95 resultados para Response time (computer systems)
Resumo:
Early works on Private Information Retrieval (PIR) focused on minimizing the necessary communication overhead. They seemed to achieve this goal but at the expense of query response time. To mitigate this weakness, protocols with secure coprocessors were introduced. They achieve optimal communication complexity and better online processing complexity. Unfortunately, all secure coprocessor-based PIR protocols require heavy periodical preprocessing. In this paper, we propose a new protocol, which is free from the periodical preprocessing while offering the optimal communication complexity and almost optimal online processing complexity. The proposed protocol is proven to be secure.
Resumo:
Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.
Resumo:
Unified Communication (UC) is the integration of two or more real time communication systems into one platform. Integrating core communication systems into one overall enterprise level system delivers more than just cost saving. These real-time interactive communication services and applications over Internet Protocol (IP) have become critical in boosting employee accessibility and efficiency, improving customer support and fostering business agility. However, some small and medium-sized businesses (SMBs) are far from implementing this solution due to the high cost of initial deployment and ongoing support. In this paper, we will discuss and demonstrate an open source UC solution, viz. “Asterisk” for use by SMBs, and report on some performance tests using SIPp. The contribution from this research is the provision of technical advice to SMBs in deploying UC, which is manageable in terms of cost, ease of deployment and support.
Resumo:
Substation Automation Systems have undergone many transformational changes triggered by improvements in technologies. Prior to the digital era, it made sense to confirm that the physical wiring matched the schematic design by meticulous and laborious point to point testing. In this way, human errors in either the design or the construction could be identified and fixed prior to entry into service. However, even though modern secondary systems today are largely computerised, we are still undertaking commissioning testing using the same philosophy as if each signal were hard wired. This is slow and tedious and doesn’t do justice to modern computer systems and software automation. One of the major architectural advantages of the IEC 61850 standard is that it “abstracts” the definition of data and services independently of any protocol allowing the mapping of them to any protocol that can meet the modelling and performance requirements. On this basis, any substation element can be defined using these common building blocks and are made available at the design, configuration and operational stages of the system. The primary advantage of accessing data using this methodology rather than the traditional position method (such as DNP 3.0) is that generic tools can be created to manipulate data. Self-describing data contains the information that these tools need to manipulate different data types correctly. More importantly, self-describing data makes the interface between programs robust and flexible. This paper proposes that the improved data definitions and methods for dealing with this data within a tightly bound and compliant IEC 61850 Substation Automation System could completely revolutionise the need to test systems when compared to traditional point to point methods. Using the outcomes of an undergraduate thesis project, we can demonstrate with some certainty that it is possible to automatically test the configuration of a protection relay by comparing the IEC 61850 configuration extracted from the relay against its SCL file for multiple relay vendors. The software tool provides a quick and automatic check that the data sets on a particular relay are correct according to its CID file, thus ensuring that no unexpected modifications are made at any stage of the commissioning process. This tool has been implemented in a Java programming environment using an open source IEC 61850 library to facilitate the server-client association with the relay.
Resumo:
Background Sedentary behaviour is associated with several deleterious health consequences. Although device-based measures of sedentary time are available, they are costly and do not provide a measure of domain specific sedentary time. High quality self-report measures are necessary to accurately capture domain specific sedentary time, and to provide an alternative to devices when cost is an issue. In this study, the Past-day Adults’ Sedentary Time (PAST) questionnaire, previously shown to have acceptable validity and reliability in a sample of breast cancer survivors, was modified for a university sample and validity of the modified questionnaire was examined compared with activPAL. Methods Participants (n = 58, age = 18–55 years, 48% female, 66% students) were recruited from the University of Queensland (students and staff). They answered the PAST questionnaire, which asked about time spent sitting or lying down for work, study, travel, television viewing, leisure-time computer use, reading, eating, socialising and other purposes, during the previous day. Time reported for these questions was summed to provide a measure of total sedentary time. Participants also wore an activPAL device for the full day prior to completing the questionnaire and recorded their wake and sleep times in an activity log. Total waking sedentary time derived from the activPAL was used as the criterion measure. Correlation (Pearson's r) and agreement (Bland–Altman plots) between PAST and activPAL sedentary time were examined. Results Participants were sedentary (activPAL-determined) for approximately 66% of waking hours. The correlation between PAST and activPAL sedentary time for the whole sample was r = 0.50 [95% confidence interval (CI) = 0.28–0.67]; and higher for non-students (r = 0.63, 95% CI = 0.26–0.84) than students (r = 0.46, 95% CI = 0.16–0.68). Bland–Altman plots revealed that the mean difference between the two measures was 19 min although limits of agreement were wide (95% limits of agreement −4.1 to 4.7 h). Discussion The PAST questionnaire provides an acceptable measure of sedentary time in this population, which included students and adults with high workplace sitting. These findings support earlier research that questionnaires employing past-day recall of sedentary time provide a viable alternative to existing sedentary behaviour questionnaires.
