SKMA - A Key Management Architecture for SCADA Systems

Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.

Key performance indicators for measuring construction success

The construction industry is dynamic in nature. The concept of project success has remained ambiguously defined in the construction industry. Project success is almost the ultimate goal for every project. However, it means different things to different people. While some writers consider time, cost and quality as predominant criteria, others suggest that success is something more complex. The aim of this paper is to develop a framework for measuring success of construction projects. In this paper, a set of key performance indicators (KPIs), measured both objectively and subjectively are developed through a comprehensive literature review. The validity of the proposed KPIs is also tested by three case studies. Then, the limitations of the suggested KPIs are discussed. With the development of KPIs, a benchmark for measuring the performance of a construction project can be set. It also provides significant insights into developing a general and comprehensive base for further research.

Universally composable contributory group key exchange

We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.

Modeling key compromise impersonation attacks on group key exchange protocols

A key exchange protocol allows a set of parties to agree upon a secret session key over a public network. Two-party key exchange (2PKE) protocols have been rigorously analyzed under various models considering different adversarial actions. However, the analysis of group key exchange (GKE) protocols has not been as extensive as that of 2PKE protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for the case of GKE protocols. We first model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure even against outsider KCI attacks. The attacks on these protocols demonstrate the necessity of considering KCI resilience for GKE protocols. Finally, we give a new proof of security for an existing GKE protocol under the revised model assuming random oracles.

Health professional partnerships and their impact on Aboriginal health : an occupational therapist's and Aboriginal health worker's perspective

Objective: To describe the extent and nature of demonstrated professional partnerships between occupational therapists and Aboriginal health workers in rural and remote communities of North Queensland. The study identifies ways in which professional partnerships improve client services and enhance occupational therapy outcomes through exploring the aspects of communication, collaboration and bridging cultural boundaries.---------- Design: Data collected via in-depth, semistructured telephone interviews. ---------- Setting: Aboriginal and mainstream health and human service organisations in rural and remote North Queensland. Rural and remote areas were identified using the Accessibility and Remoteness Index of Australia codes. ---------- Participants: Seven participants working in rural and remote areas of North Queensland, comprising four occupational therapists and three Aboriginal health workers. All participants were female. ---------- Results: Participants identified five core themes when describing the extent and nature of professional partnerships between occupational therapists and Aboriginal health workers. Themes include: professional interaction; perception of professional roles; benefits to the client; professional interdependence; and significance of Aboriginal culture. According to participants, when partnerships between occupational therapists and Aboriginal health workers were formed, clients received a more culturally appropriate service, were more comfortable in the presence of the occupational therapist, obtained a greater understanding of occupational therapy assessment and intervention, and felt valued in the health care process. ---------- Conclusions: This study substantiates the necessity for the formation of professional partnerships between occupational therapists and Aboriginal health workers. The findings suggest that participation in professional partnerships has positive implications for occupational therapists working with Aboriginal clients and Aboriginal health workers in rural and remote regions of North Queensland.

The case for quantum key distribution

Quantum key distribution (QKD) promises secure key agreement by using quantum mechanical systems. We argue that QKD will be an important part of future cryptographic infrastructures. It can provide long-term confidentiality for encrypted information without reliance on computational assumptions. Although QKD still requires authentication to prevent man-in-the-middle attacks, it can make use of either information-theoretically secure symmetric key authentication or computationally secure public key authentication: even when using public key authentication, we argue that QKD still offers stronger security than classical key agreement.

Learning to reflect in the first year of legal education : the key to surviving legal education and legal practice

Lawyers and law students suffer significant rates of depression and substance abuse. This paper suggests that Law Schools have an obligation to assist students to develop the emotional intelligence necessary in order to cope with the stressful nature of legal practice. We draw on Schön’s discussion of the indeterminate zone of professional practice to suggest that reflective practice is the means by which students can become sufficiently emotionally intelligent to become balanced and happy lawyers. We suggest that incorporating reflective practice in intentional curriculum design in the first year of law is an effective first step in assisting students to develop the emotional intelligence necessary to survive the study and practice of law.

