Integrated access control for smart buildings using building information models

This thesis investigates the use of building information models for access control and security applications in critical infrastructures and complex building environments. It examines current problems in security management for physical and logical access control and proposes novel solutions that exploit the detailed information available in building information models. The project was carried out as part of the Airports of the Future Project and the research was modelled based on real-world problems identified in collaboration with our industry partners in the project.

A policy model for access control using building information models

Building information models have created a paradigm shift in how buildings are built and managed by providing a dynamic repository for building data that is useful in many new operational scenarios. This change has also created an opportunity to use building information models as an integral part of security operations and especially as a tool to facilitate fine-grained access control to building spaces in smart buildings and critical infrastructure environments. In this paper, we identify the requirements for a security policy model for such an access control system and discuss why the existing policy models are not suitable for this application. We propose a new policy language extension to XACML, with BIM specific data types and functions based on the IFC specification, which we call BIM-XACML.

Graph theory based representation of building information models for access control applications

Building information models are increasingly being utilised for facility management of large facilities such as critical infrastructures. In such environments, it is valuable to utilise the vast amount of data contained within the building information models to improve access control administration. The use of building information models in access control scenarios can provide 3D visualisation of buildings as well as many other advantages such as automation of essential tasks including path finding, consistency detection, and accessibility verification. However, there is no mathematical model for building information models that can be used to describe and compute these functions. In this paper, we show how graph theory can be utilised as a representation language of building information models and the proposed security related functions. This graph-theoretic representation allows for mathematically representing building information models and performing computations using these functions.

A taint marking approach to confidentiality violation detection

This article presents a novel approach to confidentiality violation detection based on taint marking. Information flows are dynamically tracked between applications and objects of the operating system such as files, processes and sockets. A confidentiality policy is defined by labelling sensitive information and defining which information may leave the local system through network exchanges. Furthermore, per application profiles can be defined to restrict the sets of information each application may access and/or send through the network. In previous works, we focused on the use of mandatory access control mechanisms for information flow tracking. In this current work, we have extended the previous information flow model to track network exchanges, and we are able to define a policy attached to network sockets. We show an example application of this extension in the context of a compromised web browser: our implementation detects a confidentiality violation when the browser attempts to leak private information to a remote host over the network.

Improving access to quality clinical nurse teaching : a partnership between Australia and Vietnam

Until recently, standards to guide nursing education and practice in Vietnam were nonexistent. This paper describes the development and implementation of a clinical teaching capacity building project piloted in Hanoi, Vietnam. The project was part of a multi-component capacity building program designed to improve nurse education in Vietnam. Objectives of the project were to develop a collaborative clinically-based teaching model that encourages evidence-based, student-centred clinical learning. The model incorporated strategies to promote development of nursing practice to meet national competency standards. Thirty nurse teachers from two organisations in Hanoi participated in the program. These participants attended three workshops, and completed applied assessments, where participants implemented concepts from each workshop. The assessment tasks were planning, implementing and evaluating clinical teaching. On completion of the workshops, twenty participants undertook a study tour in Australia to refine the teaching model and develop an action plan for model implementation in both organisations, with an aim to disseminate the model across Vietnam. Significant changes accredited to this project have been noted on an individual and organisational level. Dissemination of this clinical teaching model has commenced in Ho Chi Minh, with further plans for more in-depth dissemination to occur throughout the country.

Resolving the conflicts of sustainable world heritage landscapes in cities : fully open or limited access for visitors?

World Heritage Landscapes (WHLs) are receiving increased attention from researchers, urban planners, managers, and policy makers and many heritage values and resources are becoming irreversibly lost. This phenomenon is especially prominent for WHLs located in cities, where greater development opportunities are involved. Decision making for sustainable urban landscape planning, conservation and management of WHLs often takes place from an economic perspective, especially in developing countries. This, together with the uncertain source of funding to cover WHL operating and maintenance costs, has resulted in many urban managers seeking private sector funding either in the form of visitor access fees or leasing part of the site for high-rental facilities such as five star hotels, clubs and expensive restaurants. For the former, this can result in low-income urban citizens being unable to afford the access fees and hence contradicting the principle of equal access for all; while, for the latter, the principle of open access for all is equally violated. To resolve this conflict, a game model is developed to determine how urban managers should allocate WHL spaces to maximize the combination of economic, social and ecological benefits and cultural values. A case study is provided of the Hangzhou's West Lake Scenic Area, a WHL located at the centre of Hangzhou city, in which several high-rental facilities have recently been closed down by the local authorities due to charges of elitism and misuse of public funds by government officials. The result shows that the best solution is to lease a small space with high rents and leave the remainder of the site to the public. This solution is likely to be applicable only in cities with a strong economy.

