Compliant cryptologic protocols

Literally, the word compliance suggests conformity in fulfilling official requirements. The thesis presents the results of the analysis and design of a class of protocols called compliant cryptologic protocols (CCP). The thesis presents a notion for compliance in cryptosystems that is conducive as a cryptologic goal. CCP are employed in security systems used by at least two mutually mistrusting sets of entities. The individuals in the sets of entities only trust the design of the security system and any trusted third party the security system may include. Such a security system can be thought of as a broker between the mistrusting sets of entities. In order to provide confidence in operation for the mistrusting sets of entities, CCP must provide compliance verification mechanisms. These mechanisms are employed either by all the entities or a set of authorised entities in the system to verify the compliance of the behaviour of various participating entities with the rules of the system. It is often stated that confidentiality, integrity and authentication are the primary interests of cryptology. It is evident from the literature that authentication mechanisms employ confidentiality and integrity services to achieve their goal. Therefore, the fundamental services that any cryptographic algorithm may provide are confidentiality and integrity only. Since controlling the behaviour of the entities is not a feasible cryptologic goal,the verification of the confidentiality of any data is a futile cryptologic exercise. For example, there exists no cryptologic mechanism that would prevent an entity from willingly or unwillingly exposing its private key corresponding to a certified public key. The confidentiality of the data can only be assumed. Therefore, any verification in cryptologic protocols must take the form of integrity verification mechanisms. Thus, compliance verification must take the form of integrity verification in cryptologic protocols. A definition of compliance that is conducive as a cryptologic goal is presented as a guarantee on the confidentiality and integrity services. The definitions are employed to provide a classification mechanism for various message formats in a cryptologic protocol. The classification assists in the characterisation of protocols, which assists in providing a focus for the goals of the research. The resulting concrete goal of the research is the study of those protocols that employ message formats to provide restricted confidentiality and universal integrity services to selected data. The thesis proposes an informal technique to understand, analyse and synthesise the integrity goals of a protocol system. The thesis contains a study of key recovery,electronic cash, peer-review, electronic auction, and electronic voting protocols. All these protocols contain message format that provide restricted confidentiality and universal integrity services to selected data. The study of key recovery systems aims to achieve robust key recovery relying only on the certification procedure and without the need for tamper-resistant system modules. The result of this study is a new technique for the design of key recovery systems called hybrid key escrow. The thesis identifies a class of compliant cryptologic protocols called secure selection protocols (SSP). The uniqueness of this class of protocols is the similarity in the goals of the member protocols, namely peer-review, electronic auction and electronic voting. The problem statement describing the goals of these protocols contain a tuple,(I, D), where I usually refers to an identity of a participant and D usually refers to the data selected by the participant. SSP are interested in providing confidentiality service to the tuple for hiding the relationship between I and D, and integrity service to the tuple after its formation to prevent the modification of the tuple. The thesis provides a schema to solve the instances of SSP by employing the electronic cash technology. The thesis makes a distinction between electronic cash technology and electronic payment technology. It will treat electronic cash technology to be a certification mechanism that allows the participants to obtain a certificate on their public key, without revealing the certificate or the public key to the certifier. The thesis abstracts the certificate and the public key as the data structure called anonymous token. It proposes design schemes for the peer-review, e-auction and e-voting protocols by employing the schema with the anonymous token abstraction. The thesis concludes by providing a variety of problem statements for future research that would further enrich the literature.

Tamper evidence for heavy vehicle on board mass systems

On-board mass (OBM) monitoring devices on heavy vehicles (HVs) have been tested in a national programme jointly by Transport Certification Australia Limited and the National Transport Commission. The tests were for, amongst other parameters, accuracy and tamper-evidence. The latter by deliberately tampering with the signals from OBM primary transducers during the tests. The OBM feasibility team is analysing dynamic data recorded at the primary transducers of OBM systems to determine if it can be used to detect tamper events. Tamper-evidence of current OBM systems needs to be determined if jurisdictions are to have confidence in specifying OBM for HVs as part of regulatory schemes. An algorithm has been developed to detect tamper events. The results of its application are detailed here.

On-board mass monitoring of heavy vehicles : results of testing program

The Transport Certification Australia on-board mass feasibility project is testing various on-board mass devices in a range of heavy vehicles (HVs). Extensive field tests of on-board mass measurement systems for HVs have been conducted during 2008. These tests were of accuracy, robustness and tamper-evidence of heavy vehicle on-board mass telematics. All the systems tested showed accuracies within approximately +/- 500 kg of gross combination mass or approximately +/- 2% of the attendant weighbridge reading. Analysis of the dynamic data also showed encouraging results and has raised the possibility of use of such dynamic information in tamper evidence in two areas. This analysis was to determine if the use of averaged dynamic data could identify potential tampering or incorrect operating procedures as well as the possibility of dynamic measurements flagging a tamper event by the use of metrics including a tampering index (TIX). Technical and business options to detect tamper events will now be developed during implementation of regulatory OBM system application to Australian heavy vehicles (HVs).

