Privacy invasive geo-mashups : privacy 2.0 and the limits of first generation information privacy laws

Online technological advances are pioneering the wider distribution of geospatial information for general mapping purposes. The use of popular web-based applications, such as Google Maps, is ensuring that mapping based applications are becoming commonplace amongst Internet users which has facilitated the rapid growth of geo-mashups. These user generated creations enable Internet users to aggregate and publish information over specific geographical points. This article identifies privacy invasive geo-mashups that involve the unauthorized use of personal information, the inadvertent disclosure of personal information and invasion of privacy issues. Building on Zittrain’s Privacy 2.0, the author contends that first generation information privacy laws, founded on the notions of fair information practices or information privacy principles, may have a limited impact regarding the resolution of privacy problems arising from privacy invasive geo-mashups. Principally because geo-mashups have different patterns of personal information provision, collection, storage and use that reflect fundamental changes in the Web 2.0 environment. The author concludes by recommending embedded technical and social solutions to minimize the risks arising from privacy invasive geo-mashups that could lead to the establishment of guidelines for the general protection of privacy in geo-mashups.

Universally composable contributory group key exchange

We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.

Modeling key compromise impersonation attacks on group key exchange protocols

A key exchange protocol allows a set of parties to agree upon a secret session key over a public network. Two-party key exchange (2PKE) protocols have been rigorously analyzed under various models considering different adversarial actions. However, the analysis of group key exchange (GKE) protocols has not been as extensive as that of 2PKE protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for the case of GKE protocols. We first model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure even against outsider KCI attacks. The attacks on these protocols demonstrate the necessity of considering KCI resilience for GKE protocols. Finally, we give a new proof of security for an existing GKE protocol under the revised model assuming random oracles.

Electronic workplace surveillance and employee privacy : a comparative analysis of privacy protection in Australia and the United States

More than a century ago in their definitive work “The Right to Privacy” Samuel D. Warren and Louis D. Brandeis highlighted the challenges posed to individual privacy by advancing technology. Today’s workplace is characterised by its reliance on computer technology, particularly the use of email and the Internet to perform critical business functions. Increasingly these and other workplace activities are the focus of monitoring by employers. There is little formal regulation of electronic monitoring in Australian or United States workplaces. Without reasonable limits or controls, this has the potential to adversely affect employees’ privacy rights. Australia has a history of legislating to protect privacy rights, whereas the United States has relied on a combination of constitutional guarantees, federal and state statutes, and the common law. This thesis examines a number of existing and proposed statutory and other workplace privacy laws in Australia and the United States. The analysis demonstrates that existing measures fail to adequately regulate monitoring or provide employees with suitable remedies where unjustifiable intrusions occur. The thesis ultimately supports the view that enacting uniform legislation at the national level provides a more effective and comprehensive solution for both employers and employees. Chapter One provides a general introduction and briefly discusses issues relevant to electronic monitoring in the workplace. Chapter Two contains an overview of privacy law as it relates to electronic monitoring in Australian and United States workplaces. In Chapter Three there is an examination of the complaint process and remedies available to a hypothetical employee (Mary) who is concerned about protecting her privacy rights at work. Chapter Four provides an analysis of the major themes emerging from the research, and also discusses the draft national uniform legislation. Chapter Five details the proposed legislation in the form of the Workplace Surveillance and Monitoring Act, and Chapter Six contains the conclusion.

Teenagers' perceptions of advertising in the online social networking environment : an exploratory study

This study explores teenager perceptions towards advertising in the online social networking environment. The future of online social networking sites is dependant upon the continued support of advertisers in this new medium, which is linked to the acceptance of advertising on these sites by their targeted audience. This exploratory study used the qualitative research methods of focus groups and in-depth personal interviews to gain insights from the teenager participants. The literature review in Chapter Two examined the previous research into advertising theories, consumer attitudes and issues such as advertising avoidance, advertising as a service and trust and privacy in the online social networking environment. The teenage consumer was also examined as were the influences of social identity theory. From this literature review eleven propositions were formed which provided a structure to the analysis of the research. Chapter Three outlined the multi-method research approach of using focus groups and in-depth interviews. The key findings were outlined in Chapter Four and Chapter Five provides discussion regarding these findings and the implications for theory and advertising practice. The main findings from this study suggest that teenagers have very high levels of advertising avoidance and are sceptical towards advertising on their online social networking sites. They have an inherent distrust of commercial messages in the online social networking environment; however they are extremely trusting with the information that they disclose online. They believe that if their site is classified as private, then the information disclosed on this site is not accessible to anyone. The study explores the reasons behind these views. This research has resulted in the identification of seven motivations behind online social networking use. A new model of advertising avoidance in the online social networking environment is also presented and discussed. This model makes a contribution towards filling the gap in available research on online social networking sites and advertising perception. The findings of this study have also resulted in the identification of the characteristics of online social networking sites as an advertising medium. The newness of online social networking sites coupled with the enthusiastic adoption of online social networking by the teenage demographic means that this exploratory study will be of interest to both academics and practitioners alike.

The case for quantum key distribution

Quantum key distribution (QKD) promises secure key agreement by using quantum mechanical systems. We argue that QKD will be an important part of future cryptographic infrastructures. It can provide long-term confidentiality for encrypted information without reliance on computational assumptions. Although QKD still requires authentication to prevent man-in-the-middle attacks, it can make use of either information-theoretically secure symmetric key authentication or computationally secure public key authentication: even when using public key authentication, we argue that QKD still offers stronger security than classical key agreement.

