Modelling after-the-fact leakage for key exchange

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to prove the security of AKE protocols even when the adversary learns certain secret values. In this work, we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after the session key is established. We introduce a generic key exchange security model, which can be instantiated allowing bounded or continuous leakage, even when the adversary learns certain ephemeral secrets or session keys. Our model is the strongest known partial-leakage-based security model for key exchange protocols. We propose a generic construction of a two-pass leakage-resilient key exchange protocol that is secure in the proposed model, by introducing a new concept: the leakage-resilient NAXOS trick. We identify a special property for public-key cryptosystems: pair generation indistinguishability, and show how to obtain the leakage-resilient NAXOS trick from a pair generation indistinguishable leakage-resilient public-key cryptosystem.

Using a public key registry for improved trust and scalability in national E-health systems

An increasing number of countries are faced with an aging population increasingly needing healthcare services. For any e-health information system, the need for increased trust by such clients with potentially little knowledge of any security scheme involved is paramount. In addition notable scalability of any system has become a critical aspect of system design, development and ongoing management. Meanwhile cryptographic systems provide the security provisions needed for confidentiality, authentication, integrity and non-repudiation. Cryptographic key management, however, must be secure, yet efficient and effective in developing an attitude of trust in system users. Digital certificate-based Public Key Infrastructure has long been the technology of choice or availability for information security/assurance; however, there appears to be a notable lack of successful implementations and deployments globally. Moreover, recent issues with associated Certificate Authority security have damaged trust in these schemes. This paper proposes the adoption of a centralised public key registry structure, a non-certificate based scheme, for large scale e-health information systems. The proposed structure removes complex certificate management, revocation and a complex certificate validation structure while maintaining overall system security. Moreover, the registry concept may be easier for both healthcare professionals and patients to understand and trust.

On the security of PAS (predicate-based authentication service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

Food security

INTRODUCTION Globally, one-third of food production is lost annually due to negligent authorities. India alone loses some 21 million tonnes of wheat per year even while it has 200 million food-insecure people in the nation. Disturbingly provocative as it may sound, it is amazing how national and international institutions and governments make use of human hunger for their own survival (Raghib 2013). The global food system is increasingly insecure. Challenges to long-term global food security are encapsulated by resource scarcity, environmental degradation, biodiversity loss, climate change, reductions of farm labour and a growing world population. These issues are caused and aggravated by the spread of corporatised and monopolised food systems, dietary change, and urbanisation. These factors have rapidly brought food insecurity under the umbrella of unconventional security threats (Heukelom 2011). For some, humanitarian crises associated with food insecurity, or what has been dubbed ‘the silent tsunami’, is a pending peril, notably for the world’s poorest and most vulnerable people. For others, the food production industry is an emerging market with unprecedented profits. Despite this problem of food scarcity we are witnessing extraordinary ‘food wastage’, notably in North America and Europe, on a scale that would reportedly be capable of feeding the world’s hungry six times over (Stuart 2012). As the opening quotation to this chapter suggests, governments and corporations are deeply involved in the contexts, politics, and resources associated with food related issues. As many economically developed and advanced industrial nations are reporting a rise out of recession, announcements are made by the world’s richest countries that they are to cut $US2 billion per year from food aid. The head of the World Food Aid Programme, Rosette Sheeran, warns that such cuts could result in ‘the loss of a generation’ (Walters 2011). The global food crisis has also reinvigorated debates about agricultural development and genetically modified (GM) food; as well as fuelling debates about poverty, debt and security. This chapter provides a discussion of the political economy of global food debates and explores the threats and opportunities surrounding food production and future food security.

Electronic conveyancing in Australia: Is anyone concerned about security?

Three proof requirements as essential for a sustainable land registration system. These were proof of identity, proof of ownership, and authority to deal. Our attention in this paper is drawn to the latter two requirements and will ask whether the introduction of the Property Exchange of Australia (PEXA), and its underpinning regulatory regime will meet the concerns that we have in relation to proof of ownership and authority to deal. In drawing out some problems with PEXA, we then offer an innovative idea, sourced from the transfer of equities that could serve to generate discussion on how we can ensure the Torrens system of land registration is sustainable for another 160 years.

Women, peace and security as an ASEAN priority

The Association of South East Asian Nations (ASEAN) Secretariat and its member states have repeatedly professed their commitment to the protection and advancement of women’s economic and human rights. Such commitments have included the Declaration on the Advancement of Women in ASEAN in 1988, the ASEAN Declaration on the Elimination of Violence Against Women in 2004, and the ASEAN Declaration of Human Rights in 2012, as well as the establishment of the ASEAN Committee on Women in 2002 and the ASEAN Commission on the Promotion and Protection of Women and Children in 2009. However, none of these regional commitments or institutions expressly take up the core concern of the Women, Peace and Security (WPS) agenda set out in United Nations Security Council (UNSC) Resolution 1325 in 2000. ASEAN has no 1325 regional action plan and amongst the ASEAN membership, the Philippines is the only state that has adopted a 1325 National Action Plan (NAP). We explore the possible reasons for lack of ASEAN institutional engagement with 1325, outline the case for regional engagement, and suggest specific roles for ASEAN Secretariat, donor governments and individual member states to commit to UNSCR 1325 as a regional priority.

