parliament (MP) expenses scandal of 2009 used crowdsourcing and computational journalism techniques. Computational journalism can be broadly defined as the application of computer science techniques to the activities of journalism. Its foundation lies in computer assisted reporting techniques and its importance is increasing due to the: (a) increasing availability of large scale government datasets for scrutiny; (b) declining cost, increasing power and ease of use of data mining and filtering software; and Web 2.0; and (c) explosion of online public engagement and opinion.. This paper provides a case study of the Guardian MP expenses scandal reportage and reveals some key challenges and opportunities for digital journalism. It finds journalists may increasingly take an active role in understanding, interpreting, verifying and reporting clues or conclusions that arise from the interrogations of datasets (computational journalism). Secondly a distinction should be made between information reportage and computational journalism in the digital realm, just as a distinction might be made between citizen reporting and citizen journalism. Thirdly, an opportunity exists for online news providers to take a ‘curatorial’ role, selecting and making easily available the best data sources for readers to use (information reportage). These activities have always been fundamental to journalism, however the way in which they are undertaken may change. Findings from this paper may suggest opportunities and challenges for the implementation of computational journalism techniques in practice by digital Australian media providers, and further areas of research.

Not yet the Internet election : online media, political commentary and the 2007 Australian federal election

This paper undertakes an overview of two developments in online media that coincided with the 'year-long campaign' that was the 2007 Australian Federal election. It discusses the relatively successful use of the Internet and social media in the 'Kevin07' Australian Labor Party campaign, and contrasts this to the Liberal-National Party's faltering use of You Tube for policy announcements. It also notes the struggle for authority in interpreting polling data between the mainstream media and various online commentators, and the 'July 12 incident' at The Australian, where it engaged in strong denunciation of alleged biases and prejudices among bloggers and on political Web sites. It concludes with consideration of some wider implication for political communication and the politics-media relationship, and whether we are seeing trends towards dispersal and diversification characterising the 'third age' of political communication.

How HCI design influences web security decisions

Even though security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human machine interface. This paper reports on a diary study conducted in order to investigate what people identify as security decisions that they make while using the web. The study aimed to uncover how security is perceived in the individual's context of use. From this data, themes were drawn, with a focus on addressing security goals such as confidentiality and authentication. This study is the first study investigating users' web usage focusing on their self-documented perceptions of security and the security choices they made in their own environment.

Enhancing the use of Internet and Web services for quality learning : an action research

Internet and Web services have been used in both teaching and learning and are gaining popularity in today’s world. E-Learning is becoming popular and considered the latest advance in technology based learning. Despite the potential advantages for learning in a small country like Bhutan, there is lack of eServices at the Paro College of Education. This study investigated students’ attitudes towards online communities and frequency of access to the Internet, and how students locate and use different sources of information in their project tasks. Since improvement was at the heart of this research, an action research approach was used. Based on the idea of purposeful sampling, a semi-structured interview and observations were used as data collection instruments. 10 randomly selected students (5 girls and 5 boys) participated in this research as the controlled group. The study findings indicated that there is a lack of educational information technology services, such as e-learning at the college. Internet connection being very slow was the main barrier to learning using e-learning or accessing Internet resources. There is a strong relationship between the quality of written task and the source of the information, and between Web searching and learning. The source of information used in assignments and project work is limited to books in the library which are often outdated and of poor quality. Project tasks submitted by most of the students were of poor quality.

Citizen journalism : a primer :when news takes to the Internet

This paper identifies factors underpinning the emergence of citizen journalism, including the rise of Web 2.0, rethinking journalism as a professional ideology, the decline of ‘high modernist’ journalism, divergence between elite and popular opinion, changing revenue bases for news production, and the decline of deference in democratic societies. It will connect these issues to wider debates about the implications of journalism and news production increasingly going into the Internet environment.

