Employment Relations in Australia, 2nd Edition

The relationship between employers and employees has been one of the most hotly debated issues in Australia in recent times. Recent legislation such as the Workplace Relations Amendment (Work Choices) Act 2005 and the subsequent Fair Work Act 2009 provides stark evidence of this. The impact of these significant developments is explored and analysed in detail in the new edition of this popular text, complete with a balanced coverage of the often contrasting viewpoints of all stakeholders - from governments, unions and employer associations, through to individual employers and employees. The text outlines different approaches to understanding the nature of the employment relationship, with a contextual background as to how this relationship has changed and developed throughout our nation's history.

A model for computer profiling

This paper discusses the use of models in automatic computer forensic analysis, and proposes and elaborates on a novel model for use in computer profiling, the computer profiling object model. The computer profiling object model is an information model which models a computer as objects with various attributes and inter-relationships. These together provide the information necessary for a human investigator or an automated reasoning engine to make judgements as to the probable usage and evidentiary value of a computer system. The computer profiling object model can be implemented so as to support automated analysis to provide an investigator with the information needed to decide whether manual analysis is required.

Transaction mining for fraud detection in ERP Systems

Despite all attempts to prevent fraud, it continues to be a major threat to industry and government. Traditionally, organizations have focused on fraud prevention rather than detection, to combat fraud. In this paper we present a role mining inspired approach to represent user behaviour in Enterprise Resource Planning (ERP) systems, primarily aimed at detecting opportunities to commit fraud or potentially suspicious activities. We have adapted an approach which uses set theory to create transaction profiles based on analysis of user activity records. Based on these transaction profiles, we propose a set of (1) anomaly types to detect potentially suspicious user behaviour, and (2) scenarios to identify inadequate segregation of duties in an ERP environment. In addition, we present two algorithms to construct a directed acyclic graph to represent relationships between transaction profiles. Experiments were conducted using a real dataset obtained from a teaching environment and a demonstration dataset, both using SAP R/3, presently the predominant ERP system. The results of this empirical research demonstrate the effectiveness of the proposed approach.

Fraud detection in ERP systems using scenario matching

ERP systems generally implement controls to prevent certain common kinds of fraud. In addition however, there is an imperative need for detection of more sophisticated patterns of fraudulent activity as evidenced by the legal requirement for company audits and the common incidence of fraud. This paper describes the design and implementation of a framework for detecting patterns of fraudulent activity in ERP systems. We include the description of six fraud scenarios and the process of specifying and detecting the occurrence of those scenarios in ERP user log data using the prototype software which we have developed. The test results for detecting these scenarios in log data have been verified and confirm the success of our approach which can be generalized to ERP systems in general.

A national evaluation of the Australian Occupational Therapy Competency Standards (1994): a multistakeholder perspective

This paper summarises results from an evaluation of the adequacy and utility of the Australian Competency Standards for Entry-Level Occupational Therapists © (OT AUSTRALIA, 1994a). It comprised a two-part study, incorporating an online survey of key national stakeholders (n = 26), and 13 focus groups (n = 152) conducted throughout Australia with occupational therapy clinicians, academics, OT AUSTRALIA association and Occupational Therapy Registration Board representatives, as well as university program accreditors. The key recommendations were that: (i) urgent revision to reflect contemporary practice, paradigms, approaches and frameworks is required; (ii) the standards should exemplify basic competence at graduation (not within two years following); (iii) a revision cycle of five years is required; (iv) the Australian Qualifications Framework should be retained, preceded by an introduction describing the scope and nature of occupational therapy practice in the national context; (v) access to the standards should be free and unrestricted to occupational therapists, students and the public via the OT AUSTRALIA (national) website; (vi) the standards should incorporate a succinct executive summary and additional tools or templates formatted to enable occupational therapists to develop professional portfolios and create working documents specific to their workplace; and (vii) language must accommodate contextual variation while striking an appropriate balance between providing instruction and encouraging innovation in practice.