Resumo:
Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.
Resumo:
• Introduction: Concern and action for rural road safety is relatively new in Australia in comparison to the field of traffic safety as a whole. In 2003, a program of research was begun by the Centre for Accident Research and Road Safety - Queensland (CARRS-Q) and the Rural Health Research Unit (RHRU) at James Cook University to investigate factors contributing to serious rural road crashes in the North Queensland region. This project was funded by the Premier’s Department, Main Roads Department, Queensland Transport, QFleet, Queensland Rail, Queensland Ambulance Service, Department of Natural Resources and Queensland Police Service. Additional funding was provided by NRMA Insurance for a PhD scholarship. In-kind support was provided through the four hospitals used for data collection, namely Cairns Base Hospital, The Townsville Hospital, Mount Isa Hospital and Atherton Hospital.----- The primary aim of the project was to: Identify human factors related to the occurrence of serious traffic incidents in rural and remote areas of Australia, and to the trauma suffered by persons as a result of these incidents, using a sample drawn from a rural and remote area in North Queensland.----- The data and analyses presented in this report are the core findings from two broad studies: a general examination of fatalities and casualties from rural and remote crashes for the period 1 March 2004 until 30 June 2007, and a further linked case-comparison study of hospitalised patients compared with a sample of non-crash-involved drivers.----- • Method: The study was undertaken in rural North Queensland, as defined by the Australian Bureau of Statistics (ABS) statistical divisions of North Queensland, Far North Queensland and North-West Queensland. Urban areas surrounding Townsville, Thuringowa and Cairns were not included. The study methodology was centred on serious crashes, as defined by a resulting hospitalisation for 24 hours or more and/or a fatality. Crashes meeting this criteria within the North Queensland region between 1 March 2004 and 30 June 2007 were identified through hospital records and interviewed where possible. Additional data was sourced from coroner’s reports, the Queensland Transport road crash database, the Queensland Ambulance Service and the study hospitals in the region.----- This report is divided into chapters corresponding to analyses conducted on the collected crash and casualty data.----- Chapter 3 presents an overview of all crashes and casualties identified during the study period. Details are presented in regard to the demographics and road user types of casualties; the locations, times, types, and circumstances of crashes; along with the contributing circumstances of crashes.----- Chapter 4 presents the results of summary statistics for all casualties for which an interview was able to be conducted. Statistics are presented separately for drivers and riders, passengers, pedestrians and cyclists. Details are also presented separately for drivers and riders crashing in off-road and on-road settings. Results from questionnaire data are presented in relation to demographics; the experience of the crash in narrative form; vehicle characteristics and maintenance; trip characteristics (e.g. purpose and length of journey; periods of fatigue and monotony; distractions from driving task); driving history; alcohol and drug use; medical history; driving attitudes, intentions and behaviour; attitudes to enforcement; and experience of road safety advertising.----- Chapter 5 compares the above-listed questionnaire results between on-road crash-involved casualties and interviews conducted in the region with non-crash-involved persons. Direct comparisons as well as age and sex adjusted comparisons are presented.----- Chapter 6 presents information on those casualties who were admitted to one of the study hospitals during the study period. Brief information is given regarding the demographic characteristics of these casualties. Emergency services’ data is used to highlight the characteristics of patient retrieval and transport to and between hospitals. The major injuries resulting from the crashes are presented for each region of the body and analysed by vehicle type, occupant type, seatbelt status, helmet status, alcohol involvement and nature of crash. Estimates are provided of the costs associated with in-hospital treatment and retrieval.----- Chapter 7 describes the characteristics of the fatal casualties and the nature and circumstances of the crashes. Demographics, road user types, licence status, crash type and contributing factors for crashes are presented. Coronial data is provided in regard to contributing circumstances (including alcohol, drugs and medical conditions), cause of death, resulting injuries, and restraint and helmet use.----- Chapter 8 presents the results of a comparison between casualties’ crash descriptions and police-attributed crash circumstances. The relative frequency of contributing circumstances are compared both broadly within the categories of behavioural, environmental, vehicle related, medical and other groupings and specifically for circumstances within these groups.----- Chapter 9 reports on the associated research projects which have been undertaken on specific topics related to rural road safety.