Facilities management action agenda : the Australian government and industry working together for improvement

This paper provides an overview of the Australian Government’s Facilities Management (FM) Action Agenda as announced in 2004 as a key policy plank designed to facilitate growth of the FM industry. The resulting consultation with industry leaders has seen the criterion and release in April 2005 of the FM Action Agenda’s strategic plan entitled ‘Managing the Built Environment’. This framework, representing a collaboration between the Australian Government, public and private sector stakeholders and Facility Management Association of Australia (FMA Australia) and other allied bodies, sets out to achieve the vision of a more “…productive and sustainable built environment…” through improved innovation, education and standards. The 36 month implementation phase is now underway and will take a multi-pronged approach to enhancing the recognition of the FM industry and removing impediments to its growth with a 20 point action plan across the following platforms: • Innovation – Improved appreciation of facility life cycles, and greater understanding of the key drivers of workplace productivity, and the improved application of information technology. • Education and Training – Improved access to dedicated FM education and training opportunities and creation clear career pathways into the profession. • Regulatory Reform – Explore opportunities to harmonise cross jurisdictional regulatory compliance requirements that have an efficiency impact on FM. • Sustainability – Improved utilization of existing knowledge and the development of tools and opportunities to improve the environmental performance of facilities. Additional information is available at www.fma.com.au

Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow

Forensic analysis requires the acquisition and management of many different types of evidence, including individual disk drives, RAID sets, network packets, memory images, and extracted files. Often the same evidence is reviewed by several different tools or examiners in different locations. We propose a backwards-compatible redesign of the Advanced Forensic Formatdan open, extensible file format for storing and sharing of evidence, arbitrary case related information and analysis results among different tools. The new specification, termed AFF4, is designed to be simple to implement, built upon the well supported ZIP file format specification. Furthermore, the AFF4 implementation has downward comparability with existing AFF files.

Economic issues in funding and supplying public sector information

In May 2005, a research team began to investigate whether designing and implementing a whole-of-government information licensing framework was possible. This framework was needed to administer copyright in relation to information produced by the government and to deal properly with privately-owned copyright on which government works often rely. The outcome so far is the design of the Government Information Licensing Framework (GILF) and its gradual uptake within a number of Commonwealth and State government agencies. However, licensing is part of a larger issue in managing public sector information (PSI); and it has important parallels with the management of libraries and public archives. Among other things, managing the retention and supply of PSI requires an ability to search and locate information, ability to give public access to the information legally, and an ability to administer charges for supplying information wherever it is required by law. The aim here is to provide a summary overview of pricing principles as they relate to the supply of PSI.

Privacy and security in open and trusted health information systems

The Open and Trusted Health Information Systems (OTHIS) Research Group has formed in response to the health sector’s privacy and security requirements for contemporary Health Information Systems (HIS). Due to recent research developments in trusted computing concepts, it is now both timely and desirable to move electronic HIS towards privacy-aware and security-aware applications. We introduce the OTHIS architecture in this paper. This scheme proposes a feasible and sustainable solution to meeting real-world application security demands using commercial off-the-shelf systems and commodity hardware and software products.

Information for regulating action in sport : metastability and emergence of tactical solutions under ecological constraints

The aims of this chapter are twofold. First, we show how experiments related to nonlinear dynamical systems theory can bring about insights on the interconnectedness of different information sources for action. These include the amount of information as emphasised in conventional models of cognition and action in sport and the nature of perceptual information typically emphasised in the ecological approach. The second aim was to show how, through examining the interconnectedness of these information sources, one can study the emergence of novel tactical solutions in sport; and design experiments where tactical/decisional creativity can be observed. Within this approach it is proposed that perceptual and affective information can be manipulated during practice so that the athlete's cognitive and action systems can be transposed to a meta-stable dynamical performance region where the creation of novel action information may reside.

The strategic and operational dimensions of staff training and professional development for information professionals : what neXus2 has revealed

The paper seeks to continue the debate about the need for professionals in the library and information services (LIS) sector to continually engage in career-long learning to sustain and develop their knowledge and skills in a dynamic industry. Aims: The neXus2 workforce study has been funded by the ALIA and the consortium of National and State Libraries Australasia (NSLA). It builds on earlier research work (the neXus census) that looked at the demographic, educational and career perspectives of individual library and information professions, to critically examine institutional policies and practices associated with the LIS workforce. The research aims to develop a clearer understanding of the issues impacting on workforce sustainability, workforce capability and workforce optimisation. Methods: The research methodology involved an extensive online survey conducted in March 2008 which collected data on organisational and general staffing; recruitment and retention; staff development and continuing professional education; and succession planning. Encouragement to participate was provided by key industry groups, including academic, public, health, law and government library and information agencies, with the result that around 150 institutions completed the questionnaire. Results: The paper will specifically discuss the research findings relating to training and professional development, to measure the scope and distribution of training activities across the workforce, to consider the interrelationship between the strategic and operational dimensions of staff development in individual institutions and to analyse the common and distinctive factors evident in the different sectors of the profession. Conclusion: The neXus2 project has successfully engaged LIS institutions in the collection of complex industry data that is relevant to the future education and workforce strategies for all areas of the profession. Cross-sector forums such as Information Online 2009 offer the opportunity for stimulating professional dialogue on the key issues.

