Reversible and blind database watermarking using difference expansion

There has been significant research in the field of database watermarking recently. However, there has not been sufficient attention given to the requirement of providing reversibility (the ability to revert back to original relation from watermarked relation) and blindness (not needing the original relation for detection purpose) at the same time. This model has several disadvantages over reversible and blind watermarking (requiring only the watermarked relation and secret key from which the watermark is detected and the original relation is restored) including the inability to identify the rightful owner in case of successful secondary watermarking, the inability to revert the relation to the original data set (required in high precision industries) and the requirement to store the unmarked relation at a secure secondary storage. To overcome these problems, we propose a watermarking scheme that is reversible as well as blind. We utilize difference expansion on integers to achieve reversibility. The major advantages provided by our scheme are reversibility to a high quality original data set, rightful owner identification, resistance against secondary watermarking attacks, and no need to store the original database at a secure secondary storage. We have implemented our scheme and results show the success rate is limited to 11% even when 48% tuples are modified.

Framework of whole life cycle costing for Malaysian high rise residential property development

This project was an initial stage in formulating and management of the optimum budget allocation during the operational, maintenance and rehabilitation phases in high rise residential property development in Malaysia. The principal objective of this project is to develop a framework of Whole Life Cycle Costing for high rise residential property development that will enhance the quality and cost effectiveness of this building type in Malaysia. The researcher investigated 13 building components from 6 high rise residential property developments in Johor, Malaysia to determine the affect and economic impact of component initial cost and quality by applying them to a Whole Life Cycle Cost model approach. The results provide valuable data in respect to the overall cost of specific components over the whole life of a large high rise building. In addition, Dr. Mat Noor also determined the impact and satisfaction of quality of building components through WLCC.

Cyber security of networked critical infrastructures [Guest Editorial]

A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.

Cultural drivers of high performing knowledge-intensive service organisations

Organisational culture is considered an important influence on performance, particularly for service firms that rely on values-driven social controls to enhance human interactions (O’Reilly & Chatman, 1996). Using a qualitative approach, we show how the modified Organisational Culture Profile developed by Sarros, Gray, Densten, and Cooper (2005) to assess Australian organisations provides a framework for exploring the cultural drivers of high performing knowledge-intensive service firms in New Zealand. Our study provides rich insights into how six key cultural dimensions–competitiveness, innovation, performance orientation, emphasis on rewards, supportiveness and social responsibility–are translated into strategic human resource management practices.

Does counting still count? Revisiting the security of counting based user authentication protocols against statistical attacks

At NDSS 2012, Yan et al. analyzed the security of several challenge-response type user authentication protocols against passive observers, and proposed a generic counting based statistical attack to recover the secret of some counting based protocols given a number of observed authentication sessions. Roughly speaking, the attack is based on the fact that secret (pass) objects appear in challenges with a different probability from non-secret (decoy) objects when the responses are taken into account. Although they mentioned that a protocol susceptible to this attack should minimize this difference, they did not give details as to how this can be achieved barring a few suggestions. In this paper, we attempt to fill this gap by generalizing the attack with a much more comprehensive theoretical analysis. Our treatment is more quantitative which enables us to describe a method to theoretically estimate a lower bound on the number of sessions a protocol can be safely used against the attack. Our results include 1) two proposed fixes to make counting protocols practically safe against the attack at the cost of usability, 2) the observation that the attack can be used on non-counting based protocols too as long as challenge generation is contrived, 3) and two main design principles for user authentication protocols which can be considered as extensions of the principles from Yan et al. This detailed theoretical treatment can be used as a guideline during the design of counting based protocols to determine their susceptibility to this attack. The Foxtail protocol, one of the protocols analyzed by Yan et al., is used as a representative to illustrate our theoretical and experimental results.

Security evaluation of Rakaposhi Stream Cipher

Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs. Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87. If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 2 54.

Active security in multiparty computation over black-box groups

Most previous work on unconditionally secure multiparty computation has focused on computing over a finite field (or ring). Multiparty computation over other algebraic structures has not received much attention, but is an interesting topic whose study may provide new and improved tools for certain applications. At CRYPTO 2007, Desmedt et al introduced a construction for a passive-secure multiparty multiplication protocol for black-box groups, reducing it to a certain graph coloring problem, leaving as an open problem to achieve security against active attacks. We present the first n-party protocol for unconditionally secure multiparty computation over a black-box group which is secure under an active attack model, tolerating any adversary structure Δ satisfying the Q 3 property (in which no union of three subsets from Δ covers the whole player set), which is known to be necessary for achieving security in the active setting. Our protocol uses Maurer’s Verifiable Secret Sharing (VSS) but preserves the essential simplicity of the graph-based approach of Desmedt et al, which avoids each shareholder having to rerun the full VSS protocol after each local computation. A corollary of our result is a new active-secure protocol for general multiparty computation of an arbitrary Boolean circuit.

NTRUCCA : how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model

NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.