----- Finally, Chapter 10 reports on the conclusions and recommendations made from the program of research.---- • Major Recommendations : From the findings of these analyses, a number of major recommendations were made: + Male drivers and riders - Male drivers and riders should continue to be the focus of interventions, given their very high representation among rural and remote road crash fatalities and serious injuries.----- - The group of males aged between 30 and 50 years comprised the largest number of casualties and must also be targeted for change if there is to be a meaningful improvement in rural and remote road safety.----- + Motorcyclists - Single vehicle motorcycle crashes constitute over 80% of serious, on-road rural motorcycle crashes and need particular attention in development of policy and infrastructure.----- - The motorcycle safety consultation process currently being undertaken by Queensland Transport (via the "Motorbike Safety in Queensland - Consultation Paper") is strongly endorsed. As part of this process, particular attention needs to be given to initiatives designed to reduce rural and single vehicle motorcycle crashes.----- - The safety of off-road riders is a serious problem that falls outside the direct responsibility of either Transport or Health departments. Responsibility for this issue needs to be attributed to develop appropriate policy, regulations and countermeasures.----- + Road safety for Indigenous people - Continued resourcing and expansion of The Queensland Aboriginal Peoples and Torres Strait Islander Peoples Driver Licensing Program to meet the needs of remote and Indigenous communities with significantly lower licence ownership levels.----- - Increased attention needs to focus on the contribution of geographic disadvantage (remoteness) factors to remote and Indigenous road trauma.----- + Road environment - Speed is the ‘final common pathway’ in determining the severity of rural and remote crashes and rural speed limits should be reduced to 90km/hr for sealed off-highway roads and 80km/hr for all unsealed roads as recommended in the Austroads review and in line with the current Tasmanian government trial.----- - The Department of Main Roads should monitor rural crash clusters and where appropriate work with local authorities to conduct relevant audits and take mitigating action. - The international experts at the workshop reviewed the data and identified the need to focus particular attention on road design management for dangerous curves. They also indicated the need to maximise the use of audio-tactile linemarking (audible lines) and rumble strips to alert drivers to dangerous conditions and behaviours.----- + Trauma costs - In accordance with Queensland Health priorities, recognition should be given to the substantial financial costs associated with acute management of trauma resulting from serious rural and remote crashes.----- - Efforts should be made to develop a comprehensive, regionally specific costing formula for road trauma that incorporates the pre-hospital, hospital and post-hospital phases of care. This would inform health resource allocation and facilitate the evaluation of interventions.----- - The commitment of funds to the development of preventive strategies to reduce rural and remote crashes should take into account the potential cost savings associated with trauma.----- - A dedicated study of the rehabilitation needs and associated personal and healthcare costs arising from rural and remote road crashes should be undertaken.----- + Emergency services - While the study has demonstrated considerable efficiency in the response and retrieval systems of rural and remote North Queensland, relevant Intelligent Transport Systems technologies (such as vehicle alarm systems) to improve crash notification should be both developed and evaluated.----- + Enforcement - Alcohol and speed enforcement programs should target the period between 2 and 6pm because of the high numbers of crashes in the afternoon period throughout the rural region.----- + Drink driving - Courtesy buses should be advocated and schemes such as the Skipper project promoted as local drink driving countermeasures in line with the very high levels of community support for these measures identified in the hospital study.------ - Programs should be developed to target the high levels of alcohol consumption identified in rural and remote areas and related involvement in crashes.----- - Referrals to drink driving rehabilitation programs should be mandated for recidivist offenders.----- + Data requirements - Rural and remote road crashes should receive the same quality of attention as urban crashes. As such, it is strongly recommended that increased resources be committed to enable dedicated Forensic Crash Units to investigate rural and remote fatal and serious injury crashes.----- - Transport department records of rural and remote crashes should record the crash location using the national ARIA area classifications used by health departments as a means to better identifying rural crashes.----- - Rural and remote crashes tend to be unnoticed except in relatively infrequent rural reviews. They should receive the same level of attention and this could be achieved if fatalities and fatal crashes were coded by the ARIA classification system and included in regular crash reporting.