The implementation of a novel, bio-inspired, robotic security system

The implementation of a robotic security solution generally requires one algorithm to route the robot around the environment and another algorithm to perform anomaly detection. Solutions to the routing problem require the robot to have a good estimate of its own pose. We present a novel security system that uses metrics generated by the localisation algorithm to perform adaptive anomaly detection. The localisation algorithm is a vision-based SLAM solution called RatSLAM, based on mechanisms within the hippocampus. The anomaly detection algorithm is based on the mechanisms used by the immune system to identify threats to the body. The system is explored using data gathered within an unmodified office environment. It is shown that the algorithm successfully reacts to the presence of people and objects in areas where they are not usually present and is tolerised against the presence of people in environments that are usually dynamic.

A rights management approach to securing data distribution in coalitions

As network capacity has increased over the past decade, individuals and organisations have found it increasingly appealing to make use of remote services in the form of service-oriented architectures and cloud computing services. Data processed by remote services, however, is no longer under the direct control of the individual or organisation that provided the data, leaving data owners at risk of data theft or misuse. This paper describes a model by which data owners can control the distribution and use of their data throughout a dynamic coalition of service providers using digital rights management technology. Our model allows a data owner to establish the trustworthiness of every member of a coalition employed to process data, and to communicate a machine-enforceable usage policy to every such member.

A risk-based approach to course quality assurance

A decade ago, Queensland University of Technology (QUT) developed an innovative annual Courses Performance Report, but through incremental change, this report became quite labour-intensive. A new risk-based approach to course quality assurance, that consolidates voluminous data in a simple dashboard, responds to the changing context of the higher education sector. This paper will briefly describe QUT’s context and outline the second phase of implementation of this new approach to course quality assurance. The main components are: Individual Course Reports (ICRs), the Consolidated Courses Performance Report (CCPR), Underperforming Courses Status Update and the Strategic Faculty Courses Update (SFCU). These components together form a parsimonious and strategic annual cycle of reporting and place QUT in a positive position to respond to future sector change

Service employee behaviour : the role of compliance and risk taking

This paper looks at the decision-making process that determines the amount of effort frontline service employees will expend in delivering a service in a business-to-business context. Using theories in behavioural economics and interactional and social psychology, the paper develops and presents a model of employee decision-making. Managerial implications, which have the potential to enhance the marketing of business-to-business services and directions for future research in this area, are indicated.

Performance analysis of unified enterprise application security framework

Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSIIFBI computer crime survey report, almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

Improved functional ability and independence in activities of daily living for older adults at high risk of hospital readmission : a randomised controlled trial

Objective: During hospitalisation older people often experience functional decline which impacts on their future independence. The objective of this study was to evaluate a multifaceted transitional care intervention including home-based exercise strategies for at-risk older people on functional status, independence in activities of daily living, and walking ability. Methods: A randomised controlled trial was undertaken in a metropolitan hospital in Australia with 128 patients (64 intervention, 64 control) aged over 65 years with an acute medical admission and at least one risk factor for hospital readmission. The intervention group received an individually tailored program for exercise and follow-up care which was commenced in hospital and included regular visits in hospital by a physiotherapist and a Registered Nurse, a home visit following discharge, and regular telephone follow-up for 24 weeks following discharge. The program was designed to improve health promoting behaviours, strength, stability, endurance and mobility. Data were collected at baseline, then 4, 12 and 24 weeks following discharge using the Index of Activities of Daily Living (ADL), Instrumental Index of Activities of Daily Living (IADL), and the Walking Impairment Questionnaire (Modified). Results: Significant improvements were found in the intervention group in IADL scores (p<.001), ADL scores (p<.001), and WIQ scale scores (p<.001) in comparison to the control group. The greatest improvements were found in the first four weeks following discharge. Conclusions: Early introduction of a transitional model of care incorporating a tailored exercise program and regular telephone follow-up for hospitalised at-risk older adults can improve independence and functional ability.

Application of data mining techniques in the prediction of coronary artery disease : use of anaesthesia time-series and patient risk factor data

