Performance analysis of secure unified communications in the VMware-based cloud

Unified communications as a service (UCaaS) can be regarded as a cost-effective model for on-demand delivery of unified communications services in the cloud. However, addressing security concerns has been seen as the biggest challenge to the adoption of IT services in the cloud. This study set up a cloud system via VMware suite to emulate hosting unified communications (UC), the integration of two or more real time communication systems, services in the cloud in a laboratory environment. An Internet Protocol Security (IPSec) gateway was also set up to support network-level security for UCaaS against possible security exposures. This study was aimed at analysis of an implementation of UCaaS over IPSec and evaluation of the latency of encrypted UC traffic while protecting that traffic. Our test results show no latency while IPSec is implemented with a G.711 audio codec. However, the performance of the G.722 audio codec with an IPSec implementation affects the overall performance of the UC server. These results give technical advice and guidance to those involved in security controls in UC security on premises as well as in the cloud.

Authorisation management in business process environments: An authorisation model and a policy model

This thesis provides two main contributions. The first one is BP-TRBAC, a unified authorisation model that can support legacy systems as well as business process systems. BP-TRBAC supports specific features that are required by business process environments. BP-TRBAC is designed to be used as an independent enterprise-wide authorisation model, rather than having it as part of the workflow system. It is designed to be the main authorisation model for an organisation. The second contribution is BP-XACML, an authorisation policy language that is designed to represent BPM authorisation policies for business processes. The contribution also includes a policy model for BP-XACML. Using BP-TRBAC as an authorisation model together with BP-XACML as an authorisation policy language will allow an organisation to manage and control authorisation requests from workflow systems and other legacy systems.

Security issues for future intelligent transport systems

Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.

A robust approach to design a single facility layout plan in dynamic manufacturing environments using a permutation-based genetic algorithm

During the past few decades, developing efficient methods to solve dynamic facility layout problems has been focused on significantly by practitioners and researchers. More specifically meta-heuristic algorithms, especially genetic algorithm, have been proven to be increasingly helpful to generate sub-optimal solutions for large-scale dynamic facility layout problems. Nevertheless, the uncertainty of the manufacturing factors in addition to the scale of the layout problem calls for a mixed genetic algorithm–robust approach that could provide a single unlimited layout design. The present research aims to devise a customized permutation-based robust genetic algorithm in dynamic manufacturing environments that is expected to be generating a unique robust layout for all the manufacturing periods. The numerical outcomes of the proposed robust genetic algorithm indicate significant cost improvements compared to the conventional genetic algorithm methods and a selective number of other heuristic and meta-heuristic techniques.

On the leakage resilience of secure channel establishment

Secure communication channels are typically constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties and establishes shared secret keys, and a secure data transmission layer, which uses the secret keys to encrypt data. We address the partial leakage of communicating parties' long-term secret keys due to various side-channel attacks, and the partial leakage of plaintext due to data compression. Both issues can negatively affect the security of channel establishment and data transmission. In this work, we advance the modelling of security for AKE protocols by considering more granular partial leakage of parties' long-term secrets. We present generic and concrete constructions of two-pass leakage-resilient key exchange protocols that are secure in the proposed security models. We also examine two techniques--heuristic separation of secrets and fixed-dictionary compression--for enabling compression while protecting high-value secrets.

Guerrilla Research Tactics: Alternative Research Methods in Urban Environments

This case-study examines innovative experimentation with mobile and cloud-based technologies, utilising “Guerrilla Research Tactics” (GRT), as a means of covertly retrieving data from the urban fabric. Originally triggered by participatory action research (Kindon et al., 2008) and unobtrusive research methods (Kellehear, 1993), the potential for GRT lies in its innate ability to offer researchers an alternative, creative approach to data acquisition, whilst simultaneously allowing them to engage with the public, who are active co-creators of knowledge. Key characteristics are political agenda, the unexpected and the unconventional, which allow for an interactive, unique and thought-provoking experience for both researcher and participant.

