Formal security analysis of Australian e-passport implementation

This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.

On the provable security of an efficient RSA-based pseudorandom generator

Pseudorandom Generators (PRGs) based on the RSA inversion (one-wayness) problem have been extensively studied in the literature over the last 25 years. These generators have the attractive feature of provable pseudorandomness security assuming the hardness of the RSA inversion problem. However, despite extensive study, the most efficient provably secure RSA-based generators output asymptotically only at most O(logn) bits per multiply modulo an RSA modulus of bitlength n, and hence are too slow to be used in many practical applications. To bring theory closer to practice, we present a simple modification to the proof of security by Fischlin and Schnorr of an RSA-based PRG, which shows that one can obtain an RSA-based PRG which outputs Ω(n) bits per multiply and has provable pseudorandomness security assuming the hardness of a well-studied variant of the RSA inversion problem, where a constant fraction of the plaintext bits are given. Our result gives a positive answer to an open question posed by Gennaro (J. of Cryptology, 2005) regarding finding a PRG beating the rate O(logn) bits per multiply at the cost of a reasonable assumption on RSA inversion.

Enterprise business technology governance: A validation of three technology-governance competencies for boards of directors

The competent leadership and governance of digital transformation needs to involve the board of directors. The reported lack of such capability in boards is becoming a pressing issue. Underpinning leadership in such transformation are the competencies to effectively govern Enterprise Technology (ETG). In this paper we take the position that ETG competencies are essential in boards because competent enterprise business technology governance has been shown to contribute to increased revenue, profit, and returns. We report the industry validation processes of a set of three board-of-director competencies needed for effective ETG related to strategy and planning; investment and risk; and, innovation and value creation. We conclude that gaps in board ETG competence remain.

The evolving landscape of natural resource planning and governance in Australia

Australia’s governance of land and natural resources involves multiple polycentric domains of decision-making from global through to local levels. Although certainly complex, these arrangements have not necessarily translated into better decision-making or better environmental outcomes as evidenced by the growing concerns over the health and future of the Great Barrier Reef, (GBR). However within this system, arrangements for natural resource management (NRM) and reef water quality, which both use Australia’s integrated regional NRM model, have showed signs of improving decision-making and environmental outcomes in the GBR. In this paper we describe the latest evolutions in the governance and planning for natural resource use and management in Australia. We begin by reviewing the experience with first generation NRM as published in major audits and evaluations. As our primary interest is the health and future of the GBR, we then consider the impact of changes of second generation planning and governance outcomes in Queensland. We find that first generation plans, although developed under a relatively cohesive governance context, faced substantial problems in target setting, implementation, monitoring and review. Despite this, they were able to progress improvements in water quality in the Great Barrier Reef Regions. Second generation plans, currently being developed, face an even greater risk of failure due to the lack of bilateralism and cross-sectoral cooperation across the NRM governance system. The findings highlight the critical need to re-build and enhance the regional NRM model for NRM planning to have a positive impact on environmental outcomes in the GBR.

Governance and regional variation of homicide rates: Evidence from cross-national data

Criminological theories of cross-national studies of homicide have underestimated the effects of quality governance of liberal democracy and region. Data sets from several sources are combined and a comprehensive model of homicide is proposed. Results of the spatial regression model, which controls for the effect of spatial autocorrelation, show that quality governance, human development, economic inequality, and ethnic heterogeneity are statistically significant in predicting homicide. In addition, regions of Latin America and non-Muslim Sub-Saharan Africa have significantly higher rates of homicides ceteris paribus while the effects of East Asian countries and Islamic societies are not statistically significant. These findings are consistent with the expectation of the new modernization and regional theories.