Safer construction : the development of a guide to best practice

In Australia, an average 49 building and construction workers have been killed at work each year since 1997-98. Building/construction workers are more than twice as likely to be killed at work, than the average worker in all Australian industries. The ‘Safer Construction’ project, funded by the CRC-Construction Innovation and led by a task force comprising representatives of construction clients, designers and constructors, developed a Guide to Best Practice for Safer Construction. The Guide, which was informed by research undertaken at RMIT University, Queensland University of Technology and Curtin University, establishes broad principles for the improvement of safety in the industry and provides a ‘roadmap’ for improvement based upon lifecycle stages of a building/construction project. Within each project stage, best practices for the management of safety are identified. Each best practice is defined in terms of the recommended action, its key benefits, desirable outcomes, performance measures and leadership. ‘Safer Construction’ practices are identified from the planning to commissioning stages of a project. The ‘Safer Construction’ project represents the first time that key stakeholder groups in the Australian building/construction industry have worked together to articulate best practice and establish an appropriate basis for allocating (and sharing) responsibility for project safety performance.

Harmonising procurement policy environment - identifying key themes towards the development of a conceptual model

Capital works procurement and its regulatory policy environment within a country can be complex entities. For example, by virtue of Australia’s governmental division between the Commonwealth, states and local jurisdictions and the associated procurement networks and responsibilities at each level, the tendering process is often convoluted. There are four inter-related key themes identified in the literature in relation to procurement disharmony, including decentralisation, risk & risk mitigation, free trade & competition, and tendering costs. This paper defines and discusses these key areas of conflict that adversely impact upon the business environments of industry through a literature review, policy analysis and consultation with capital works procurement stakeholders. The aim of this national study is to identify policy differences between jurisdictions in Australia, and ascertain whether those differences are a barrier to productivity and innovation. This research forms an element of a broader investigation with an aim of developing efficient, effective and nationally harmonised procurement systems. Keywords: capital works, procurement policy reform Acknowledgement: The research described in this paper carried out by the Australian Cooperative Research Centre for Construction Innovation.

What will the next buyer pay? the key to investing in property

Most investors look at the initial return (or yield) that they will receive from an investment property, but this is only part of the picture. The more important issue is what capital appreciation will be achieved. Unless an investment property will deliver substantial capital appreciation, it is unlikely to be a good investment in financial terms.

Strongly Secure Certificateless Key Agreement

We introduce a formal model for certificateless authenticated key exchange (CL-AKE) protocols. Contrary to what might be expected, we show that the natural combination of an ID-based AKE protocol with a public key based AKE protocol cannot provide strong security. We provide the first one-round CL-AKE scheme proven secure in the random oracle model. We introduce two variants of the Diffie-Hellman trapdoor the introduced by \cite{DBLP:conf/eurocrypt/CashKS08}. The proposed key agreement scheme is secure as long as each party has at least one uncompromised secret. Thus, our scheme is secure even if the key generation centre learns the ephemeral secrets of both parties.

Identification of key environmental issues for building materials

Manufacture, construction and use of buildings and building materials make a significant environmental impact internally (inside the building), locally (neighbourhood) and globally. Life cycle assessment (LCA) methodology is being applied for evaluating the environmental impact of building/or building materials. One of the major applications of LCA is to identify key issues of a product system from cradle to grave. Key issues identified in an LCA lead one to the right direction in assessing the environmental aspects of a product system and help to identify the areas for improvement of the environmental performance of a product as well. The purpose of this paper is to suggest two methods for identifying key issues using an integrated tool (LCADesign), which has been developed to provide a method of determining the best alternative for reducing environmental impacts from a building or building materials, and compare both methods in the case study. This paper assists the designers or marketers related to building or building materials in their decision making by giving information on activities or alternatives which are identified as key issues for environmental impacts.

A forward and backward secure key management in wireless sensor networks for PCS/SCADA

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.