----- - Health, Transport and Police agencies should collect a common, minimal set of data relating to road crashes and injuries, including presentations to small rural and remote health facilities.----- + Media and community education programmes - Interventions seeking to highlight the human contribution to crashes should be prioritised. Driver distraction, alcohol and inappropriate speed for the road conditions are key examples of such behaviours.----- - Promotion of basic safety behaviours such as the use of seatbelts and helmets should be given a renewed focus.----- - Knowledge, attitude and behavioural factors that have been identified for the hospital Brief Intervention Trial should be considered in developing safety campaigns for rural and remote people. For example challenging the myth of the dangerous ‘other’ or ‘non-local’ driver.----- - Special educational initiatives on the issues involved in rural and remote driving should be undertaken. For example the material used by Main Roads, the Australian Defence Force and local initiatives.
Resumo:
There are many studies that reveal the nature of design thinking and the nature of conceptual design as distinct from detailed or embodiment design. The results can assist in our understanding of how the process of design can be supported and how new technologies can be introduced into the workplace. Existing studies provide limited information about the nature of collaborative design as it takes place on the ground and in the actual working context. How to provide appropriate and effective of support for collaborative design information sharing across companies, countries and heterogeneous computer systems is a key issue. As data are passed between designers and the computer systems they employ, many exchanges are made. These exchanges may be used to establish measures of the benefits that new support systems can bring. Collaboration support tools represent a fast growing section of the commercial software market place and a reasonable range of products are available. Many of them offer significant application to design for the support of distributed meetings by the provision of video and audio communications and the sharing of information, including collaborative sketching. The tools that specifically support 3D models and other very design specific features are less common and many of those are in prototype stages of development. A key question is to find viable ways of combining design information visualisation support with the collaboration support technologies that can be seen today. When collaborating, different views will need to be accessible at different times to all the collaborators. The architects may want to explain some ideas on their model, the structural engineers on their model and so on. However, there are issues of ownership when the structural engineer wants to manipulate the architect’s model and vice versa. The modes of working, synchronous or asynchronous may have a bearing as in a synchronous session there is control of what is happening.
Resumo:
Computer systems have become commonplace in most SMEs and technology is increasingly becoming a part of doing business. In recent years, the Internet has become readily available to businesses; consequently there has been growing pressure on SMEs to take up e-commerce. However, e-commerce is perceived by many as being unproven in terms of business benefit. This research aims to determine what, if any, benefits are derived from assimilating e-commerce technologies into SME business processes. This paper presents three in-depth case studies from the Real Estate industry in a regional setting. Overall, findings were positive and identified the following experiences: enhanced business efficiencies, cost benefits, improved customer interactions and increased business return on investment.
Resumo:
This paper proposes a security architecture for the basic cross indexing systems emerging as foundational structures in current health information systems. In these systems unique identifiers are issued to healthcare providers and consumers. In most cases, such numbering schemes are national in scope and must therefore necessarily be used via an indexing system to identify records contained in pre-existing local, regional or national health information systems. Most large scale electronic health record systems envisage that such correlation between national healthcare identifiers and pre-existing identifiers will be performed by some centrally administered cross referencing, or index system. This paper is concerned with the security architecture for such indexing servers and the manner in which they interface with pre-existing health systems (including both workstations and servers). The paper proposes two required structures to achieve the goal of a national scale, and secure exchange of electronic health information, including: (a) the employment of high trust computer systems to perform an indexing function, and (b) the development and deployment of an appropriate high trust interface module, a Healthcare Interface Processor (HIP), to be integrated into the connected workstations or servers of healthcare service providers. This proposed architecture is specifically oriented toward requirements identified in the Connectivity Architecture for Australia’s e-health scheme as outlined by NEHTA and the national e-health strategy released by the Australian Health Ministers.
