376 resultados para patron privacy
Resumo:
With the implementation of the Personally Controlled eHealth Records system (PCEHR) in Australia, shared Electronic Health Records (EHR) are now a reality. However, the characteristic implicit in the PCEHR that puts the consumer (i.e. patient) in control of managing his or her health information within the PCEHR prevents healthcare professionals (HCPs) from utilising it as a one-stop-shop for information at point of care decision making as they cannot trust that a complete record of the consumer's health history is available to them through it. As a result, whilst reaching a major milestone in Australia's eHealth journey, the PCEHR does not reap the full benefits that such a shared EHR system can offer.
Resumo:
This paper explores the potential for online video as a mechanism to transform the ways students learn, as measured by research, user experience and usage following surveys and trials of patron-driven acquisition collaboratively undertaken by Queensland University of Technology, La Trobe University and Kanopy.
Resumo:
Facial expression recognition (FER) systems must ultimately work on real data in uncontrolled environments although most research studies have been conducted on lab-based data with posed or evoked facial expressions obtained in pre-set laboratory environments. It is very difficult to obtain data in real-world situations because privacy laws prevent unauthorized capture and use of video from events such as funerals, birthday parties, marriages etc. It is a challenge to acquire such data on a scale large enough for benchmarking algorithms. Although video obtained from TV or movies or postings on the World Wide Web may also contain ‘acted’ emotions and facial expressions, they may be more ‘realistic’ than lab-based data currently used by most researchers. Or is it? One way of testing this is to compare feature distributions and FER performance. This paper describes a database that has been collected from television broadcasts and the World Wide Web containing a range of environmental and facial variations expected in real conditions and uses it to answer this question. A fully automatic system that uses a fusion based approach for FER on such data is introduced for performance evaluation. Performance improvements arising from the fusion of point-based texture and geometry features, and the robustness to image scale variations are experimentally evaluated on this image and video dataset. Differences in FER performance between lab-based and realistic data, between different feature sets, and between different train-test data splits are investigated.
Resumo:
"Fully updated to reflect the rapid pace of change in the health law areas. Explains the legal process as it relates to the health care professional."--Libraries Australia. Table of Contents Part I. Introductory concepts -- 1. What is law -- 2. The legal structure -- 3. The legal process -- Part II. Patient relationships -- 4. Consent to health care by a competent adult -- 5. Consent to health care by a legally incompetent person -- 6. Negligence -- 7. Patient information and privacy -- 8. Patients' property -- 9. Contract -- Part III. Employment -- 10. Contracts to provide health care services -- 011. Accidents and injuries related to health care --12. Registration and practice --13. Drugs --14. Criminal law and health care --15. State involvement in birth and death: registration and coronial inquiries --16. State involvement in threats to health or welfare --17. Human tissue transplants and reproductive technology --18. Expanding recognition of human rights --19. Decision making, law and ethics: a discussion.
Resumo:
While social engineering represents a real and ominous threat to many organizations, companies, governments, and individuals, social networking sites (SNSs), have been identified as among the most common means of social engineering attacks. Owing to factors that reduce the ability of users to detect social engineering tricks and increase the ability of attackers to launch them, SNSs seem to be perfect breeding ground for exploiting the vulnerabilities of people, and the weakest link in security. This work will contribute to the knowledge of social engineering by identifying different entities and subentities that affect social engineering based attacks in SNSs. Moreover, this paper includes an intensive and comprehensive overview of different aspects of social engineering threats in SNSs.
Resumo:
There is no doubt that social engineering plays a vital role in compromising most security defenses, and in attacks on people, organizations, companies, or even governments. It is the art of deceiving and tricking people to reveal critical information or to perform an action that benefits the attacker in some way. Fraudulent and deceptive people have been using social engineering traps and tactics using information technology such as e-mails, social networks, web sites, and applications to trick victims into obeying them, accepting threats, and falling victim to various crimes and attacks such as phishing, sexual abuse, financial abuse, identity theft, impersonation, physical crime, and many other forms of attack. Although organizations, researchers, practitioners, and lawyers recognize the severe risk of social engineering-based threats, there is a severe lack of understanding and controlling of such threats. One side of the problem is perhaps the unclear concept of social engineering as well as the complexity of understand human behaviors in behaving toward, approaching, accepting, and failing to recognize threats or the deception behind them. The aim of this paper is to explain the definition of social engineering based on the related theories of the many related disciplines such as psychology, sociology, information technology, marketing, and behaviourism. We hope, by this work, to help researchers, practitioners, lawyers, and other decision makers to get a fuller picture of social engineering and, therefore, to open new directions of collaboration toward detecting and controlling it.
Resumo:
The security and privacy of patient information is one of the biggest hindrances to the wide adoption of eHealth systems. For eHealth systems to be successful they must provide protection for patients’ privacy while ensuring healthcare professionals are able to access the information necessary to provide appropriate care. Accountable-eHealth systems are a proposed solution to these potentially competing concerns by enforcing appropriate use and after-the-fact accountability measures. We have developed a Web-based prototype to demonstrate scenarios of how both appropriate and inappropriate use of patient information would be handled in an Accountable-eHealth system.