Leading Digital Transformation: Building Technology and Information Governance Capability in Boards of Directors and the C-Suite

Information and technology and its use in organisation transformation presents unprecedented opportunities and risks. Increasingly, the Governance of Enterprise Information and Technology (GEIT) competency in the board room and executive is needed. Whether your organization is small or large, public, private or not for profit or whether your industry is not considered high-tech, IT is impacting your sector – no exceptions. But there is a skill shortage in boards: GEIT capability is concerningly low. This capability is urgently needed across the board, including those directors who come from finance, legal, marketing, operations and HR backgrounds. Digital disruption also affects all occupations. Putting in place a vision will help ensure emergency responses will meet technology-related duty of care responsibilities. When GEIT-related forward thinking and planning is carried out at the same time that you put your business strategy and plan in place, your organization has a significantly increased chance of not only surviving, but thriving into the future. Those organizations that don’t build GEIT capability risk joining the growing list of once-leading firms left behind in the digital ‘cloud of smoke’. Those organizations that do will be better placed to reap the benefits and hedge against the risks of a digital world. This chapter provides actionable, research-based considerations and processes for boards to use, to build awareness, knowledge and skills in governing technology-related organization strategy, risk and value creation.

A Framework of Issues in Large Process Modelling Projects

As process management projects have increased in size due to globalised and company-wide initiatives, a corresponding growth in the size of process modeling projects can be observed. Despite advances in languages, tools and methodologies, several aspects of these projects have been largely ignored by the academic community. This paper makes a first contribution to a potential research agenda in this field by defining the characteristics of large-scale process modeling projects and proposing a framework of related issues. These issues are derived from a semi -structured interview and six focus groups conducted in Australia, Germany and the USA with enterprise and modeling software vendors and customers. The focus groups confirm the existence of unresolved problems in business process modeling projects. The outcomes provide a research agenda which directs researchers into further studies in global process management, process model decomposition and the overall governance of process modeling projects. It is expected that this research agenda will provide guidance to researchers and practitioners by focusing on areas of high theoretical and practical relevance.

The function of property in creating an effective legal regime for trade in environmental offsets

Market-based environmental regulation is becoming increasingly common within international and national frameworks. Environmental offset and trading regimes are part of the market-based instrument revolution. This paper proposes that environmental market mechanisms could be used to introduce an ethic of land holder responsibility. In order for market based regimes to attract sufficient levels of stakeholder engagement, participants within such scheme require an incentive to participate and furthermore need to feel a sense of security about investing in such processes. A sense of security is often associated with property based interests. This paper explores the property related issues connected with environmental offset and trading scheme initiatives. Relevant property-related considerations include land tenure considerations, public versus private management of land choices, characteristics and powers associated with property interests, theories defining property and the recognition of legal proprietal interests. The Biodiversity Banking Scheme in New South Wales is then examined as a case study followed by a critique on the role of environmental markets.

Protocol engineering for protection against denial-of-service attacks

Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.

Security metrics for object-oriented class designs

Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.

A 'deleterious' effect? : Australian legal education and the production of the legal identity

A body of critical legal scholarship argues that, by the time they have completed their studies, students who enter legal education holding social ideals and intending to use their legal education to achieve social change, have become cynical about the ability of the law to do so and no longer possess such ideals. This is explained by critical scholars to be the result of a process of ideological indoctrination, aimed at ensuring that graduates uphold the narrow and conservative interests of the legal profession and capitalist society, being exercised by law schools acting as adjuncts of the legal profession, and exercised upon the passive body of the law student. By using Foucault’s work on knowledge, power, and the subject to interrogate the assumptions upon which this narrative is based, this thesis intends to suggest a way of thinking differently to the approach taken by many critical legal scholars. It then uses an analytics of government (based on Foucault’s notion of ‘governmentality’) to consider the construction of the legal identity differently. It examines the ways in which the governance of the legal identity is rationalised, programmed, and implemented, in three Queensland law schools. It also looks at the way that five prescriptive texts to ‘surviving’ law school suggest students establish and practise a relation to themselves in order to construct their own legal identities. Overall, this analysis shows that governance is not simply conducted in the profession’s interests, but occurs due to a complex arrangement of different practices, which can lead to the construction of skilled legal professional identities as well as ethical lawyer-citizens that hold an interest in justice. The implications of such an analytics provide the basis for original ways of understanding legal education, and legal education scholarship.

