The Australian Business Assessment of Computer User Security (ABACUS): A national survey.

The Australian Business Assessment of Computer User Security (ABACUS) survey is a nationwide assessment of the prevalence and nature of computer security incidents experienced by Australian businesses. This report presents the findings of the survey which may be used by businesses in Australia to assess the effectiveness of their information technology security measures.

Increasing Food Production Sustainably in a Changing Climate : Understanding the Pressures and Potential

Australian agriculture is faced with the dilemma of increasing food production for a growing domestic and world population while decreasing environmental impacts and supporting the social and economic future of regional communities. The challenge for farmers is compounded by declining rates of productivity growth which have been linked to changes in climate and decreasing investment in agricultural research. The answer must lie in understanding the ecological functionality of landscapes and matching management of agricultural systems and use of natural resources to landscape capacity in a changing climate. A simplified mixed grain and livestock farm case study is used to illustrate the challenges of assessing the potential for shifts in land allocation between commodities to achieve sustainable intensification of nutrition production. This study highlights the risks associated with overly-simplistic solutions and the need for increased investment in research to inform the development of practical strategies for increasing food production in Australian agro-ecosystems while managing the impacts of climate change and addressing climate change mitigation policies.

Intellectual property, TRIPS and development

Intellectual property is crucial to the promotion of innovation. It provides an incentive to innovate as well as security for investment in innovation. The industries of the 21st century-information technology, biotechnology, pharmaceuticals, communications, education and entertainment – are all knowledge-based. The WTO Agreement on Trade-Related Aspects of Intellectual Property Rights (the TRIPS Agreement), adopted in 1994 at the conclusion of the Uruguay Round of trade negotiations, requires all WTO member countries to provide for the protection and enforcement of intellectual property rights. Having forged a link for the first time between intellectual property rights and the international trading system, the adoption of TRIPS means that any country that aims to participate fully in the global economy needs to understand the role of intellectual property and align its intellectual property laws and practices with the international minimum standards prescribed by TRIPS. However, for developing and least-developed countries, the implementation of intellectual property systems and enforcement mechanisms raises questions and challenges. Does recognition and enforcement of intellectual property serve their development needs and objectives? Does TRIPS encourage or hinder the transfer of technologies to developing and least-developed countries, particularly those that meet urgent needs in areas such as public health, food security, water and energy? What is the effect of TRIPS on developing countries’ access to knowledge and information? Is there scope for flexibility in implementation of TRIPS in pursuit of development strategies?

Conflicts over protection of marine living resources : the ‘Volga Case’ revisited

Non-traditional maritime security concerns have become more importantthan ever in the post-Cold War era. Naval forces of most developedcountries are more concerned about these threats than conventional war.One of the main maritime security issues for many countries in the world isillegal, unreported and unregulated (IUU) fishing in the marine area. Withthese burgeoning issues comes the potential for a large number of disputesinvolving international law. In early 2002, a long-line fishing vessel under aRussian flag –the Volga, was detained by Australian authorities a few hundred meters outside the Exclusive Economic Zone of Australia’s Heard and McDonald Islands in the Southern Ocean. The vessel was reportedly engaged in illegal fishing. This incident gave birth to litigation in international and Australian courts. Apart from these cases, Russia also announced separate litigation against Australia for violation of Articles 111and 87 of the United Nations Convention on the Law of the Sea (NCLOS).Considering the outcome of these cases, this article critically examines thecharacteristics of litigation as a strategy for pacific settlement of disputesover marine living resources. Using the Volga Case as an example, thisarticle explores some issues related to the judicial settlement of disputes over marine living resources. This article demonstrates that the legal certainty of winning a case may not be the only factor influencing the strategy for settlement of an international dispute.

Background to the development of a curriculum for the history of “cyber” and “communications” security

For any discipline to be regarded as a professional undertaking by which its members may be treated as true “professionals” in a specific area, practitioners must clearly understand that discipline’s history as well as the place and significance of that history in current practice as well as its relevance to available technologies and artefacts at the time. This is common for many professional disciplines such as medicine, pharmacy, engineering, law and so on but not yet, this paper submits, in information technology. Based on twenty five elapsed years of experience in developing and delivering Cybersecurity courses at undergraduate and postgraduate levels, this paper proposes a rationale and set of differing perspectives for the planning and development of curricula relevant to the delivery of appropriate courses in the history of cybersecurity or information assurance to information and communications technology (ICT) students and thus to potential information technology professionals.

The importance of individual characteristics in experimental economic research

This thesis advances the knowledge of behavioural economics on the importance of individual characteristics – such as gender, personality or culture – for choices relevant to labour and insurance markets. It does so using economic experiments, survey tools and physiological data, collected in economic laboratories and in the field. More specifically, the thesis includes 5 experimental economic studies investigating individual-specific characteristics (gender, age, personality, cultural background) in decisions influenced by risk attitudes and social preferences. One of these characteristics is the physiological state of decision-makers, measured by heart rate variability. The results show that individual-specific characteristics play an important role for choices affected by social preferences, a finding to a lesser degree observable for risk preferences. This finding is confirmed under revealed incentivised choices and when studying (latent) physiological responses of decision-makers.