Resumo:
Proxy re-encryption (PRE) is a highly useful cryptographic primitive whereby Alice and Bob can endow a proxy with the capacity to change ciphertext recipients from Alice to Bob, without the proxy itself being able to decrypt, thereby providing delegation of decryption authority. Key-private PRE (KP-PRE) specifies an additional level of confidentiality, requiring pseudo-random proxy keys that leak no information on the identity of the delegators and delegatees. In this paper, we propose a CPA-secure PK-PRE scheme in the standard model (which we then transform into a CCA-secure scheme in the random oracle model). Both schemes enjoy highly desirable properties such as uni-directionality and multi-hop delegation. Unlike (the few) prior constructions of PRE and KP-PRE that typically rely on bilinear maps under ad hoc assumptions, security of our construction is based on the hardness of the standard Learning-With-Errors (LWE) problem, itself reducible from worst-case lattice hard problems that are conjectured immune to quantum cryptanalysis, or “post-quantum”. Of independent interest, we further examine the practical hardness of the LWE assumption, using Kannan’s exhaustive search algorithm coupling with pruning techniques. This leads to state-of-the-art parameters not only for our scheme, but also for a number of other primitives based on LWE published the literature.
Resumo:
We propose a new kind of asymmetric mutual authentication from passwords with stronger privacy against malicious servers, lest they be tempted to engage in “cross-site user impersonation” to each other. It enables a person to authenticate (with) arbitrarily many independent servers, over adversarial channels, using a memorable and reusable single short password. Beside the usual PAKE security guarantees, our framework goes to lengths to secure the password against brute-force cracking from privileged server information.
Resumo:
In a play-within-a-play, the Mechanicals' production within William Shakespeare's A Midsummer Night's Dream, the character Snout announces his transformation to play the character of Wall. Snout's portrayal of Wall is both comical and menacing as he represents the forces that separate the lovers Pyramus and Thisbe. Wall becomes a subject in a manner no different from the lovers that he separates; his influence on their situation is brought to life. The unbecoming nature of walls to demarcate, separate, intimidate, influence and control is a relationship most can relate to in their experiences with architecture. It is in these moments that architecture leaps from the sphere of object into the realm of subject; where we might be involved in some intense struggle with the placement of a wall, the wall that might separate us from a lover, justice, freedom, power or privacy. This study investigates how this struggle is portrayed through the human body as representation of walls in performance.
Resumo:
For the past several decades, cryptographers have consistently provided us with stronger and more capable primitives and protocols that have found many applications in security systems in everyday life. One of the central tenets of cryptographic design is that, whereas a system’s architecture ought to be public and open to scrutiny, the keys on which it depends — long, utterly random, unique strings of bits — will be perfectly preserved by their owner, and yet nominally inaccessible to foes.
Resumo:
User-generated content plays a pivotal role in the current social media. The main focus, however, has been on the explicitly generated user content such as photos, videos and status updates on different social networking sites. In this paper, we explore the potential of implicitly generated user content, based on users’ online consumption behaviors. It is technically feasible to record users’ consumption behaviors on mobile devices and share that with relevant people. Mobile devices with such capabilities could enrich social interactions around the consumed content, but it may also threaten users’ privacy. To understand the potentials of this design direction we created and evaluated a low-fidelity prototype intended for photo sharing within private groups. Our prototype incorporates two design concepts, namely, FingerPrint and MoodPhotos that leverage users’ consumption history and emotional responses. In this paper, we report user values and user acceptance of this prototype from three participatory design workshops.
Resumo:
A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.
Resumo:
The invention of asymmetric encryption back in the seventies was a conceptual leap that vastly increased the expressive power of encryption of the times. For the first time, it allowed the sender of a message to designate the intended recipient in an cryptographic way, expressed as a “public key” that was related to but distinct from the “private key” that, alone, embodied the ability to decrypt. This made large-scale encryption a practical and scalable endeavour, and more than anything else—save the internet itself—led to the advent of electronic commerce as we know and practice it today.
Resumo:
Using Media-Access-Control (MAC) address for data collection and tracking is a capable and cost effective approach as the traditional ways such as surveys and video surveillance have numerous drawbacks and limitations. Positioning cell-phones by Global System for Mobile communication was considered an attack on people's privacy. MAC addresses just keep a unique log of a WiFi or Bluetooth enabled device for connecting to another device that has not potential privacy infringements. This paper presents the use of MAC address data collection approach for analysis of spatio-temporal dynamics of human in terms of shared space utilization. This paper firstly discuses the critical challenges and key benefits of MAC address data as a tracking technology for monitoring human movement. Here, proximity-based MAC address tracking is postulated as an effective methodology for analysing the complex spatio-temporal dynamics of human movements at shared zones such as lounge and office areas. A case study of university staff lounge area is described in detail and results indicates a significant added value of the methodology for human movement tracking. By analysis of MAC address data in the study area, clear statistics such as staff’s utilisation frequency, utilisation peak periods, and staff time spent is obtained. The analyses also reveal staff’s socialising profiles in terms of group and solo gathering. The paper is concluded with a discussion on why MAC address tracking offers significant advantages for tracking human behaviour in terms of shared space utilisation with respect to other and more prominent technologies, and outlines some of its remaining deficiencies.