Learning to reflect in the first year of legal education : the key to surviving legal education and legal practice

Lawyers and law students suffer significant rates of depression and substance abuse. This paper suggests that Law Schools have an obligation to assist students to develop the emotional intelligence necessary in order to cope with the stressful nature of legal practice. We draw on Schön’s discussion of the indeterminate zone of professional practice to suggest that reflective practice is the means by which students can become sufficiently emotionally intelligent to become balanced and happy lawyers. We suggest that incorporating reflective practice in intentional curriculum design in the first year of law is an effective first step in assisting students to develop the emotional intelligence necessary to survive the study and practice of law.

Harmonising procurement policy environment - identifying key themes towards the development of a conceptual model

Capital works procurement and its regulatory policy environment within a country can be complex entities. For example, by virtue of Australia’s governmental division between the Commonwealth, states and local jurisdictions and the associated procurement networks and responsibilities at each level, the tendering process is often convoluted. There are four inter-related key themes identified in the literature in relation to procurement disharmony, including decentralisation, risk & risk mitigation, free trade & competition, and tendering costs. This paper defines and discusses these key areas of conflict that adversely impact upon the business environments of industry through a literature review, policy analysis and consultation with capital works procurement stakeholders. The aim of this national study is to identify policy differences between jurisdictions in Australia, and ascertain whether those differences are a barrier to productivity and innovation. This research forms an element of a broader investigation with an aim of developing efficient, effective and nationally harmonised procurement systems. Keywords: capital works, procurement policy reform Acknowledgement: The research described in this paper carried out by the Australian Cooperative Research Centre for Construction Innovation.

What will the next buyer pay? the key to investing in property

Most investors look at the initial return (or yield) that they will receive from an investment property, but this is only part of the picture. The more important issue is what capital appreciation will be achieved. Unless an investment property will deliver substantial capital appreciation, it is unlikely to be a good investment in financial terms.

Strongly Secure Certificateless Key Agreement

We introduce a formal model for certificateless authenticated key exchange (CL-AKE) protocols. Contrary to what might be expected, we show that the natural combination of an ID-based AKE protocol with a public key based AKE protocol cannot provide strong security. We provide the first one-round CL-AKE scheme proven secure in the random oracle model. We introduce two variants of the Diffie-Hellman trapdoor the introduced by \cite{DBLP:conf/eurocrypt/CashKS08}. The proposed key agreement scheme is secure as long as each party has at least one uncompromised secret. Thus, our scheme is secure even if the key generation centre learns the ephemeral secrets of both parties.

Identification of key environmental issues for building materials

Manufacture, construction and use of buildings and building materials make a significant environmental impact internally (inside the building), locally (neighbourhood) and globally. Life cycle assessment (LCA) methodology is being applied for evaluating the environmental impact of building/or building materials. One of the major applications of LCA is to identify key issues of a product system from cradle to grave. Key issues identified in an LCA lead one to the right direction in assessing the environmental aspects of a product system and help to identify the areas for improvement of the environmental performance of a product as well. The purpose of this paper is to suggest two methods for identifying key issues using an integrated tool (LCADesign), which has been developed to provide a method of determining the best alternative for reducing environmental impacts from a building or building materials, and compare both methods in the case study. This paper assists the designers or marketers related to building or building materials in their decision making by giving information on activities or alternatives which are identified as key issues for environmental impacts.

Improved cryptanalysis of the Common Scrambling Algorithm Stream Cipher

This paper provides a fresh analysis of the widely-used Common Scrambling Algorithm Stream Cipher (CSA-SC). Firstly, a new representation of CSA-SC with a state size of only 89 bits is given, a significant reduction from the 103 bit state of a previous CSA-SC representation. Analysis of this 89-bit representation demonstrates that the basis of a previous guess-and-determine attack is flawed. Correcting this flaw increases the complexity of that attack so that it is worse than exhaustive key search. Although that attack is not feasible, the reduced state size of our representation makes it obvious that CSA-SC is vulnerable to several generic attacks, for which feasible parameters are given.

A forward and backward secure key management in wireless sensor networks for PCS/SCADA

Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.

Response efficacy : the key to minimizing rejection and maximizing acceptance of emotion-based anti-speeding messages

This study sought to improve understanding of the persuasive process of emotion-based appeals not only in relation to negative, fear-based appeals but also for appeals based upon positive emotions. In particular, the study investigated whether response efficacy, as a cognitive construct, mediated outcome measures of message effectiveness in terms of both acceptance and rejection of negative and positive emotion-based messages. Licensed drivers (N = 406) participated via the completion of an on-line survey. Within the survey, participants received either a negative (fear-based) appeal or one of the two possible positive appeals (pride or humor-based). Overall, the study's findings confirmed the importance of emotional and cognitive components of persuasive health messages and identified response efficacy as a key cognitive construct influencing the effectiveness of not only fear-based messages but also positive emotion-based messages. Interestingly, however, the results suggested that response efficacy's influence on message effectiveness may differ for positive and negative emotion-based appeals such that significant indirect (and mediational) effects were found with both acceptance and rejection of the positive appeals yet only with rejection of the fear-based appeal. As such, the study's findings provide an important extension to extant literature and may inform future advertising message design.