Contextualizing the tensions and weaknesses of information privacy and data breach notification laws

Data breach notification laws have detailed numerous failures relating to the protection of personal information that have blighted both corporate and governmental institutions. There are obvious parallels between data breach notification and information privacy law as they both involve the protection of personal information. However, a closer examination of both laws reveals conceptual differences that give rise to vertical tensions between each law and shared horizontal weaknesses within both laws. Tensions emanate from conflicting approaches to the implementation of information privacy law that results in different regimes and the implementation of different types of protections. Shared weaknesses arise from an overt focus on specified types of personal information which results in ‘one size fits all’ legal remedies. The author contends that a greater contextual approach which promotes the importance of social context is required and highlights the effect that contextualization could have on both laws.

Automatic generation of assertions to detect potential security vulnerabilities in C programs that use union and pointer types

Type unions, pointer variables and function pointers are a long standing source of subtle security bugs in C program code. Their use can lead to hard-to-diagnose crashes or exploitable vulnerabilities that allow an attacker to attain privileged access over classified data. This paper describes an automatable framework for detecting such weaknesses in C programs statically, where possible, and for generating assertions that will detect them dynamically, in other cases. Exclusively based on analysis of the source code, it identifies required assertions using a type inference system supported by a custom made symbol table. In our preliminary findings, our type system was able to infer the correct type of unions in different scopes, without manual code annotations or rewriting. Whenever an evaluation is not possible or is difficult to resolve, appropriate runtime assertions are formed and inserted into the source code. The approach is demonstrated via a prototype C analysis tool.

'I am smart and I am not joking': Aiming high in the middle years of schooling

In this paper, we draw on accounts from students to inform a Middle Schooling movement that has been variously described as "arrested", "unfinished" and "exhausted". We propose that if the Middle Schooling movement is to understand the changing worlds of students and develop new approaches in the middle years of schooling, then it is important to draw on the insights that individual students can provide by conducting research with "students-as-informants". The early adolescent informants to this paper report high hopes for their futures (despite their lower socio-economic surroundings), which reinforces the importance of supporting successful learner identities and highlights the role of schooling in the decline of adolescent student aspirations. However, their insights did not stop at the individual learner, with students also identifying cultural and structural constraints to reform. As such, we argue that students may be both an important resource for inquiry into individual school reform and for the Middle Schooling movement internationally.

Wavelet based approaches and high resolution methods for complex process models

Many industrial processes and systems can be modelled mathematically by a set of Partial Differential Equations (PDEs). Finding a solution to such a PDF model is essential for system design, simulation, and process control purpose. However, major difficulties appear when solving PDEs with singularity. Traditional numerical methods, such as finite difference, finite element, and polynomial based orthogonal collocation, not only have limitations to fully capture the process dynamics but also demand enormous computation power due to the large number of elements or mesh points for accommodation of sharp variations. To tackle this challenging problem, wavelet based approaches and high resolution methods have been recently developed with successful applications to a fixedbed adsorption column model. Our investigation has shown that recent advances in wavelet based approaches and high resolution methods have the potential to be adopted for solving more complicated dynamic system models. This chapter will highlight the successful applications of these new methods in solving complex models of simulated-moving-bed (SMB) chromatographic processes. A SMB process is a distributed parameter system and can be mathematically described by a set of partial/ordinary differential equations and algebraic equations. These equations are highly coupled; experience wave propagations with steep front, and require significant numerical effort to solve. To demonstrate the numerical computing power of the wavelet based approaches and high resolution methods, a single column chromatographic process modelled by a Transport-Dispersive-Equilibrium linear model is investigated first. Numerical solutions from the upwind-1 finite difference, wavelet-collocation, and high resolution methods are evaluated by quantitative comparisons with the analytical solution for a range of Peclet numbers. After that, the advantages of the wavelet based approaches and high resolution methods are further demonstrated through applications to a dynamic SMB model for an enantiomers separation process. This research has revealed that for a PDE system with a low Peclet number, all existing numerical methods work well, but the upwind finite difference method consumes the most time for the same degree of accuracy of the numerical solution. The high resolution method provides an accurate numerical solution for a PDE system with a medium Peclet number. The wavelet collocation method is capable of catching up steep changes in the solution, and thus can be used for solving PDE models with high singularity. For the complex SMB system models under consideration, both the wavelet based approaches and high resolution methods are good candidates in terms of computation demand and prediction accuracy on the steep front. The high resolution methods have shown better stability in achieving steady state in the specific case studied in this Chapter.

Reinforcing bad behaviour : the misuse of security indicators on popular websites

Before making a security or privacy decision, Internet users should evaluate several security indicators in their browser, such as the use of HTTPS (indicated via the lock icon), the domain name of the site, and information from extended validation certificates. However, studies have shown that human subjects infrequently employ these indicators, relying on other indicators that can be spoofed and convey no cryptographic assurances. We identify four simple security indicators that accurately represent security properties of the connection and then examine 125 popular websites to determine if the sites' designs result in correctly displayed security indicators during login. In the vast majority of cases, at least some security indicators are absent or suboptimal. This suggests users are becoming habituated to ignoring recommended security indicators.