High penetration of rooftop photovoltaic cells in low voltage distribution networks : voltage imbalance and improvement

Installation of domestic rooftop photovoltaic cells (PVs) is increasing due to feed–in tariff and motivation driven by environmental concerns. Even though the increase in the PV installation is gradual, their locations and ratings are often random. Therefore, such single–phase bi–directional power flow caused by the residential customers can have adverse effect on the voltage imbalance of a three–phase distribution network. In this chapter, a voltage imbalance sensitivity analysis and stochastic evaluation are carried out based on the ratings and locations of single–phase grid–connected rooftop PVs in a residential low voltage distribution network. The stochastic evaluation, based on Monte Carlo method, predicts a failure index of non–standard voltage imbalance in the network in presence of PVs. Later, the application of series and parallel custom power devices are investigated to improve voltage imbalance problem in these feeders. In this regard, first, the effectiveness of these two custom power devices is demonstrated vis–à–vis the voltage imbalance reduction in feeders containing rooftop PVs. Their effectiveness is investigated from the installation location and rating points of view. Later, a Monte Carlo based stochastic analysis is utilized to investigate their efficacy for different uncertainties of load and PV rating and location in the network. This is followed by demonstrating the dynamic feasibility and stability issues of applying these devices in the network.

Everything you do : young adult fiction and surveillance in an age of security

Espionage, surveillance and clandestine operations by secret agencies and governments were something of an East–West obsession in the second half of the twentieth century, a fact reflected in literature and film. In the twenty-first century, concerns of the Cold War and the threat of Communism have been rearticulated in the wake of 9/11. Under the rubric of ‘terror’ attacks, the discourses of security and surveillance are now framed within an increasingly global context. As this article illustrates, surveillance fiction written for young people engages with the cultural and political tropes that reflect a new social order that is different from the Cold War era, with its emphasis on spies, counter espionage, brainwashing and psychological warfare. While these tropes are still evident in much recent literature, advances in technology have transformed the means of tracking, profiling and accumulating data on individuals’ daily activities. Little Brother, The Hunger Games and Article 5 reflect the complex relationship between the real and the imaginary in the world of surveillance and, as this paper discusses, raise moral and ethical issues that are important questions for young people in our age of security.

Evidence of effectiveness : high level synthesis of research to prevent obesity and increase physical activity in children

Background Prevention of childhood obesity is a public health priority for Malaysia and many other countries. Physical activity for children is also decreasing at an alarming rate. Both conditions are associated with non-communicable diseases and with significant morbidity and mortality in later life. Systematic reviews of public health interventions provide a useful summary to inform public health practice by combining the results of a range of research studies on a specific intervention into a single report. Systematic reviews are deemed most valuable for health program development and evidence based practice. Unfortunately, many policy makers and practitioners are simply unaware of the evidence: which strategies which are most likely to provide benefit; and which strategies are known to be harmful or useless. This presentation provides a “birds eye” overview based upon recent (since 2007 to present) high quality systematic reviews of public health interventions. Method HealthEvidece.org and the Cochrane Library were searched for systematic reviews which evaluated interventions targeting obesity prevention and increasing physical activity for children. The findings of the included reviews were themed and summarized. Results Seven reviews were identified addressing obesity in the early years, and fifteen reviews addressing obesity more broadly in childhood. Additional reviews were identified aimed at increasing physical activity. The synthesis shows several strategies to be effective, however many popular strategies clearly are not. Several of the reviews were inconclusive due to an absence of robust primary studies. Amongst the findings, interventions undertaken in the school setting appear very promising. Conclusions There is significant evidence from systematic reviews to guide public health practice and policy, and to inform future research.

An evaluation of the culture performance of two Macrobrachium species in Vanuatu: the exotic M. rosenbergii and the indigenous M. lar

Fisheries and aquaculture are important for food security, income generation and are critical to long term sustainability of many countries. Freshwater prawns have been harvested in the streams and creeks in Vanuatu, however due to over-exploitation catches have declined in recent years. To satisfy high demand for this product, Vanuatu government intends to establish economically viable small-scale aquaculture industries. The current project showed that wild Macrobrachium lar in Vanuatu constitute a single population for management purposes and that M. rosenbergii grows much faster than M. lar in simple pond grow-out systems, hence is a better species for culture in Vanuatu.

Ghrelin receptor (GHS-R1A) antagonism suppresses both operant alcohol self-administration and high alcohol consumption in rats

The mechanisms involved in alcohol use disorders are complex. It has been shown that ghrelin is an important signal for the control of body weight homeostasis, preferably by interacting with hypothalamic circuits, as well as for drug reward by activating the mesolimbic dopamine system. The ghrelin receptor (GHS-R1A) has been shown to be required for alcohol-induced reward. Additionally, ghrelin increases and GHR-R1A antagonists reduce moderate alcohol consumption in mice, and a single nucleotide polymorphism in the GHS-R1A gene has been associated with high alcohol consumption in humans. However, the role of central ghrelin signaling in high alcohol consumption is not known. Therefore, the role of GHS-R1A in operant self-administration of alcohol in rats as well as for high alcohol consumption in Long-Evans rats and in alcohol preferring [Alko alcohol (AA)] rats was studied here. In the present study, the GHS-R1A antagonist, JMV2959, was found to reduce the operant self-administration of alcohol in rats and to decrease high alcohol intake in Long-Evans rats as well as in AA rats. These results suggest that the ghrelin receptor signaling system, specifically GHS-R1A, is required for operant self-administration of alcohol and for high alcohol intake in rats. Therefore, the GHS-R1A may be a therapeutic target for treatment of addictive behaviors, such as alcohol dependence.

Security analysis of Australian and E.U. e-passport implementation

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)

On the (in)security of IDEA in various hashing modes

In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.