Electronic conveyancing in Australia : is anyone concerned about security?

We have previously suggested that three proof requirements are essential for a sustainable land registration system. These were proof of identity, proof of ownership and authority to deal. Our attention in this article is drawn to the security framework that surrounds these requirements. We will ask whether the introduction of the Property Exchange of Australia (PEXA), and its underpinning regulatory regime will meet the concerns that we have in relation to them. In drawing out some problems with PEXA, we then offer an innovative idea, sourced from the transfer of equities that could serve to generate discussion on how we can ensure the Torrens system of land registration is sustainable for another 160 years. We also canvass some more incremental suggestions that evolve out of what we currently do, as well as outlining some comparative externally sourced ideas as to how the transfer and ownership of land can be made safer for all citizens. Such a goal is imperative when land transfer and secure property ownership is a critical component of the economic infrastructure of a modern society.

Prosecution of maritime pirates : the national court is dead—long live the national court

Piracy is one of the main maritime security concerns in the contemporary world. The number of piracy incidents is increasing rapidly, which is highly problematic for maritime security. Although international law provides universal jurisdiction for the prosecution of maritime pirates, the actual number of prosecutions is alarmingly low compared to the number of incidents of piracy. Despite many states becoming parties to the relevant international conventions, they are reluctant to establish the necessary legal and institutional frameworks at the national level for the prosecution of pirates. The growing incidences of piracy and the consequential problems associated with prosecuting pirates have created doubts about the adequacy of the current international legal system, which is fully dependent on national courts for the prosecution of pirates. This article examines the possible ways for ensuring the effective prosecution of pirates. Contrary to the different proposals forwarded by researchers in the wake of Somali piracy for the establishment of international judicial institutions for the prosecution of pirates, this article argues that the operationalization of national courts through the proper implementation of relevant international legal instruments within domestic legal systems is the most viable solution. However, this article submits that the operationalization of national courts will not be very successful following the altruistic model of universal adjudicative jurisdiction. A state may enact legislation implementing universal jurisdiction but will not be very interested in prosecuting a pirate in its national court if it has no relation with the piratical incident. Rather, it will be successful if the global community seriously implement the Convention for the Suppression of Unlawful Acts against the Safety of Maritime Navigation (SUA Convention), which obligates the states that have some connection with a piratical incident to prosecute pirates in their national courts.

Personal values and political activism: A cross-national study

Using data from 28 countries in four continents, the present research addresses the question of how basic values may account for political activism. Study 1 (N = 35,116) analyses data from representative samples in 20 countries that responded to the 21-item version of the Portrait Values Questionnaire (PVQ-21) in the European Social Survey. Study 2 (N = 7,773) analyses data from adult samples in six of the same countries (Finland, Germany, Greece, Israel, Poland, and United Kingdom) and eight other countries (Australia, Brazil, Chile, Italy, Slovakia, Turkey, Ukraine, and United States) that completed the full 40-item PVQ. Across both studies, political activism relates positively to self-transcendence and openness to change values, especially to universalism and autonomy of thought, a subtype of self-direction. Political activism relates negatively to conservation values, especially to conformity and personal security. National differences in the strength of the associations between individual values and political activism are linked to level of democratization.

Basic personal values underlie and give coherence to political values: A cross national study in 15 countries

Do the political values of the general public form a coherent system? What might be the source of coherence? We view political values as expressions, in the political domain, of more basic personal values. Basic personal values (e.g., security, achievement, benevolence, hedonism) are organized on a circular continuum that reflects their conflicting and compatible motivations. We theorize that this circular motivational structure also gives coherence to political values. We assess this theorizing with data from 15 countries, using eight core political values (e.g., free enterprise, law and order) and ten basic personal values. We specify the underlying basic values expected to promote or oppose each political value. We offer different hypotheses for the 12 non-communist and three post-communist countries studied, where the political context suggests different meanings of a basic or political value. Correlation and regression analyses support almost all hypotheses. Moreover, basic values account for substantially more variance in political values than age, gender, education, and income. Multidimensional scaling analyses demonstrate graphically how the circular motivational continuum of basic personal values structures relations among core political values. This study strengthens the assumption that individual differences in basic personal values play a critical role in political thought.