A regulatory on-board mass monitoring application for heavy vehicles in Australia

This paper reports on the development of specifications for an on-board mass monitoring (OBM) application for regulatory requirements in Australia. An earlier paper reported on feasibility study and pilot testing program prior to the specification development [1]. Learnings from the pilot were used to refine this testing process and a full scale testing program was conducted from July to October 2008. The results from the full scale test and evidentiary implications are presented in this report. The draft specification for an evidentiary on-board mass monitoring application is currently under development.

Structure of selected basic zinc/copper (II) phosphate minerals based upon near-infrared spectroscopy : implications for hydrogen bonding

The NIR spectra of reichenbachite, scholzite and parascholzite have been studied at 298 K. The spectra of the minerals are different, in line with composition and crystal structural variations. Cation substitution effects are significant in their electronic spectra and three distinctly different electronic transition bands are observed in the near-infrared spectra at high wavenumbers in the 12000-7600 cm-1 spectral region. Reichenbachite electronic spectrum is characterised by Cu(II) transition bands at 9755 and 7520 cm-1. A broad spectral feature observed for ferrous ion in the 12000-9000 cm-1 region both in scholzite and parascholzite. Some what similarities in the vibrational spectra of the three phosphate minerals are observed particularly in the OH stretching region. The observation of strong band at 5090 cm-1 indicates strong hydrogen bonding in the structure of the dimorphs, scholzite and parascholzite. The three phosphates exhibit overlapping bands in the 4800-4000 cm-1 region resulting from the combinations of vibrational modes of (PO4)3- units.

Reading nineteenth century schoolbooks online : user behavior in a digitized special collection

Special collections, because of the issues associated with conservation and use, a feature they share with archives, tend to be the most digitized areas in libraries. The Nineteenth Century Schoolbooks collection is a collection of 9000 rarely held nineteenth-century schoolbooks that were painstakingly collected over a lifetime of work by Prof. John A. Nietz, and donated to the Hillman Library at the University of Pittsburgh in 1958, which has since grown to 15,000. About 140 of these texts are completely digitized and showcased in a publicly accessible website through the University of Pittsburgh’s Library, along with a searchable bibliography of the entire collection, which expanded the awareness of this collection and its user base to beyond the academic community. The URL for the website is http://digital.library.pitt.edu/nietz/. The collection is a rich resource for researchers studying the intellectual, educational, and textbook publishing history of the United States. In this study, we examined several existing records collected by the Digital Research Library at the University of Pittsburgh in order to determine the identity and searching behaviors of the users of this collection. Some of the records examined include: 1) The results of a 3-month long user survey, 2) User access statistics including search queries for a period of one year, a year after the digitized collection became publicly available in 2001, and 3) E-mail input received by the website over 4 years from 2000-2004. The results of the study demonstrate the differences in online retrieval strategies used by academic researchers and historians, archivists, avocationists, and the general public, and the importance of facilitating the discovery of digitized special collections through the use of electronic finding aids and an interactive interface with detailed metadata.

X.509v3 Certificates for Secure Shell authentication

X.509 public key certificates use a signature by a trusted certification authority to bind a given public key to a given digital identity. This document specifies how to use X.509 version 3 public key certificates in public key algorithms in the Secure Shell protocol.

The international regulation of sustainable forest management : doctrinal concepts, governing institutions and implementation

The overarching objective of the research was to identify the existence and nature of international legal principles governing sustainable forest use and management. This research intended to uncover a set of forest legal considerations that are relevant for consideration across the globe. The purpose behind this, is to create a theoretical base of international forest law literature which be drawn upon to inform future international forestry research. This research will be of relevance to those undertaking examination of a particular forest issue or those focusing on forests in a particular region. The thesis explains the underlying legal issues in forest regulation, the dominant international regulatory approaches and makes suggestions as to how international and national forest policy could be improved.

Near infrared spectroscopy of the smithsonite minerals

The importance of NIR spectroscopy has been successfully demonstrated in the present study of smithsonite minerals. The fundamental observations in the NIR spectra, in addition to the anions of OH- and CO32- are Fe and Cu in terms of cation content. These ions exhibit broad absorption bands ranging from 13000 to 7000cm-1 (0.77 to 1.43 µm). One broad diagnostic absorption feature centred at 9000 cm-1 (1.11 µm) is the result of ferrous ion spin allowed transition, (5T2g ® 5Eg). The splitting of this band (>1200 cm-1) is a common feature in all the spectra of the studied samples. The light green coloured sample from Namibia show two Cu(II) bands in NIR at 8050 and 10310 cm-1 (1.24 and 0.97 µm) are assigned to 2B1g ® 2A1g and 2B1g ® 2B2g transitions. The effects of structural cations substitution (Ca2+, Fe2+, Cu2+, Cd2+ and Zn2+) on band shifts in the electronic spectra1 region of 11000-7500 cm-1 (0.91-1.33 µm) and vibrational modes of OH- and CO32- anions in 7300 to 4000 cm-1 (1.37-2.50 µm) region were used to distinguish between the smithsonites.