An analysis of TLS handshake proxying

Content delivery networks (CDNs) are an essential component of modern website infrastructures: edge servers located closer to users cache content, increasing robustness and capacity while decreasing latency. However, this situation becomes complicated for HTTPS content that is to be delivered using the Transport Layer Security (TLS) protocol: the edge server must be able to carry out TLS handshakes for the cached domain. Most commercial CDNs require that the domain owner give their certificate's private key to the CDN's edge server or abandon caching of HTTPS content entirely. We examine the security and performance of a recently commercialized delegation technique in which the domain owner retains possession of their private key and splits the TLS state machine geographically with the edge server using a private key proxy service. This allows the domain owner to limit the amount of trust given to the edge server while maintaining the benefits of CDN caching. On the performance front, we find that latency is slightly worse compared to the insecure approach, but still significantly better than the domain owner serving the content directly. On the security front, we enumerate the security goals for TLS handshake proxying and identify a subtle difference between the security of RSA key transport and signed-Diffie--Hellman in TLS handshake proxying; we also discuss timing side channel resistance of the key server and the effect of TLS session resumption.

A cryptographic analysis of the TLS 1.3 handshake protocol candidates

The Internet Engineering Task Force (IETF) is currently developing the next version of the Transport Layer Security (TLS) protocol, version 1.3. The transparency of this standardization process allows comprehensive cryptographic analysis of the protocols prior to adoption, whereas previous TLS versions have been scrutinized in the cryptographic literature only after standardization. This is even more important as there are two related, yet slightly different, candidates in discussion for TLS 1.3, called draft-ietf-tls-tls13-05 and draft-ietf-tls-tls13-dh-based. We give a cryptographic analysis of the primary ephemeral Diffie–Hellman-based handshake protocol, which authenticates parties and establishes encryption keys, of both TLS 1.3 candidates. We show that both candidate handshakes achieve the main goal of providing secure authenticated key exchange according to an augmented multi-stage version of the Bellare–Rogaway model. Such a multi-stage approach is convenient for analyzing the design of the candidates, as they establish multiple session keys during the exchange. An important step in our analysis is to consider compositional security guarantees. We show that, since our multi-stage key exchange security notion is composable with arbitrary symmetric-key protocols, the use of session keys in the record layer protocol is safe. Moreover, since we can view the abbreviated TLS resumption procedure also as a symmetric-key protocol, our compositional analysis allows us to directly conclude security of the combined handshake with session resumption. We include a discussion on several design characteristics of the TLS 1.3 drafts based on the observations in our analysis.

Social and physical environments in senior communities: The Finnish experience

Purpose – The purpose of this paper is to discuss residents’ views of social and physical environments in a co-housing and in a senior housing setting in Finland. Also, the study aims to point out important connections between well-being and built environment. Design/methodology/approach – The data include interviews and survey responses gathered in the cases. The results and analysis are presented at different case study levels, with the discussion and conclusions following this. Findings – The findings show that the physical environment and common areas have an important role to activate residents. When well-designed common areas exist, a higher level of engagement can be achieved by getting residents involved in the planning and running of activities. Research limitations/implications – This paper discusses residents’ experiences in two Finnish housing settings and it focuses on the housing market in Finland. Practical implications – The findings encourage investors and housing operators to design and invest common areas which could activate residents and create social contacts. Also, investors have to pay attention to the way these developments are managed. Originality/value – This study is the first to investigate the Finnish co-housing setting and compare social and physical environments in a co-housing and a senior house.