A Proposed Framework for Understanding Information Security Culture and Practices in the Saudi Context

An examination of Information Security (IS) and Information Security Management (ISM) research in Saudi Arabia has shown the need for more rigorous studies focusing on the implementation and adoption processes involved with IS culture and practices. Overall, there is a lack of academic and professional literature about ISM and more specifically IS culture in Saudi Arabia. Therefore, the overall aim of this paper is to identify issues and factors that assist the implementation and the adoption of IS culture and practices within the Saudi environment. The goal of this paper is to identify the important conditions for creating an information security culture in Saudi Arabian organizations. We plan to use this framework to investigate whether security culture has emerged into practices in Saudi Arabian organizations.

Rough set-based reasoning and pattern mining for information filtering

An information filtering (IF) system monitors an incoming document stream to find the documents that match the information needs specified by the user profiles. To learn to use the user profiles effectively is one of the most challenging tasks when developing an IF system. With the document selection criteria better defined based on the users’ needs, filtering large streams of information can be more efficient and effective. To learn the user profiles, term-based approaches have been widely used in the IF community because of their simplicity and directness. Term-based approaches are relatively well established. However, these approaches have problems when dealing with polysemy and synonymy, which often lead to an information overload problem. Recently, pattern-based approaches (or Pattern Taxonomy Models (PTM) [160]) have been proposed for IF by the data mining community. These approaches are better at capturing sematic information and have shown encouraging results for improving the effectiveness of the IF system. On the other hand, pattern discovery from large data streams is not computationally efficient. Also, these approaches had to deal with low frequency pattern issues. The measures used by the data mining technique (for example, “support” and “confidences”) to learn the profile have turned out to be not suitable for filtering. They can lead to a mismatch problem. This thesis uses the rough set-based reasoning (term-based) and pattern mining approach as a unified framework for information filtering to overcome the aforementioned problems. This system consists of two stages - topic filtering and pattern mining stages. The topic filtering stage is intended to minimize information overloading by filtering out the most likely irrelevant information based on the user profiles. A novel user-profiles learning method and a theoretical model of the threshold setting have been developed by using rough set decision theory. The second stage (pattern mining) aims at solving the problem of the information mismatch. This stage is precision-oriented. A new document-ranking function has been derived by exploiting the patterns in the pattern taxonomy. The most likely relevant documents were assigned higher scores by the ranking function. Because there is a relatively small amount of documents left after the first stage, the computational cost is markedly reduced; at the same time, pattern discoveries yield more accurate results. The overall performance of the system was improved significantly. The new two-stage information filtering model has been evaluated by extensive experiments. Tests were based on the well-known IR bench-marking processes, using the latest version of the Reuters dataset, namely, the Reuters Corpus Volume 1 (RCV1). The performance of the new two-stage model was compared with both the term-based and data mining-based IF models. The results demonstrate that the proposed information filtering system outperforms significantly the other IF systems, such as the traditional Rocchio IF model, the state-of-the-art term-based models, including the BM25, Support Vector Machines (SVM), and Pattern Taxonomy Model (PTM).

Modeling and Verification of Privacy Enhancing Protocols

Privacy enhancing protocols (PEPs) are a family of protocols that allow secure exchange and management of sensitive user information. They are important in preserving users’ privacy in today’s open environment. Proof of the correctness of PEPs is necessary before they can be deployed. However, the traditional provable security approach, though well established for verifying cryptographic primitives, is not applicable to PEPs. We apply the formal method of Coloured Petri Nets (CPNs) to construct an executable specification of a representative PEP, namely the Private Information Escrow Bound to Multiple Conditions Protocol (PIEMCP). Formal semantics of the CPN specification allow us to reason about various security properties of PIEMCP using state space analysis techniques. This investigation provides us with preliminary insights for modeling and verification of PEPs in general, demonstrating the benefit of applying the CPN-based formal approach to proving the correctness of PEPs.