Specifying and enforcing a fine-grained information flow policy : model and experiments

In this paper we present a model for defining and enforcing a fine-grained information flow policy. We describe how the policy can be enforced on a typical computer and present experiments using the proposed model. A key feature of the model is that it allows the expression of rules which detail precisely which information elements are allowed to mix together. For example, the model allows the expression of a policy which forbids a doctor from mixing the personal medical details of the patients. The enforcement mechanisms tracks and records information flows within the system so that dynamic changes to the policy can be made with respect to information elements which may have propagated to different locations in the system.

Dealing with temporal inconsistency in automated computer forensic profiling

Computer profiling is the automated forensic examination of a computer system in order to provide a human investigator with a characterisation of the activities that have taken place on that system. As part of this process, the logical components of the computer system – components such as users, files and applications - are enumerated and the relationships between them discovered and reported. This information is enriched with traces of historical activity drawn from system logs and from evidence of events found in the computer file system. A potential problem with the use of such information is that some of it may be inconsistent and contradictory thus compromising its value. This work examines the impact of temporal inconsistency in such information and discusses two types of temporal inconsistency that may arise – inconsistency arising out of the normal errant behaviour of a computer system, and inconsistency arising out of deliberate tampering by a suspect – and techniques for dealing with inconsistencies of the latter kind. We examine the impact of deliberate tampering through experiments conducted with prototype computer profiling software. Based on the results of these experiments, we discuss techniques which can be employed in computer profiling to deal with such temporal inconsistencies.

Overcoming reputation and proof-of-work systems in botnets

Reputation and proof-of-work systems have been outlined as methods bot masters will soon use to defend their peer-to-peer botnets. These techniques are designed to prevent sybil attacks, such as those that led to the downfall of the Storm botnet. To evaluate the effectiveness of these techniques, a botnet that employed these techniques was simulated, and the amount of resources required to stage a successful sybil attack against it measured. While the proof-of-work system was found to increase the resources required for a successful sybil attack, the reputation system was found to lower the amount of resources required to disable the botnet.

Validating denial of service vulnerabilities in web services

The loosely-coupled and dynamic nature of web services architectures has many benefits, but also leads to an increased vulnerability to denial of service attacks. While many papers have surveyed and described these vulnerabilities, they are often theoretical and lack experimental data to validate them, and assume an obsolete state of web services technologies. This paper describes experiments involving several denial of service vulnerabilities in well-known web services platforms, including Java Metro, Apache Axis, and Microsoft .NET. The results both confirm and deny the presence of some of the most well-known vulnerabilities in web services technologies. Specifically, major web services platforms appear to cope well with attacks that target memory exhaustion. However, attacks targeting CPU-time exhaustion are still effective, regardless of the victim’s platform.

Flood fatalities in contemporary Australia (1997-2008) : disaster medicine

Objective: Flood is the most common natural disaster in Australia and causes more loss of life than any other disaster. This article describes the incidence and causes of deaths directly associated with floods in contemporary Australia. ---------- Methods: The present study compiled a database of flood fatalities in Australia in the period of 1997–2008 inclusive. The data were derived from newspapers and historic accounts, as well as government and scientific reports. Assembled data include the date and location of fatalities, age and gender of victims and the circumstances of the death. ---------- Results: At least 73 persons died as a direct result of floods in Australia in the period of 1997–2008. The largest number of fatalities occurred in New South Wales and Queensland. Most fatalities occurred during February, and among men (71.2%). People between the ages of 10 and 29 and those over 70 years are overrepresented among those drowned. There is no evident decline in the number of deaths over time. 48.5% fatalities related to motor vehicle use. 26.5% fatalities occurred as a result of inappropriate or high-risk behaviour during floods. ---------- Conclusion: In modern developed countries with adequate emergency response systems and extensive resources, deaths that occur in floods are almost all eminently preventable. Over 90% of the deaths are caused by attempts to ford flooded waterways or inappropriate situational conduct. Knowledge of the leading causes of flood fatalities should inform public awareness programmes and public safety police enforcement activities.