Critical analysis of high particle number emissions from accelerating compressed natural gas buses

Compressed natural gas (CNG) engines are thought to be less harmful to the environment than conventional diesel engines, especially in terms of particle emissions. Although, this is true with respect to particulate matter (PM) emissions, results of particle number (PN) emission comparisons have been inconclusive. In this study, results of on-road and dynamometer studies of buses were used to derive several important conclusions. We show that, although PN emissions from CNG buses are significantly lower than from diesel buses at low engine power, they become comparable at high power. For diesel buses, PN emissions are not significantly different between acceleration and operation at steady maximum power. However, the corresponding PN emissions from CNG buses when accelerating are an order of magnitude greater than when operating at steady maximum power. During acceleration under heavy load, PN emissions from CNG buses are an order of magnitude higher than from diesel buses. The particles emitted from CNG buses are too small to contribute to PM10 emissions or contribute to a reduction of visibility, and may consist of semivolatile nanoparticles.

Strengthening of circular hollow steel tubular sections using high modulus CFRP sheets

This paper describes the behaviour of very high strength (VHS) circular steel tubes strengthened by carbon fibre reinforced polymer (CFRP) and subjected to axial tension. A series of tests were conducted with different bond lengths and number of layers. The distribution of strain through the thickness of CFRP layers and along CFRP bond length was studied. The strain was found to generally decrease along the CFRP bond length far from the joint. The strain through the thickness of the CFRP layers was also found to decrease from bottom to top layer. The effective bond length for high modulus CFRP was established. Finally empirical models were developed to estimate the maximum load for a given CFRP arrangement.

Centrally supported online surveys for research at QUT

We describe the introduction, service growth, benefits and holistic support approach of a centrally supported universitywide online survey tool for researchers at QUT. The online survey service employs the Key Survey software, and has grown into a significant service for QUT researchers since being introduced in 2009. Key benefits of the approach include the ability of QUT to handle important issues relating to data such as security, privacy, integrity, archiving & disposal. The service also incorporates a workflow process that enhances the institution’s ability to ensure survey quality control through controlled approval and pilot testing before any survey is widely released. An important issue is that a tool like this can make it very easy to do very poor research very quickly while creating lots of data, due to the absence of a rigorous methodology designed to reduce errors and collect accurate, comprehensive, timely data. With this in mind, a holistic approach to service provision and support has been taken, which has included the introduction of an integrated system of seminars, tools and workshops to get researchers thinking about the quality of their research while becoming operational quickly. The system of seminars, workshops, checks and approvals we have put in place at QUT is designed to ensure better quality outcomes for QUT’s research and the individual researchers concerned.

Assessing the impact of refactoring on security-critical object-oriented designs

Refactoring focuses on improving the reusability, maintainability and performance of programs. However, the impact of refactoring on the security of a given program has received little attention. In this work, we focus on the design of object-oriented applications and use metrics to assess the impact of a number of standard refactoring rules on their security by evaluating the metrics before and after refactoring. This assessment tells us which refactoring steps can increase the security level of a given program from the point of view of potential information flow, allowing application designers to improve their system’s security at an early stage.

Accountability through high-stakes testing and curriculum change

The motivation for secondary school principals in Queensland, Australia, to investigate curriculum change coincided with the commencement in 2005 of the state government’s publication of school exit test results as a measure of accountability. Aligning the schools’ curriculum with the requirements of high-stakes testing is considered by many academics and teachers as negative outcome of accountability for reasons such as ‘teaching to the test’ and narrowing the curriculum. However, this article outlines empirical evidence that principals are instigating curriculum change to improve published high-stakes test results. Three principals in this study offered several reasons as to why they wished to implement changes to school curricula. One reason articulated by all three was the pressures of accountability, particularly through the publication of high-stakes test data which has now become commonplace in education systems of many Western Nations.

Use of lifts and refuge floors for fire evacuation in high rise apartment buildings

If current population and accommodation trends continue, Australian cities will, in the future, have noticeable numbers of apartment buildings over 60 storeys high. With an aging population it follows that a significant proportion of those occupying these buildings will be senior citizens, many of whom will have some form of disability. For these occupants a fire emergency in a high rise building presents a serious problem. Currently lifts cannot be used for evacuation and going down 60 storeys in a fire isolated staircase would be physically impossible for many. Therefore, for many, the temptation to remain in one’s unit will be very strong. With an awareness of this behaviour trend in older residents, many researchers have, in recent years, explored the possible wider use of lifts in a fire emergency. So far the use of lifts for evacuation has been approved for a small number of buildings but wide acceptance of this solution is still to be achieved. This paper concludes that even in high-rise apartment buildings where lifts are approved for evacuation, architects should design the building with alternative evacuation routes and provide suitable safe refuge areas for those who cannot use the stairs when the lifts are unavailable.