Intergenerational Perceptions and Conflicts in Multi-Age and Multigenerational Work Environments

One underappreciated consequence of the aging population phenomenon is that we are now experiencing what is arguably the most age-diverse workforce in modern history (Hanks & Icenogle, 2001; Newton, 2006; Toossi, 2004). As our workforce continues to age, shifts in the age demographic composition (i.e., the age diversity) of organizations and their subunits will become more apparent (Roth, Wegge, & Schmidt, 2007). Several factors have influenced and will continue to drive this trend. For example, in Western countries, younger people entering the workforce are more educated than ever before (Hussar & Bailey, 2013; Ryan & Siebens, 2012; Stoops, 2003) and could feasibly rise to positions of power in organizations more quickly than others have in the past (e.g., promotion rates vary as a function of age) (Rosenbaum, 1979; see also Clemens, 2012 conceptualization of the "fast track effect"). Furthermore, older workers are increasingly delaying retirement beyond the normative retirement age (Baltes & Rudolph, 2012; Burtless, 2012; Flynn, 2010), and already retired individuals are seeking re-employment in bridge employment roles in higher numbers than before (e.g., Adams & Rau, 2004; Kim & Feldman, 2000; Weckerle & Shultz, 1999).

Establishing turf grass increases soil greenhouse gas emissions in peri-urban environments

Urbanization is becoming increasingly important in terms of climate change and ecosystem functionality worldwide. We are only beginning to understand how the processes of urbanization influence ecosystem dynamics and how peri-urban environments contribute to climate change. Brisbane in South East Queensland (SEQ) currently has the most extensive urban sprawl of all Australian cities. This leads to substantial land use changes in urban and peri-urban environments and the subsequent gaseous emissions from soils are to date neglected for IPCC climate change estimations. This research examines how land use change effects methane (CH4) and nitrous oxide (N2O) fluxes from peri-urban soils and consequently influences the Global Warming Potential (GWP) of rural ecosystems in agricultural use undergoing urbanization. Therefore, manual and fully automated static chamber measurements determined soil gas fluxes over a full year and an intensive sampling campaign of 80 days after land use change. Turf grass, as the major peri-urban land cover, increased the GWP by 415 kg CO2-e ha 1 over the first 80 days after conversion from a well-established pasture. This results principally from increased daily average N2O emissions of 0.5 g N2O ha-1 d-1 from the pasture to 18.3 g N2O ha-1 d-1 from the turf grass due to fertilizer application during conversion. Compared to the native dry sclerophyll eucalypt forest, turf grass establishment increases the GWP by another 30 kg CO2-e ha 1. The results presented in this study clearly indicate the substantial impact of urbanization on soil-atmosphere gas exchange in form of non-CO2 greenhouse gas emissions particularly after turf grass establishment.

What do prisoners eat? Nutrient intakes and food practices in a high secure prison

There are limited studies on the adequacy of prisoner diet and food practices, yet understanding these are important to inform food provision and assure duty of care for this group. The aim of this research was to assess the dietary intakes of prisoners to inform food and nutrition policy in this setting. This research used a cross-sectional design with convenience sampling in a 945 bed male high secure prison. Multiple methods were used to assess food available at the group level, including verification of food portion, quality, and practices. A pictorial tool supported the diet history method. Of 276 eligible prisoners, 120 dietary interviews were conducted and verified against prison records, with 106 deemed plausible. The results showed the planned food to be nutritionally adequate, with the exception of vitamin D for older males and long chain fatty acids, with sodium above Upper Limits. The Australian Dietary Targets for chronic disease risk were not achieved. High energy intakes were reported with median 13.8MJ (SE 0.3MJ). Probability estimates of inadequate intake varied with age groups: magnesium 8% (>30 years), 2.9% (<30 years); calcium 6.0% (>70 years), 1.5% (<70 years); folate 3.5%; zinc and iodine 2.7%; and vitamin A 2.3%. Nutrient intakes were greatly impacted by self-funded snacks. Results suggest nutrient intakes nutritionally favourable when compared to males in the community. This study highlights the complexity of food provision in the prison environment, and also poses questions for population level dietary guidance in delivering appropriate nutrients within energy limits.

Salutogenic design: The neurological basis of health-promoting environments

All architecture embodies narratives that may either support or work against a state of good health. Neurological theory can be used to explain why salutogenic environments work, and how they can improve health outcomes.

Creating healthy food environments in NSW: A knowledge and evidence synthesis to inform advocacy and action: Food composition

Reviews and synthesizes evidence to produce evidence-based recommendations on policy actions to improve food composition for NSW Health