Using coloured petri nets to simulate DoS-resistant protocols

In this work, we examine unbalanced computation between an initiator and a responder that leads to resource exhaustion attacks in key exchange protocols. We construct models for two cryp-tographic protocols; one is the well-known Internet protocol named Secure Socket Layer (SSL) protocol, and the other one is the Host Identity Protocol (HIP) which has built-in DoS-resistant mechanisms. To examine such protocols, we develop a formal framework based on Timed Coloured Petri Nets (Timed CPNs) and use a simulation approach provided in CPN Tools to achieve a formal analysis. By adopting the key idea of Meadows' cost-based framework and re¯ning the de¯nition of operational costs during the protocol execution, our simulation provides an accurate cost estimate of protocol execution compar- ing among principals, as well as the percentage of successful connections from legitimate users, under four di®erent strategies of DoS attack.

Using performance measurement models for benefit realization with enterprise systems: The Queensland Government approach (Case Study)

A range of influences, technical and organizational, has encouraged the wide spread adaption of Enterprise Systems (ES). Nevertheless, there is a growing consensus that Enterprise Systems have in the many cases failed to provide the expected benefits to organizations. This paper presents ongoing research, which analyzes the benefits realization approach of the Queensland Government. This approach applies a modified Balance Scorecard. First, history and background of Queensland Government’s Enterprise Systems initiative is introduced. Second, the most common reasons for ES under performance are related. Third, relevant performance measurement models and the Balanced Scorecard in particular are discussed. Finally, the Queensland Government initiative is evaluated in light of this overview of current work in the area. In the current and future work, the authors aim to use their active involvement in Queensland Government’s benefits realization initiative for an Action Research based project investigating the appropriateness of the Balanced Scorecard for the purposes of Enterprise Systems benefits realization.

Extending conceptual models for Web based applications

The next phase envisioned for the World Wide Web is automated ad-hoc interaction between intelligent agents, web services, databases and semantic web enabled applications. Although at present this appears to be a distant objective, there are practical steps that can be taken to advance the vision. We propose an extension to classical conceptual models to allow the definition of application components in terms of public standards and explicit semantics, thus building into web-based applications, the foundation for shared understanding and interoperability. The use of external definitions and the need to store outsourced type information internally, brings to light the issue of object identity in a global environment, where object instances may be identified by multiple externally controlled identification schemes. We illustrate how traditional conceptual models may be augmented to recognise and deal with multiple identities.