Providing youth with skills, training and employment opportunities through ICT Initiatives

Youth population is increasing explosively particularly in developing countries as a result of rapid urbanization. This increase is bringing large number of social and economic problems. For instance the impacts of job and training availability, and the physical, social and cultural quality of urban environment on young people are enormous, and affect their health, lifestyles, and well-being (Gleeson and Sipe 2006). Besides this, globalization and technological developments are affecting youth in urban areas in all parts of the world, both positively and negatively (Robertson 1995). The rapidly advancing information and communications technologies (ICTs) helps in addressing social and economic problems caused by the rapid growth of urban youth populations in developing countries. ICTs offer opportunities to young people for learning, skill development and employment. But there are downsides: young people in many developing countries lack of having broad access to these new technologies, they are vulnerable to global market changes, and ICTs link them into global cultures which promote consumer goods, potentially eroding local cultures and community values (Manacorda and Petrongolo 1999). However we believe that the positives outweigh such negatives. At the beginning of the twenty-first century, the world’s young population number more than they ever have. There are over a billion young people between the ages of 15 and 24, which 85 per cent of them live in developing countries and mainly in urban environments. Many of these young people are in the process of making, or have already made, the transition from school to work. During the last two decades all around the world, these young people, as new workers, have faced a number of challenges associated with globalization and technological advances on labour markets (United Nations 2004). The continuous decrease in the manufacturing employment is made many of the young people facing three options: getting jobs in the informal economy with insecurity and poor wages and working conditions, or getting jobs in the low-tier service industries, or developing their vocational skills to benefit from new opportunities in the professional and advanced technical/knowledge sectors. Moreover in developing countries a large portion of young people are not even lucky enough to choose among any of these options, and consequently facing long-term unemployment, which makes them highly vulnerable. The United Nations’ World Youth Employment report (2004) indicates that in almost all countries, females tend to be far more vulnerable than males in terms of long-term unemployment, and young people who have advanced qualifications are far less likely to experience long-term unemployment than others. In the limited opportunities of the formal labour market, those with limited vocational skills resort to forced entrepreneurship and selfemployment in the informal economy, often working for low pay under hazardous conditions, with only few prospects for the future (United Nations 2005a). The International Labour Organization’s research (2004) revealed that the labour force participation rates for young people decreased by almost four per cent (which is equivalent of 88 million young people) between 1993 and 2003. This is largely as a result of the increased number of young people attending school, high overall unemployment rates, and the fact that some young people gave up any hope of finding work and dropped out of the labour market. At the regional level, youth unemployment was highest in Middle East and North Africa (MENA) (25.6%) and sub-Saharan Africa (21%) and lowest in East Asia (7%) and the industrialized economies(13.4%) (International Labour Organization 2004). The youth in economically disadvantaged regions (e.g. the MENA region) face many challenges in education and training that delivers them the right set of skills and knowledge demanded by the labour market. As a consequence, the transition from school to work is mostly unsuccessful and young population end up either unemployed or underemployed in the informal sectors (United Nations 2005b). Unemployment and lack of economic prospects of the urban youth are pushing many of them into criminal acts, excessive alcohol use, substance addiction, and also in many cases resulting in processes of social or political violence (Fernandez-Maldonado 2004; United Nations 2005a). Long-term unemployment leads young people in a process of marginalisation and social exclusion (United Nations 2004). The sustained high rates of long-term youth unemployment have a number of negative effects on societies. First, it results in countries failing to take advantage of the human resources to increase their productive potential, at a time of transition to a globalized world that inexorably demands such leaps in productive capacity. Second, it reinforces the intergenerational transmission of poverty. Third, owing to the discrepancy between more education and exposure to the mass media and fewer employment opportunities, it may encourage the spread of disruptive behaviours, recourse to illegal alternatives for generating income and the loss of basic societal values, all of which erode public safety and social capital. Fourth, it may trigger violent and intractable political conflicts. And lastly, it may exacerbate intergenerational conflicts when young people perceive a lack of opportunity and meritocracy in a system that favours adults who have less formal education and training but more wealth, power and job stability (Hopenhayn 2002). To assist in addressing youth’s skill training and employment problems this paper scrutinises useful international practices, policies, initiatives and programs targeting youth skill training, particularly in ICTs. The MENA national governments and local authorities could consider implementing similar initiative and strategies to address some of the youth employment issues. The broader aim of this paper is to investigate the successful practice and strategies for the information and communication related income generation opportunities for young people to: promote youth entrepreneurship; promote public-private partnerships; target vulnerable groups of young people; narrow digital divide; and put young people in charge. The rest of this paper is organised in five parts. First, the paper provides an overview of the literature on the knowledge economy, skill, education and training issues. Secondly, it reviews the role of ICTs for vocational skill development and employability. Thirdly, it discusses the issues surrounding the development of the digital divide. Fourthly, the paper underlines types and the importance of developing ICT initiatives targeting young people, and reviews some of the successful policy implementations on ICT-based initiatives from both developed and developing countries that offer opportunities to young people for learning, skill development and employment. Then the paper concludes by providing useful generalised recommendations for the MENA region countries and cities in: advocating possible opportunities for ICT generated employment for young people; and discussing how ICT policies could be modified and adopted to meet young people’s needs.