Transparent, balanced and vigorous: The exercise of the Australian Privacy Commissioner's powers in relation to National Privacy Principle 4

This thesis considers whether the Australian Privacy Commissioner's use of its powers supports compliance with the requirement to 'take reasonable steps' to protect personal information in National Privacy Principle 4 of the Privacy Act 1988 (Cth). Two unique lenses were used. First, the Commissioner's use of powers was assessed against the principles of transparency, balance and vigorousness and secondly against alignment with an industry practice approach to securing information. Following a comprehensive review of publicly available materials, interviews and investigation file records, this thesis found that the Commissioner's use of his powers has not been transparent, balanced or vigorous, nor has it been supportive of an industry practice approach to securing data. Accordingly, it concludes that the Privacy Commissioner's use of its regulatory powers is unlikely to result in any significant improvement to the security of personal information held by organisations in Australia.

Information Security and Privacy : Proceedings of the 9th Australasian Conference, ACISP 2004, Sydney, Australia, July 13-15, 2004.

Preface The 9th Australasian Conference on Information Security and Privacy (ACISP 2004) was held in Sydney, 13–15 July, 2004. The conference was sponsored by the Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Information and Networked Security Systems Research (INSS), Macquarie University and the Australian Computer Society. The aims of the conference are to bring together researchers and practitioners working in areas of information security and privacy from universities, industry and government sectors. The conference program covered a range of aspects including cryptography, cryptanalysis, systems and network security. The program committee accepted 41 papers from 195 submissions. The reviewing process took six weeks and each paper was carefully evaluated by at least three members of the program committee. We appreciate the hard work of the members of the program committee and external referees who gave many hours of their valuable time. Of the accepted papers, there were nine from Korea, six from Australia, five each from Japan and the USA, three each from China and Singapore, two each from Canada and Switzerland, and one each from Belgium, France, Germany, Taiwan, The Netherlands and the UK. All the authors, whether or not their papers were accepted, made valued contributions to the conference. In addition to the contributed papers, Dr Arjen Lenstra gave an invited talk, entitled Likely and Unlikely Progress in Factoring. This year the program committee introduced the Best Student Paper Award. The winner of the prize for the Best Student Paper was Yan-Cheng Chang from Harvard University for his paper Single Database Private Information Retrieval with Logarithmic Communication. We would like to thank all the people involved in organizing this conference. In particular we would like to thank members of the organizing committee for their time and efforts, Andrina Brennan, Vijayakrishnan Pasupathinathan, Hartono Kurnio, Cecily Lenton, and members from ACAC and INSS.

Governing civil society: How literacy, education and security were brought together

This study questions how the categories of security, education and literacy were brought together as related elements of a whole-of-government strategy in the production of civil society. Drawing on an analysis of key political texts, the study argues that the categories of education and literacy have been used in diverse ways in the production of national, social, economic and geopolitical security interests. As dialogue about security has intensified, rationalisations about the national interest have engaged notions of security leading to the legitimation of a diverse set of policy instruments, strategically used to contain the rise of complex social forces and protect homogenous cultural values.

Finding the leverage point in the sustainability crisis: Global, national and regional Australian responses

From an economic perspective, the sustainability crisis is ultimately characterized by a worsening relationship between the resources required to support the global population and the ability of the earth to supply them. Despite the ever-increasing threat of a calamity, modern society appears unable to alter its course. The very systems which underpin global human endeavor seem to actively prevent meaningful change and the one irrepressible goal to which all societies seem to strive is the very thing that makes such endeavor ultimately life threatening: that of global growth. Using the Australian experience as an exemplar, this paper explores how the concept of growth infiltrates societal reactions to the crisis at various scales – global, national and regional. Analysis includes historic studies, a critique of current misconceptions around population demographics, comparative evaluation of various interventions in the Australian context and considerations around potential ways to address the crisis.

Corporate Governance in the 21st Century: Japan's Gradual Transformation

The 'lost' decade of economic stagnation in Japan during the 1990s has become a 'found decade' for regulatory and institutional reform. With nearly all areas of the 'law in the books' reviewed, revised and rewritten, the Japanese legal system is no longer the system that foreign commentators felt they were finally starting to understand by the 1980s. Nowhere is this more evident than in corporate governance. Corporate and securities legislation has been comprehensively revamped over 1993-2007, creating a more flexible and transparent regime for shareholders and managers. Financial markets law and regulatory institutions have changed, too, creating a new context for Japan's 'main banks' as alternative or additional outside monitors of managerial performance in borrowing firms. Even the legislation surrounding labour regulations has been amended, reinforcing the lifelong security privileges for elite employee-stakeholders, yet also hastening the growth of other atypical employment relationships. But how do such legislative reforms affecting key players in Japanese firms, covering areas central to the design of Japanese capitlaism, play out in the 'law in action'? Overall, this book argues that a significant gradual transformation has occurred. Although this is evident also in other advanced industrialised democracies, such as Germany, Japan reveals especially complex interactions in the various fields that sometimes emphasise different ways of achieving such transformation.