A deadline-constrained 802.11 MAC Protocol with QoS differentiation for soft real-time control

As one of the most widely used wireless network technologies, IEEE 802.11 wireless local area networks (WLANs) have found a dramatically increasing number of applications in soft real-time networked control systems (NCSs). To fulfill the real-time requirements in such NCSs, most of the bandwidth of the wireless networks need to be allocated to high-priority data for periodic measurements and control with deadline requirements. However, existing QoS-enabled 802.11 medium access control (MAC) protocols do not consider the deadline requirements explicitly, leading to unpredictable deadline performance of NCS networks. Consequentially, the soft real-time requirements of the periodic traffic may not be satisfied, particularly under congested network conditions. This paper makes two main contributions to address this problem in wireless NCSs. Firstly, a deadline-constrained MAC protocol with QoS differentiation is presented for IEEE 802.11 soft real-time NCSs. It handles periodic traffic by developing two specific mechanisms: a contention-sensitive backoff mechanism, and an intra-traffic-class QoS differentiation mechanism. Secondly, a theoretical model is established to describe the deadline-constrained MAC protocol and evaluate its performance of throughput, delay and packet-loss ratio in wireless NCSs. Numerical studies are conducted to validate the accuracy of the theoretical model and to demonstrate the effectiveness of the new MAC protocol.

SELinux policy management framework for HIS

Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.

A study of vibration and vibration control of ship structures

This paper examines the vibration characteristics and vibration control of complex ship structures. It is shown that input mobilities of a ship structure at engine supports, due to out-of-plane force or bending moment excitations, are governed by the flexural stiffness of the engine supports. The frequency averaged input mobilities of the ship structure, due to such excitations, can be represented by those of the corresponding infinite beam. The torsional moment input mobility at the engine support can be estimated from the torsional response of the engine bed section under direct excitation. It is found that the inclusion of ship hull and deck plates in the ship structure model has little effect on the frequency-averaged response of the ship structure. This study also shows that vibration propagation in complex ship structures at low frequencies can be attenuated by imposing irregularities to the ring frame locations in ships. Vibration responses of ship structures due to machinery excitations at higher frequencies can be controlled by structural modifications of the local supporting structures such as engine beds in ships.

Liking vs. wanting food : importance for human appetite control and weight regulation

Current train of thought in appetite research is favouring an interest in non-homeostatic or hedonic (reward) mechanisms in relation to overconsumption and energy balance. This tendency is supported by advances in neurobiology that precede the emergence of a new conceptual approach to reward where affect and motivation (liking and wanting) can be seen as the major force in guiding human eating behaviour. In this review, current progress in applying processes of liking and wanting to the study of human appetite are examined by discussing the following issues: How can these concepts be operationalised for use in human research to reflect the neural mechanisms by which they may be influenced? Do liking and wanting operate independently to produce functionally significant changes in behaviour? Can liking and wanting be truly experimentally separated or will an expression of one inevitably contain elements of the other? The review contains a re-examination of selected human appetite research before exploring more recent methodological approaches to the study of liking and wanting in appetite control. In addition, some theoretical developments are described in four diverse models that may enhance current understanding of the role of these processes in guiding ingestive behaviour. Finally, the implications of a dual process modulation of food reward for weight gain and obesity are discussed. The review concludes that processes of liking and wanting are likely to have independent roles in characterising susceptibility to weight gain. Further research into the dissociation of liking and wanting through implicit and explicit levels of processing would help to disclose the relative importance of these components of reward for appetite control and weight regulation.

Towards a game theoretic authorisation model

Authorised users (insiders) are behind the majority of security incidents with high financial impacts. Because authorisation is the process of controlling users’ access to resources, improving authorisation techniques may mitigate the insider threat. Current approaches to authorisation suffer from the assumption that users will (can) not depart from the expected behaviour implicit in the authorisation policy. In reality however, users can and do depart from the canonical behaviour. This paper argues that the conflict of interest between insiders and authorisation mechanisms is analogous to the subset of problems formally studied in the field of game theory. It proposes a game theoretic authorisation model that can ensure users’ potential misuse of a resource is explicitly considered while making an authorisation decision. The resulting authorisation model is dynamic in the sense that its access decisions vary according to the changes in explicit factors that influence the cost of misuse for both the authorisation mechanism and the insider.