Constraints of nutrient availability on primary production in two alpine tundra communities

A nutrient amendment experiment was conducted for two growing seasons in two alpine tundra communities to test the hypotheses that: (1) primary production is limited by nutrient availability, and (2) physiological and developmental constraints act to limit the responses of plants from a nutrient-poor community more than plants from a more nutrient-rich community to increases in nutrient availability. Experimental treatments consisted of N, P, and N+P amendments applied to plots in two physiognomically similar communities, dry and wet meadows. Extractable N and P from soils in nonfertilized control plots indicated that the wet meadow had higher N and P availability. Photosynthetic, nutrient uptake, and growth responses of the dominants in the two communities showed little difference in the relative capacity of these plants to respond to the nutrient additions. Aboveground production responses of the communities to the treatments indicated N availability was limiting to production in the dry meadow community while N and P availability colimited production in the wet meadow community. There was a greater production response to the N and N+P amendments in the dry meadow relative to the wet meadow, despite equivalent functional responses of the dominant species of both communities. The greater production response in the dry meadow was in part related to changes in community structure, with an increase in the proportion of graminoid and forb biomass, and a decrease in the proportion of community biomass made up by the dominant sedge Kobresia myosuroides. Species richness increased significantly in response to the N+P treatment in the dry meadow. Graminoid biomass increased significantly in the wet meadow N and N+P plots, while forb biomass decreased significantly, suggesting a competitive interaction for light. Thus, the difference in community response to nutrient amendments was not the result of functional changes at the leaf level of the dominant species, but rather was related to changes in community structure in the dry meadow, and to a shift from a nutrient to a light limitation of production in the wet meadow.

A framework for improved adolescent and child safety in MMOs

This paper presents an approach to providing better safety for adolescents playing online games. We highlight an emerging paedophile presence in online games and offer a general framework for the design of monitoring and alerting tools. Our method is to monitor and detect relationships forming with a child in online games, and alert if the relationship indicates an offline meeting with the child has been arranged or has the potential to occur. A prototype implementation with demonstrative components of the framework has been created and is introduced. The prototype demonstration and evaluation uses a teen rated online relationship-building environment for its case study, specifically the predominant Massive Multiplayer Online Game (MMO) World of Warcraft.

A distributed denial of service testbed

The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ‘Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different DDoS mitigation strategies and to allow for the testing of defense appliances. Experiments are saved and edited in XML as abstract descriptions of an attack/defense strategy that is only mapped to real resources at run-time. It also provides a web-application portal interface that can start, stop and monitor an attack remotely. Rather than monitoring a service under attack indirectly, by observing traffic and general system parameters, monitoring of the target application is performed directly in real time via a customised SNMP agent.

Collaborative research to develop a specialist, post-graduate competency-based education curriculum and continuing professional development structure for health librarians in Australia

Through a grant received from the Australian Library and Information Association (ALIA), members of Health Libraries Australia (HLA) are collaborating with a researcher/educator to conduct a twelve month research project with the goal of developing an educational framework for the Australian health librarianship workforce of the future. The collaboration comprises the principal researcher and a representative group of practitioners from different sectors of the health industry who are affiliated with ALIA in various committees, advisory groups and roles. The research has two main aims: to determine the future skills requirements for the health librarian workforce in Australia; and to develop a structured, modular education framework for specialist post-graduate qualifications together with a structure for ongoing continuing professional development. The paper highlights some of the major trends in the health sector and some of the main environmental influences that may act as drivers for change for health librarianship as a profession, and particularly for educating the future workforce. The research methodology is outlined and the main results are described; the findings are discussed with regard to their implications for the development of a structured, competency-based education framework.