Risk-assessment practices in the private rental sector : implications for low-income renters (Final Report)

This report focuses on risk-assessment practices in the private rental market, with particular consideration of their impact on low-income renters. It is based on the fieldwork undertaken in the second stage of the research process that followed completion of the Positioning Paper. The key research question this study addressed was: What are the various factors included in ‘risk-assessments’ by real estate agents in allocating ‘affordable’ tenancies? How are these risks quantified and managed? What are the key outcomes of their decision-making? The study builds on previous research demonstrating that a relatively large proportion of low-cost private rental accommodation is occupied by moderate- to high-income households (Wulff and Yates 2001; Seelig 2001; Yates et al. 2004). This is occurring in an environment where the private rental sector is now the de facto main provider of rental housing for lower-income households across Australia (Seelig et al. 2005) and where a number of factors are implicated in patterns of ‘income–rent mismatching’. These include ongoing shifts in public housing assistance; issues concerning eligibility for rent assistance; ‘supply’ factors, such as loss of low-cost rental stock through upgrading and/or transfer to owner-occupied housing; patterns of supply and demand driven largely by middle- to high-income owner-investors and renters; and patterns of housing need among low-income households for whom affordable housing is not appropriate. In formulating a way of approaching the analysis of ‘risk-assessment’ in rental housing management, this study has applied three sociological perspectives on risk: Beck’s (1992) formulation of risk society as entailing processes of ‘individualisation’; a socio-cultural perspective which emphasises the situated nature of perceptions of risk; and a perspective which has drawn attention to different modes of institutional governance of subjects, as ‘carriers of specific indicators of risk’. The private rental market was viewed as a social institution, and the research strategy was informed by ‘institutional ethnography’ as a method of enquiry. The study was based on interviews with property managers, real estate industry representatives, tenant advocates and community housing providers. The primary focus of inquiry was on ‘the moment of allocation’. Six local areas across metropolitan and regional Queensland, New South Wales, and South Australia were selected as case study localities. In terms of the main findings, it is evident that access to private rental housing is not just a matter of ‘supply and demand’. It is also about assessment of risk among applicants. Risk – perceived or actual – is thus a critical factor in deciding who gets housed, and how. Risk and its assessment matter in the context of housing provision and in the development of policy responses. The outcomes from this study also highlight a number of salient points: 1.There are two principal forms of risk associated with property management: financial risk and risk of litigation. 2. Certain tenant characteristics and/or circumstances – ability to pay and ability to care for the rented property – are the main factors focused on in assessing risk among applicants for rental housing. Signals of either ‘(in)ability to pay’ and/or ‘(in)ability to care for the property’ are almost always interpreted as markers of high levels of risk. 3. The processing of tenancy applications entails a complex and variable mix of formal and informal strategies of risk-assessment and allocation where sorting (out), ranking, discriminating and handing over characterise the process. 4. In the eyes of property managers, ‘suitable’ tenants can be conceptualised as those who are resourceful, reputable, competent, strategic and presentable. 5. Property managers clearly articulated concern about risks entailed in a number of characteristics or situations. Being on a low income was the principal and overarching factor which agents considered. Others included: - unemployment - ‘big’ families; sole parent families - domestic violence - marital breakdown - shift from home ownership to private rental - Aboriginality and specific ethnicities - physical incapacity - aspects of ‘presentation’. The financial vulnerability of applicants in these groups can be invoked, alongside expressed concerns about compromised capacities to manage income and/or ‘care for’ the property, as legitimate grounds for rejection or a lower ranking. 6. At the level of face-to-face interaction between the property manager and applicants, more intuitive assessments of risk based upon past experience or ‘gut feelings’ come into play. These judgements are interwoven with more systematic procedures of tenant selection. The findings suggest that considerable ‘risk’ is associated with low-income status, either directly or insofar as it is associated with other forms of perceived risk, and that such risks are likely to impede access to the professionally managed private rental market. Detailed analysis suggests that opportunities for access to housing by low-income householders also arise where, for example: - the ‘local experience’ of an agency and/or property manager works in favour of particular applicants - applicants can demonstrate available social support and financial guarantors - an applicant’s preference or need for longer-term rental is seen to provide a level of financial security for the landlord - applicants are prepared to agree to specific, more stringent conditions for inspection of properties and review of contracts - the particular circumstances and motivations of landlords lead them to consider a wider range of applicants - In particular circumstances, property managers are prepared to give special consideration to applicants who appear worthy, albeit ‘risky’. The strategic actions of demonstrating and documenting on the part of vulnerable (low-income) tenant applicants can improve their chances of being perceived as resourceful, capable and ‘savvy’. Such actions are significant because they help to persuade property managers not only that the applicant may have sufficient resources (personal and material) but that they accept that the onus is on themselves to show they are reputable, and that they have valued ‘competencies’ and understand ‘how the system works’. The parameters of the market do shape the processes of risk-assessment and, ultimately, the strategic relation of power between property manager and the tenant applicant. Low vacancy rates and limited supply of lower-cost rental stock, in all areas, mean that there are many more tenant applicants than available properties, creating a highly competitive environment for applicants. The fundamental problem of supply is an aspect of the market that severely limits the chances of access to appropriate and affordable housing for low-income rental housing applicants. There is recognition of the impact of this problem of supply. The study indicates three main directions for future focus in policy and program development: providing appropriate supports to tenants to access and sustain private rental housing, addressing issues of discrimination and privacy arising in the processes of selecting suitable tenants, and addressing problems of supply.