The role of bricolage and resource constraints in high potential sustainability ventures

Sustainability decisions and their impacts may be among the greatest challenges facing the world in the 21st century (Davos 2000). Apart from adaptation on the part of established organizations these challenges are arguably going to require solutions developed by new actors However, young ventures have only recently begun generating research interest within sustainability literature (Shepherd et al. 2009). In particular, little is known about resource behaviours of these ventures and how they adapt to substantial resource constraints. One promising theory that has been identified as a way that some entrepreneurs manage constraints is bricolage: a construct defined as “making do by applying combinations of the resources at hand to new problems and opportunities” (Baker and Nelson 2005: 333). Bricolage may be critical as the means of continued venture success as these ventures are frequently developed in severe resource constraint, owing to higher levels of technical sophistication (Rothaermel and Deeds 2006). Further, they are often developed by entrepreneurs committed to personal and social goals of resourcefulness, including values that focus on conservation rather than consumption of resources (Shepherd et al. 2009). In this paper, using seven novel cases of high potential sustainability firms from CAUSEE we consider how constraints impact resource behaviours and further illustrate and extend bricolage domains previously developed by Baker and Nelson (2005) with recommendations for theory and practice provided.

Smart Grid Test Bed Design and Implementation

Given there is currently a migration trend from traditional electrical supervisory control and data acquisition (SCADA) systems towards a smart grid based approach to critical infrastructure management. This project provides an evaluation of existing and proposed implementations for both traditional electrical SCADA and smart grid based architectures, and proposals a set of reference requirements which test bed implementations should implement. A high-level design for smart grid test beds is proposed and initial implementation performed, based on the proposed design, using open source and freely available software tools. The project examines the move towards smart grid based critical infrastructure management and illustrates the increased security requirements. The implemented test bed provides a basic framework for testing network requirements in a smart grid environment, as well as a platform for further research and development. Particularly to develop, implement and test network security related disturbances such as intrusion detection and network forensics. The project undertaken proposes and develops an architecture of the emulation of some smart grid functionality. The Common Open Research Emulator (CORE) platform was used to emulate the communication network of the smart grid. Specifically CORE was used to virtualise and emulate the TCP/IP networking stack. This is intended to be used for further evaluation and analysis, for example the analysis of application protocol messages, etc. As a proof of concept, software libraries were designed, developed and documented to enable and support the design and development of further smart grid emulated components, such as reclosers, switches, smart meters, etc. As part of the testing and evaluation a Modbus based smart meter emulator was developed to provide basic functionality of a smart meter. Further code was developed to send Modbus request messages to the emulated smart meter and receive Modbus responses from it. Although the functionality of the emulated components were limited, it does provide a starting point for further research and development. The design is extensible to enable the design and implementation of additional SCADA protocols. The project also defines an evaluation criteria for the evaluation of the implemented test bed, and experiments are designed to evaluate the test bed according to the defined criteria. The results of the experiments are collated and presented, and conclusions drawn from the results to facilitate discussion on the test bed implementation. The discussion undertaken also present possible future work.

Grade A Taipei junior high school principals’ self-reported leadership practices

The principal’s leadership and curriculum development are considered the core elements for creating a high performing junior high school. In Taiwan, mathematics curriculum reform has been an ongoing topic since 1994. The pedagogy, classroom interactions, and the underlying philosophy of mathematics education have varied with different versions of guidelines. These changes inevitably increase the requirement for principals’ leadership in order to effectively implement the curriculum reform. Principals’ leadership is essential to the success of the implementation in their school. This study aimed to explore and identify the leadership of junior high school principals whose schools had been judged by the Taipei City Government as Grade A junior high schools. Principals’ implementations of the reformed mathematics curriculum were used as examples to generate insights of their leadership. This study drew upon a multiple-case study approach. Data were collected from interviews, observations, and documentations. Bass and Avolio’s (1997) full range leadership theory provided a structure for gaining insight into these principals’ leadership practices. Five Grade A Taipei junior high school principals participated and shared their leadership concepts and experiences. Findings revealed that the leadership preferences of the five principles varied considerably. Management by exception-active, contingent reward, individualised consideration, and idealised influence were Grade A Taipei junior high school principals’ preferred leadership practices. In addition, principals’ leadership strategies associated with these practices were identified. These principals had adopted a range of leadership strategies according to the staff and school needs. Results of this study have implications for both Taiwanese principals and education departments. Principals can enhance their leadership by gaining more understanding about the Grade A principals’ leadership practices and strategies. Taiwanese education departments can improve school leadership training programs by focusing on these practices and strategies, which may also lead to more effective strategies for implementing national curriculum reform.