Multi-factor password-authenticated key exchange

We consider a new form of authenticated key exchange which we call multi-factor password-authenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other's identity without directly disclosing private information to the other party. Multi-factor authentication can provide an enhanced level of assurance in higher-security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised. We introduce a security model for multi-factor password-authenticated key exchange protocols, propose an efficient and secure protocol called MFPAK, and provide a security argument to show that our protocol is secure in this model. Our security model is an extension of the Bellare-Pointcheval-Rogaway security model for password-authenticated key exchange and accommodates an arbitrary number of symmetric and asymmetric authentication factors.

Personalised ontology learning and mining for web information gathering

Over the last decade, the rapid growth and adoption of the World Wide Web has further exacerbated user needs for e±cient mechanisms for information and knowledge location, selection, and retrieval. How to gather useful and meaningful information from the Web becomes challenging to users. The capture of user information needs is key to delivering users' desired information, and user pro¯les can help to capture information needs. However, e®ectively acquiring user pro¯les is di±cult. It is argued that if user background knowledge can be speci¯ed by ontolo- gies, more accurate user pro¯les can be acquired and thus information needs can be captured e®ectively. Web users implicitly possess concept models that are obtained from their experience and education, and use the concept models in information gathering. Prior to this work, much research has attempted to use ontologies to specify user background knowledge and user concept models. However, these works have a drawback in that they cannot move beyond the subsumption of super - and sub-class structure to emphasising the speci¯c se- mantic relations in a single computational model. This has also been a challenge for years in the knowledge engineering community. Thus, using ontologies to represent user concept models and to acquire user pro¯les remains an unsolved problem in personalised Web information gathering and knowledge engineering. In this thesis, an ontology learning and mining model is proposed to acquire user pro¯les for personalised Web information gathering. The proposed compu- tational model emphasises the speci¯c is-a and part-of semantic relations in one computational model. The world knowledge and users' Local Instance Reposito- ries are used to attempt to discover and specify user background knowledge. From a world knowledge base, personalised ontologies are constructed by adopting au- tomatic or semi-automatic techniques to extract user interest concepts, focusing on user information needs. A multidimensional ontology mining method, Speci- ¯city and Exhaustivity, is also introduced in this thesis for analysing the user background knowledge discovered and speci¯ed in user personalised ontologies. The ontology learning and mining model is evaluated by comparing with human- based and state-of-the-art computational models in experiments, using a large, standard data set. The experimental results are promising for evaluation. The proposed ontology learning and mining model in this thesis helps to develop a better understanding of user pro¯le acquisition, thus providing better design of personalised Web information gathering systems. The contributions are increasingly signi¯cant, given both the rapid explosion of Web information in recent years and today's accessibility to the Internet and the full text world.

Freedom of information implications of information sharing networks for critical infrastructure protection

Protection of “critical infrastructure” has become a major issue for govern- ments worldwide. Yet in Australia, as in many other countries, including the United States, an estimated 90% of critical infrastructure is privately owned or operated commercially – in other words, critical infrastructure protection is not the exclusive domain of government. As a result, information sharing between government and the private sector has become a vitally important component of effective risk management. However, establishing effective arrangements of this kind between the public and private sector needs to take account of existing regimes of access and public disclosure which relate to government-held documents; in particular, that which is established by freedom of information (FOI) legislation. This article examines the extent to which the current Commonwealth FOI regime is likely to act as an impediment to the private sector operators of critical infrastructure participat- ing in government-operated information sharing arrangements. By examining developments in other jurisdictions, principally the United States, the article considers whether amendments to the current Australian FOI regime are necessary to ensure effective participation, consistent with the underlying object and purpose of FOI.

Towards authorisation models for secure information sharing : a survey and research agenda

This article presents a survey of authorisation models and considers their ‘fitness-for-purpose’ in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerging business models based on the concept of a ‘virtual organisation’. The article argues that present authorisation models are inflexible and poorly scalable in such dynamic environments due to their assumption that the future needs of the system can be predicted, which in turn justifies the use of persistent authorisation policies. The article outlines the motivation and requirement for a new flexible authorisation model that addresses the needs of information sharing. It proposes that a flexible and scalable authorisation model must allow an explicit specification of the objectives of the system and access decisions must be made based on a late trade-off analysis between these explicit objectives. A research agenda for the proposed Objective-based Access Control concept is presented.