A secure framework and related protocols for ubiquitous access to electronic health records using Java sim cards

Ubiquitous access to patient medical records is an important aspect of caring for patient safety. Unavailability of sufficient medical information at the point-ofcare could possibly lead to a fatality. The U.S. Institute of Medicine has reported that between 44,000 and 98,000 people die each year due to medical errors, such as incorrect medication dosages, due to poor legibility in manual records, or delays in consolidating needed information to discern the proper intervention. In this research we propose employing emergent technologies such as Java SIM Cards (JSC), Smart Phones (SP), Next Generation Networks (NGN), Near Field Communications (NFC), Public Key Infrastructure (PKI), and Biometric Identification to develop a secure framework and related protocols for ubiquitous access to Electronic Health Records (EHR). A partial EHR contained within a JSC can be used at the point-of-care in order to help quick diagnosis of a patient’s problems. The full EHR can be accessed from an Electronic Health Records Centre (EHRC) when time and network availability permit. Moreover, this framework and related protocols enable patients to give their explicit consent to a doctor to access their personal medical data, by using their Smart Phone, when the doctor needs to see or update the patient’s medical information during an examination. Also our proposed solution would give the power to patients to modify the Access Control List (ACL) related to their EHRs and view their EHRs through their Smart Phone. Currently, very limited research has been done on using JSCs and similar technologies as a portable repository of EHRs or on the specific security issues that are likely to arise when JSCs are used with ubiquitous access to EHRs. Previous research is concerned with using Medicare cards, a kind of Smart Card, as a repository of medical information at the patient point-of-care. However, this imposes some limitations on the patient’s emergency medical care, including the inability to detect the patient’s location, to call and send information to an emergency room automatically, and to interact with the patient in order to get consent. The aim of our framework and related protocols is to overcome these limitations by taking advantage of the SIM card and the technologies mentioned above. Briefly, our framework and related protocols will offer the full benefits of accessing an up-to-date, precise, and comprehensive medical history of a patient, whilst its mobility will provide ubiquitous access to medical and patient information everywhere it is needed. The objective of our framework and related protocols is to automate interactions between patients, healthcare providers and insurance organisations, increase patient safety, improve quality of care, and reduce the costs.

Increased Langerhan cell density and corneal nerve damage in diabetic patients : role of immune mechanisms in human diabetic neuropathy

Aim/hypothesis Immune mechanisms have been proposed to play a role in the development of diabetic neuropathy. We employed in vivo corneal confocal microscopy (CCM) to quantify the presence and density of Langerhans cells (LCs) in relation to the extent of corneal nerve damage in Bowman's layer of the cornea in diabetic patients. Methods 128 diabetic patients aged 58±1 yrs with a differing severity of neuropathy based on Neuropathy Deficit Score (NDS—4.7±0.28) and 26 control subjects aged 53±3 yrs were examined. Subjects underwent a full neurological evaluation, evaluation of corneal sensation with non-contact corneal aesthesiometry (NCCA) and corneal nerve morphology using corneal confocal microscopy (CCM). Results The proportion of individuals with LCs was significantly increased in diabetic patients (73.8%) compared to control subjects (46.1%), P=0.001. Furthermore, LC density (no/mm2) was significantly increased in diabetic patients (17.73±1.45) compared to control subjects (6.94±1.58), P=0.001 and there was a significant correlation with age (r=0.162, P=0.047) and severity of neuropathy (r=−0.202, P=0.02). There was a progressive decrease in corneal sensation with increasing severity of neuropathy assessed using NDS in the diabetic patients (r=0.414, P=0.000). Corneal nerve fibre density (P<0.001), branch density (P<0.001) and length (P<0.001) were significantly decreased whilst tortuosity (P<0.01) was increased in diabetic patients with increasing severity of diabetic neuropathy. Conclusion Utilising in vivo corneal confocal microscopy we have demonstrated increased LCs in diabetic patients particularly in the earlier phases of corneal nerve damage suggestive of an immune mediated contribution to corneal nerve damage in diabetes.

Numerical exploration of plastic deformation mechanisms of copper nanowires with surface defects

Based on the molecular dynamics simulation, plastic deformation mechanisms associated with the zigzag stress curves in perfect and surface defected copper nanowires under uniaxial tension are studied. In our previous study, it has found that the surface defect exerts larger influence than the centro-plane defect, and the 45o surface defect appears as the most influential surface defect. Hence, in this paper, the nanowire with a 45o surface defect is chosen to investigate the defect’s effect to the plastic deformation mechanism of nanowires. We find that during the plastic deformation of both perfect and defected nanowires, decrease regions of the stress curve are accompanied with stacking faults generation and migration activities, but during stress increase, the structure of the nanowire appears almost unchanged. We also observe that surface defects have obvious influence on the nanowire’s plastic deformation mechanisms. In particular, only two sets of slip planes are found to be active and twins are also observed in the defected nanowire.