Iris based identity verification robust to sample presentation security attacks

Iris based identity verification is highly reliable but it can also be subject to attacks. Pupil dilation or constriction stimulated by the application of drugs are examples of sample presentation security attacks which can lead to higher false rejection rates. Suspects on a watch list can potentially circumvent the iris based system using such methods. This paper investigates a new approach using multiple parts of the iris (instances) and multiple iris samples in a sequential decision fusion framework that can yield robust performance. Results are presented and compared with the standard full iris based approach for a number of iris degradations. An advantage of the proposed fusion scheme is that the trade-off between detection errors can be controlled by setting parameters such as the number of instances and the number of samples used in the system. The system can then be operated to match security threat levels. It is shown that for optimal values of these parameters, the fused system also has a lower total error rate.

The role of human capital in economic growth revisited

Benhabib and Spiegel (1994) examine the role of human capital in the development process empirically using a theory-driven specification rather than the standard production function approach. While they find evidence of a positive impact of human capital on income growth, their result is not robust to the inclusion of inequality as an additional covariate. Using an alternate dataset and different measures of inequality, we find robust support for the hypothesis that human capital matters even when we account for the adverse effect of income inequality on growth.

ASICS : authenticated key exchange security incorporating certification systems

Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.

Cost effectiveness of patient education for the prevention of falls in hospital : economic evaluation from a randomized controlled trial

Background Falls are one of the most frequently occurring adverse events that impact upon the recovery of older hospital inpatients. Falls can threaten both immediate and longer-term health and independence. There is need to identify cost-effective means for preventing falls in hospitals. Hospital-based falls prevention interventions tested in randomized trials have not yet been subjected to economic evaluation. Methods Incremental cost-effectiveness analysis was undertaken from the health service provider perspective, over the period of hospitalization (time horizon) using the Australian Dollar (A$) at 2008 values. Analyses were based on data from a randomized trial among n = 1,206 acute and rehabilitation inpatients. Decision tree modeling with three-way sensitivity analyses were conducted using burden of disease estimates developed from trial data and previous research. The intervention was a multimedia patient education program provided with trained health professional follow-up shown to reduce falls among cognitively intact hospital patients. Results The short-term cost to a health service of one cognitively intact patient being a faller could be as high as A$14,591 (2008). The education program cost A$526 (2008) to prevent one cognitively intact patient becoming a faller and A$294 (2008) to prevent one fall based on primary trial data. These estimates were unstable due to high variability in the hospital costs accrued by individual patients involved in the trial. There was a 52% probability the complete program was both more effective and less costly (from the health service perspective) than providing usual care alone. Decision tree modeling sensitivity analyses identified that when provided in real life contexts, the program would be both more effective in preventing falls among cognitively intact inpatients and cost saving where the proportion of these patients who would otherwise fall under usual care conditions is at least 4.0%. Conclusions This economic evaluation was designed to assist health care providers decide in what circumstances this intervention should be provided. If the proportion of cognitively intact patients falling on a ward under usual care conditions is 4% or greater, then provision of the complete program in addition to usual care will likely both prevent falls and reduce costs for a health service.

Essays on technology adoption under uncertainty, globalization and economic growth

This thesis examines how the initial institutional and technological aspects of the economy and the reforms that alter these aspects influence long run growth and development. These issues are addressed in the framework of stochastic endogenous growth models and an empirical framework. The thesis is able to explain why developing nations exhibit diverse growth and inequality patterns. Consequently, the thesis raises a number of policy implications regarding how these nations can improve their economic outcomes.

On the security of TLS renegotiation

The Transport Layer Security (TLS) protocol is the most widely used security protocol on the Internet. It supports negotiation of a wide variety of cryptographic primitives through different cipher suites, various modes of client authentication, and additional features such as renegotiation. Despite its widespread use, only recently has the full TLS protocol been proven secure, and only the core cryptographic protocol with no additional features. These additional features have been the cause of several practical attacks on TLS. In 2009, Ray and Dispensa demonstrated how TLS renegotiation allows an attacker to splice together its own session with that of a victim, resulting in a man-in-the-middle attack on TLS-reliant applications such as HTTP. TLS was subsequently patched with two defence mechanisms for protection against this attack. We present the first formal treatment of renegotiation in secure channel establishment protocols. We add optional renegotiation to the authenticated and confidential channel establishment model of Jager et al., an adaptation of the Bellare--Rogaway authenticated key exchange model. We describe the attack of Ray and Dispensa on TLS within our model. We show generically that the proposed fixes for TLS offer good protection against renegotiation attacks, and give a simple new countermeasure that provides renegotiation security for TLS even in the face of stronger adversaries.