Is the world their oyster? The global imagination of pre-service teachers

This paper reports on a qualitative interview study with eleven pre-service primary teachers in Queensland about their career plans exploring whether and how a global imagination motivates this next generation of teachers. The study is framed within sociological theory of globalisation, with regard to the growing possibilities for international mobility for work purposes, and the new life circumstances which make this imaginable. Teaching as a profession has changed and teachers are no longer as entangled with specific systems or geographical locations anymore. International recruitment campaigns are shown to pursue these pre-service teachers during their university preparation. The analysis of the interview data reveals the kind of impact these possibilities make on how pre-service teachers imagine their career, and what other considerations enhance or limit their global imagination. The findings are used to reflect on the highly localised governance of pre-service teacher preparation and the limited state-bound imaginaries to which these pre-service teachers are unnecessarily confined in their preparation.

An analysis of the RC4 family of stream ciphers against algebraic attacks

To date, most applications of algebraic analysis and attacks on stream ciphers are on those based on lin- ear feedback shift registers (LFSRs). In this paper, we extend algebraic analysis to non-LFSR based stream ciphers. Specifically, we perform an algebraic analysis on the RC4 family of stream ciphers, an example of stream ciphers based on dynamic tables, and inves- tigate its implications to potential algebraic attacks on the cipher. This is, to our knowledge, the first pa- per that evaluates the security of RC4 against alge- braic attacks through providing a full set of equations that describe the complex word manipulations in the system. For an arbitrary word size, we derive alge- braic representations for the three main operations used in RC4, namely state extraction, word addition and state permutation. Equations relating the inter- nal states and keystream of RC4 are then obtained from each component of the cipher based on these al- gebraic representations, and analysed in terms of their contributions to the security of RC4 against algebraic attacks. Interestingly, it is shown that each of the three main operations contained in the components has its own unique algebraic properties, and when their respective equations are combined, the resulting system becomes infeasible to solve. This results in a high level of security being achieved by RC4 against algebraic attacks. On the other hand, the removal of an operation from the cipher could compromise this security. Experiments on reduced versions of RC4 have been performed, which confirms the validity of our algebraic analysis and the conclusion that the full RC4 stream cipher seems to be immune to algebraic attacks at present.