Enhancing security and continuity management at international airports

Operators of busy contemporary airports have to balance tensions between the timely flow of passengers, flight operations, the conduct of commercial business activities and the effective application of security processes. In addition to specific onsite issues airport operators liaise with a range of organisations which set and enforce aviation-related policies and regulations as well as border security agencies responsible for customs, quarantine and immigration, in addition to first response security services. The challenging demands of coordinating and planning in such complex socio-technical contexts place considerable pressure on airport management to facilitate coordination of what are often conflicting goals and expectations among groups that have standing in respect to safe and secure air travel. What are, as yet, significantly unexplored issues in large airports are options for the optimal coordination of efforts from the range of public and private sector participants active in airport security and crisis management. A further aspect of this issue is how airport management systems operate when there is a transition from business-as-usual into an emergency/crisis situation and then, on recovery, back to ‘normal’ functioning. Business Continuity Planning (BCP), incorporating sub-plans for emergency response, continuation of output and recovery of degraded operating capacity, would fit such a context. The implementation of BCP practices in such a significant high security setting offers considerable potential benefit yet entails considerable challenges. This paper presents early results of a 4 year nationally funded industry-based research project examining the merger of Business Continuity Planning and Transport Security Planning as a means of generating capability for improved security and reliability and, ultimately, enhanced resilience in major airports. The project is part of a larger research program on the Design of Secure Airports that includes most of the gazetted ‘first response’ international airports in Australia, key Aviation industry groups and all aviation-related border and security regulators as collaborative partners. The paper examines a number of initial themes in the research, including: ? Approaches to integrating Business Continuity & Aviation Security Planning within airport operations; ? Assessment of gaps in management protocols and operational capacities for identifying and responding to crises within and across critical aviation infrastructure; ? Identification of convergent and divergent approaches to crisis management used across Austral-Asia and their alignment to planned and possible infrastructure evolution.

A criminological analysis : using real-time monitoring to gather data on online predators

The Internet presents a constantly evolving frontier for criminology and policing, especially in relation to online predators – paedophiles operating within the Internet for safer access to children, child pornography and networking opportunities with other online predators. The goals of this qualitative study are to undertake behavioural research – identify personality types and archetypes of online predators and compare and contrast them with behavioural profiles and other psychological research on offline paedophiles and sex offenders. It is also an endeavour to gather intelligence on the technological utilisation of online predators and conduct observational research on the social structures of online predator communities. These goals were achieved through the covert monitoring and logging of public activity within four Internet Relay Chat(rooms) (IRC) themed around child sexual abuse and which were located on the Undernet network. Five days of monitoring was conducted on these four chatrooms between Wednesday 1 to Sunday 5 April 2009; this raw data was collated and analysed. The analysis identified four personality types – the gentleman predator, the sadist, the businessman and the pretender – and eight archetypes consisting of the groomers, dealers, negotiators, roleplayers, networkers, chat requestors, posters and travellers. The characteristics and traits of these personality types and archetypes, which were extracted from the literature dealing with offline paedophiles and sex offenders, are detailed and contrasted against the online sexual predators identified within the chatrooms, revealing many similarities and interesting differences particularly with the businessman and pretender personality types. These personality types and archetypes were illustrated by selecting users who displayed the appropriate characteristics and tracking them through the four chatrooms, revealing intelligence data on the use of proxies servers – especially via the Tor software – and other security strategies such as Undernet’s host masking service. Name and age changes, which is used as a potential sexual grooming tactic was also revealed through the use of Analyst’s Notebook software and information on ISP information revealed the likelihood that many online predators were not using any safety mechanism and relying on the anonymity of the Internet. The activities of these online predators were analysed, especially in regards to child sexual grooming and the ‘posting’ of child pornography, which revealed a few of the methods in which online predators utilised new Internet technologies to sexually groom and abuse children – using technologies such as instant messengers, webcams and microphones – as well as store and disseminate illegal materials on image sharing websites and peer-to-peer software such as Gigatribe. Analysis of the social structures of the chatrooms was also carried out and the community functions and characteristics of each chatroom explored. The findings of this research have indicated several opportunities for further research. As a result of this research, recommendations are given on policy, prevention and response strategies with regards to online predators.

Dropout from internet-based treatment for psychological disorders

Purpose: The purpose of this review was to present an in-depth analysis of literature identifying the extent of dropout from Internet-based treatment programmes for psychological disorders, and literature exploring the variables associated with dropout from such programmes. ----- ----- Methods: A comprehensive literature search was conducted on PSYCHINFO and PUBMED with the keywords: dropouts, drop out, dropout, dropping out, attrition, premature termination, termination, non-compliance, treatment, intervention, and program, each in combination with the key words Internet and web. A total of 19 studies published between 1990 and April 2009 and focusing on dropout from Internet-based treatment programmes involving minimal therapist contact were identified and included in the review. ----- ----- Results: Dropout ranged from 2 to 83% and a weighted average of 31% of the participants dropped out of treatment. A range of variables have been examined for their association with dropout from Internet-based treatment programmes for psychological disorders. Despite the numerous variables explored, evidence on any specific variables that may make an individual more likely to drop out of Internet-based treatment is currently limited. ----- ----- Conclusions: This review highlights the need for more rigorous and theoretically guided research exploring the variables associated with dropping out of Internet-based treatment for psychological disorders.

DIScoveringABILITIES : creating interactive performances over the Internet

This article presents a case study that shows how a creative music educator uses the internet to enable participatory performance.