On the security of PAS (predicate-based authentication service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

In-vehicle extremity injuries from improvised explosive devices : current and future foci

The conflicts in Iraq and Afghanistan have been epitomized by the insurgents’ use of the improvised explosive device against vehicle-borne security forces. These weapons, capable of causing multiple severely injured casualties in a single incident, pose the most prevalent single threat to Coalition troops operating in the region. Improvements in personal protection and medical care have resulted in increasing numbers of casualties surviving with complex lower limb injuries, often leading to long-term disability. Thus, there exists an urgent requirement to investigate and mitigate against the mechanism of extremity injury caused by these devices. This will necessitate an ontological approach, linking molecular, cellular and tissue interaction to physiological dysfunction. This can only be achieved via a collaborative approach between clinicians, natural scientists and engineers, combining physical and numerical modelling tools with clinical data from the battlefield. In this article, we compile existing knowledge on the effects of explosions on skeletal injury, review and critique relevant experimental and computational research related to lower limb injury and damage and propose research foci required to drive the development of future mitigation technologies.

Formal security analysis of Australian e-passport implementation

This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.

Airports of the future : improving operation, security and experience

The final report for the ARC project "Airports of the Future". It contains the findings and recommendations provided by the various teams to the industry partners.

Security properties analysis in a TPM-based protocol

Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient

Food security

INTRODUCTION Globally, one-third of food production is lost annually due to negligent authorities. India alone loses some 21 million tonnes of wheat per year even while it has 200 million food-insecure people in the nation. Disturbingly provocative as it may sound, it is amazing how national and international institutions and governments make use of human hunger for their own survival (Raghib 2013). The global food system is increasingly insecure. Challenges to long-term global food security are encapsulated by resource scarcity, environmental degradation, biodiversity loss, climate change, reductions of farm labour and a growing world population. These issues are caused and aggravated by the spread of corporatised and monopolised food systems, dietary change, and urbanisation. These factors have rapidly brought food insecurity under the umbrella of unconventional security threats (Heukelom 2011). For some, humanitarian crises associated with food insecurity, or what has been dubbed ‘the silent tsunami’, is a pending peril, notably for the world’s poorest and most vulnerable people. For others, the food production industry is an emerging market with unprecedented profits. Despite this problem of food scarcity we are witnessing extraordinary ‘food wastage’, notably in North America and Europe, on a scale that would reportedly be capable of feeding the world’s hungry six times over (Stuart 2012). As the opening quotation to this chapter suggests, governments and corporations are deeply involved in the contexts, politics, and resources associated with food related issues. As many economically developed and advanced industrial nations are reporting a rise out of recession, announcements are made by the world’s richest countries that they are to cut $US2 billion per year from food aid. The head of the World Food Aid Programme, Rosette Sheeran, warns that such cuts could result in ‘the loss of a generation’ (Walters 2011). The global food crisis has also reinvigorated debates about agricultural development and genetically modified (GM) food; as well as fuelling debates about poverty, debt and security. This chapter provides a discussion of the political economy of global food debates and explores the threats and opportunities surrounding food production and future food security.

UCPR r548 - requirement for report or proof of evidence intended to be relied on at trial

In Oates v Cootes Tanker Service Pty Ltd [2005] QSC 213, Fryberg J considered some interesting questions of construction in relation to the rule requiring the plaintiff to provide a statement of loss and damage in personal injuries proceedings (UCPR r 548) and the rule in relation to the giving of expert evidence (UCPR r427)

Book reviews : "Biosecurity interventions: global health and security in question"

International Relations’ engagement with global health governance has proliferated in the last decade. There are a number of excellent works that seek to understand how the relationship between politics and health shapes and informs people’s lives and governments’ policies. However, the overt securitization of health by the IR field has, Biosecurity interventions argues, remained relatively unproblematized...

Security analysis of the non-aggressive challenge response of the DNP3 Protocol using a CPN Model

Distributed Network Protocol Version 3 (DNP3) is the de-facto communication protocol for power grids. Standard-based interoperability among devices has made the protocol useful to other infrastructures such as water, sewage, oil and gas. DNP3 is designed to facilitate interaction between master stations and outstations. In this paper, we apply a formal modelling methodology called Coloured Petri Nets (CPN) to create an executable model representation of DNP3 protocol. The model facilitates the analysis of the protocol to ensure that the protocol will behave as expected. Also, we illustrate how to verify and validate the behaviour of the protocol, using the CPN model and the corresponding state space tool to determine if there are insecure states. With this approach, we were able to identify a Denial of Service (DoS) attack against the DNP3 protocol.

Cryptology and network security

This book constitutes the refereed proceedings of the 11th International Conference on Cryptology and Network Security, CANS 2012, held in Darmstadt, Germany, in December 2012. The 22 revised full papers, presented were carefully reviewed and selected from 99 submissions. The papers are organized in topical sections on cryptanalysis; network security; cryptographic protocols; encryption; and s-box theory.

AISC '11 Proceedings of the Ninth Australasian Information Security Conference

The Australasian Information Security Conference (AISC) 2011 was held on 18th-19th January 2011 in Perth, Australia, as a part of the Australasian Computer Science Week 2011. AISC grew out of the Australasian Information Security Workshop and officially changed the name to Australasian Information Security Conference in 2008. The main aim of the AISC is to provide a venue for Australasian and other researchers to present their work on all aspects of information security and promote collaboration between academic and industrial researchers working in this area.

AISC '12 Proceedings of the Tenth Australasian Information Security Conference

The Australasian Information Security Conference (AISC) 2012 was held at RMIT University in Melbourne, Australia, as a part of the Australasian Computer Science Week, January 30 - February 3, 2012. AISC grew out of the Australasian Information Security Workshop and officially changed the name to Australasian Information Security Conference in 2008. The main aim of the AISC is to provide a venue for researchers to present their work on all aspects of information security and promote collaboration between academic and industrial researchers working in this area.