The high morbidity and mortality associated with atherosclerotic coronary vascular disease (CVD) and its complications are being lessened by the increased knowledge of risk factors, effective preventative measures and proven therapeutic interventions. However, significant CVD morbidity remains and sudden cardiac death continues to be a presenting feature for some subsequently diagnosed with CVD. Coronary vascular disease is also the leading cause of anaesthesia related complications. Stress electrocardiography/exercise testing is predictive of 10 year risk of CVD events and the cardiovascular variables used to score this test are monitored peri-operatively. Similar physiological time-series datasets are being subjected to data mining methods for the prediction of medical diagnoses and outcomes. This study aims to find predictors of CVD using anaesthesia time-series data and patient risk factor data. Several pre-processing and predictive data mining methods are applied to this data. Physiological time-series data related to anaesthetic procedures are subjected to pre-processing methods for removal of outliers, calculation of moving averages as well as data summarisation and data abstraction methods. Feature selection methods of both wrapper and filter types are applied to derived physiological time-series variable sets alone and to the same variables combined with risk factor variables. The ability of these methods to identify subsets of highly correlated but non-redundant variables is assessed. The major dataset is derived from the entire anaesthesia population and subsets of this population are considered to be at increased anaesthesia risk based on their need for more intensive monitoring (invasive haemodynamic monitoring and additional ECG leads). Because of the unbalanced class distribution in the data, majority class under-sampling and Kappa statistic together with misclassification rate and area under the ROC curve (AUC) are used for evaluation of models generated using different prediction algorithms. The performance based on models derived from feature reduced datasets reveal the filter method, Cfs subset evaluation, to be most consistently effective although Consistency derived subsets tended to slightly increased accuracy but markedly increased complexity. The use of misclassification rate (MR) for model performance evaluation is influenced by class distribution. This could be eliminated by consideration of the AUC or Kappa statistic as well by evaluation of subsets with under-sampled majority class. The noise and outlier removal pre-processing methods produced models with MR ranging from 10.69 to 12.62 with the lowest value being for data from which both outliers and noise were removed (MR 10.69). For the raw time-series dataset, MR is 12.34. Feature selection results in reduction in MR to 9.8 to 10.16 with time segmented summary data (dataset F) MR being 9.8 and raw time-series summary data (dataset A) being 9.92. However, for all time-series only based datasets, the complexity is high. For most pre-processing methods, Cfs could identify a subset of correlated and non-redundant variables from the time-series alone datasets but models derived from these subsets are of one leaf only. MR values are consistent with class distribution in the subset folds evaluated in the n-cross validation method. For models based on Cfs selected time-series derived and risk factor (RF) variables, the MR ranges from 8.83 to 10.36 with dataset RF_A (raw time-series data and RF) being 8.85 and dataset RF_F (time segmented time-series variables and RF) being 9.09. The models based on counts of outliers and counts of data points outside normal range (Dataset RF_E) and derived variables based on time series transformed using Symbolic Aggregate Approximation (SAX) with associated time-series pattern cluster membership (Dataset RF_ G) perform the least well with MR of 10.25 and 10.36 respectively. For coronary vascular disease prediction, nearest neighbour (NNge) and the support vector machine based method, SMO, have the highest MR of 10.1 and 10.28 while logistic regression (LR) and the decision tree (DT) method, J48, have MR of 8.85 and 9.0 respectively. DT rules are most comprehensible and clinically relevant. The predictive accuracy increase achieved by addition of risk factor variables to time-series variable based models is significant. The addition of time-series derived variables to models based on risk factor variables alone is associated with a trend to improved performance. Data mining of feature reduced, anaesthesia time-series variables together with risk factor variables can produce compact and moderately accurate models able to predict coronary vascular disease. Decision tree analysis of time-series data combined with risk factor variables yields rules which are more accurate than models based on time-series data alone. The limited additional value provided by electrocardiographic variables when compared to use of risk factors alone is similar to recent suggestions that exercise electrocardiography (exECG) under standardised conditions has limited additional diagnostic value over risk factor analysis and symptom pattern. The effect of the pre-processing used in this study had limited effect when time-series variables and risk factor variables are used as model input. In the absence of risk factor input, the use of time-series variables after outlier removal and time series variables based on physiological variable values’ being outside the accepted normal range is associated with some improvement in model performance.

Testing a belief-based intervention encouraging sun safety among adolescents in a high risk area

Objective. To provide a preliminary test of a Theory of Planned Behavior (TPB) belief-based intervention to increase adolescents’ sun protective behaviors in a high risk area, Queensland, Australia. Methods. In the period of October-November, 2007 and May-June, 2008, 80 adolescents (14.53 ± 0.69 years) were recruited from two secondary schools (one government and one private) in Queensland after obtaining student, parental, and school informed consent. Adolescents were allocated to either a control or intervention condition based on the class they attended. The intervention comprised three, one hour in-school sessions facilitated by Cancer Council Queensland employees with sessions covering the belief basis of the TPB (i.e., behavioral, normative, and control [barrier and motivator] sun-safe beliefs). Participants completed questionnaires assessing sun-safety beliefs, intentions, and behavior pre- and post-intervention. Repeated Measures Multivariate Analysis of Variance was used to test the effect of the intervention across time on these constructs. Results. Students completing the intervention reported stronger sun-safe normative and motivator beliefs and intentions and the performance of more sun-safe behaviors across time than those in the control condition. Conclusion. Strengthening beliefs about the approval of others and motivators for sun protection may encourage sun-safe cognitions and actions among adolescents.

Organisational challenges in understanding and implementing effective buiness continuity management strategies in a complex and critical organisation : an airport case study

With the increasing complexity of modern day threats and the growing sophistication of interlinked and interdependent operating environments, Business Continuity Management (BCM) has emerged as a new discipline, offering a strategic approach to safeguarding organisational functions. Of significant interest is the application of BCM frameworks and strategies within critical infrastructure, and in particular the aviation industry. Given the increased focus on security and safety for critical infrastructures, research into the adoption of BCM principles within an airport environment provides valuable management outcomes and research into a previously neglected area of inquisition. This research has used a single case study methodology to identify possible impediments to BCM adoption and implementation by the Brisbane Airport Corporation (BAC). It has identified a number of misalignments between the required breadth of focus for a BCM program, identified differing views on specific roles and responsibilities required during a major disruptive event and illustrated the complexities of the Brisbane Airport which impede the understanding and implementation of effective Business Continuity Management Strategies.

Legislative and security requirements of audit material for evidentiary purpose

This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.