UAS Classification: Key to effective airworthiness and operational regulations

This presentation discusses some of the general issues relating to the classification of UAS for the purposes of defining and promulgating safety regulations. One possible approach for the definition of a classification scheme for UAS Type Certification Categories reviewed.

Super-orbital re-entry in Australia : laboratory measurement, simulation and flight observation

There are large uncertainties in the aerothermodynamic modelling of super-orbital re-entry which impact the design of spacecraft thermal protection systems (TPS). Aspects of the thermal environment of super-orbital re-entry flows can be simulated in the laboratory using arc- and plasma jet facilities and these devices are regularly used for TPS certification work [5]. Another laboratory device which is capable of simulating certain critical features of both the aero and thermal environment of super-orbital re-entry is the expansion tube, and three such facilities have been operating at the University of Queensland in recent years[10]. Despite some success, wind tunnel tests do not achieve full simulation, however, a virtually complete physical simulation of particular re-entry conditions can be obtained from dedicated flight testing, and the Apollo era FIRE II flight experiment [2] is the premier example which still forms an important benchmark for modern simulations. Dedicated super-orbital flight testing is generally considered too expensive today, and there is a reluctance to incorporate substantial instrumentation for aerothermal diagnostics into existing missions since it may compromise primary mission objectives. An alternative approach to on-board flight measurements, with demonstrated success particularly in the ‘Stardust’ sample return mission, is remote observation of spectral emissions from the capsule and shock layer [8]. JAXA’s ‘Hayabusa’ sample return capsule provides a recent super-orbital reentry example through which we illustrate contributions in three areas: (1) physical simulation of super-orbital re-entry conditions in the laboratory; (2) computational simulation of such flows; and (3) remote acquisition of optical emissions from a super-orbital re entry event.

Improving information security management in nonprofit organisations

All organisations, irrespective of size and type, need effective information security management (ISM) practices to protect vital organisational in- formation assets. However, little is known about the information security management practices of nonprofit organisations. Australian nonprofit organisations (NPOs) employed 889,900 people, managed 4.6 million volunteers and contributed $40,959 million to the economy during 2006-2007 (Australian Bureau of Statistics, 2009). This thesis describes the perceptions of information security management in two Australian NPOs and examines the appropriateness of the ISO 27002 information security management standard in an NPO context. The overall approach to the research is interpretive. A collective case study has been performed, consisting of two instrumental case studies with the researcher being embedded within two NPOs for extended periods of time. Data gathering and analysis was informed by grounded theory and action research, and the Technology Acceptance Model was utilised as a lens to explore the findings and provide limited generalisability to other contexts. The major findings include a distinct lack of information security management best practice in both organisations. ISM Governance and risk management was lacking and ISM policy was either outdated or non- existent. While some user focused ISM practices were evident, reference to standards, such as ISO 27002, were absent. The main factor that negatively impacted on ISM practices was the lack of resources available for ISM in the NPOs studied. Two novel aspects of information security dis- covered in this research were the importance of accuracy and consistency of information. The contribution of this research is a preliminary understanding of ISM practices and perceptions in NPOs. Recommendations for a new approach to managing information security management in nonprofit organisations have been proposed.

Health Librarianship Workforce and Education : Research to plan the future. Final Report.

In late 2009, Health Libraries Australia (HLA) received a small grant to undertake a national research project to determine the future requirements for health librarians in the workforce in Australia and develop a structured, modular education framework (post-graduate qualification and continuing professional development structure) to meet these requirements. The main objective was to consider the education and professional development framework that would ensure that health librarians have a clearly defined scope of practice and the specific competency based knowledge and skills that enable them to contribute to the design and delivery of high quality health services in this country. The final report presents a detailed discussion of the changing Australian healthcare environment and the resulting impact on the health library sector, as well as an overview of international trends in health libraries and the implications for Australian health librarianship education. The research methodology is outlined, followed by an analysis of the findings from the two surveys with health librarians and health library managers and the semi-structured interviews conducted with employers. The Medical Library Association (MLA) in the United States had developed a policy document detailing the competencies required by health librarians. It was found that the MLA competencies represented an accepted professional framework of skills which could be used objectively in the survey instrument to measure the areas of professional knowledge and responsibilities that were relevant in the current workplace, and to identify how these requirements might change in the next three to five years. The research results underscore the imperative for health librarians to engage in regular, relevant professional development activities that will enable them to stay abreast with the rapid contextual changes impacting on their practice. In order to be accepted as key members of the multi-disciplinary health professional team, it is strongly believed that health librarians should commit to establishing the mechanisms for specialist certification maintained through compulsory CPD in an ongoing three-year cycle of revalidation. This development would align ALIA and health librarians with other health sector professional associations which are responsible for the self regulation of entry to and continuation in their profession.