The security and privacy of usage policies and provenance logs in an Information Accountability Framework

The potential benefits of shared eHealth records systems are promising for the future of improved healthcare. However, the uptake of such systems is hindered by concerns over the security and privacy of patient information. The use of Information Accountability and so called Accountable-eHealth (AeH) systems has been proposed to balance the privacy concerns of patients with the information needs of healthcare professionals. However, a number of challenges remain before AeH systems can become a reality. Among these is the need to protect the information stored in the usage policies and provenance logs used by AeH systems to define appropriate use of information and hold users accountable for their actions. In this paper, we discuss the privacy and security issues surrounding these accountability mechanisms, define valid access to the information they contain, discuss solutions to protect them, and verify and model an implementation of the access requirements as part of an Information Accountability Framework.

Strategic supply chain management factors influencing agribusiness innovation utilization

Purpose – The purpose of this paper is to examine empirically, an industry development paradox, using embryonic literature in the area of strategic supply chain management, together with innovation management literature. This study seeks to understand how, forming strategic supply chain relationships, and developing strategic supply chain capability, influences beneficial supply chain outcomes expected from utilizing industry-led innovation, in the form of electronic business solutions using the internet, in the Australian beef industry. Findings should add valuable insights to both academics and practitioners in the fields of supply chain innovation management and strategic supply chain management, and expand knowledge to current literature. Design/methodology/approach – This is a quantitative study comparing innovative and non-innovative supply chain operatives in the Australian beef industry, through factor analysis and structural equation modeling using PAWS Statistical V18 and AMOS V18 to analyze survey data from 412 respondents from the Australian beef supply chain. Findings – Key findings are that both innovative and non-innovative supply chain operators attribute supply chain synchronization as only a minor indicator of strategic supply chain capability, contrary to the literature; and they also indicate strategic supply chain capability has a minor influence in achieving beneficial outcomes from utilizing industry-led innovation. These results suggest a lack of coordination between supply chain operatives in the industry. They also suggest a lack of understanding of the benefits of developing a strategic supply chain management competence, particularly in relation to innovation agendas, and provides valuable insights as to why an industry paradox exists in terms of the level of investment in industry-led innovation, vs the level of corresponding benefit achieved. Research limitations/implications – Results are not generalized due to the single agribusiness industry studied and the single research method employed. However, this provides opportunity for further agribusiness studies in this area and also studies using alternate methods, such as qualitative, in-depth analysis of these factors and their relationships, which may confirm results or produce different results. Further, this study empirically extends existing theoretical contributions and insights into the roles of strategic supply chain management and innovation management in improving supply chain and ultimately industry performance while providing practical insights to supply chain practitioners in this and other similar agribusiness industries. Practical implications – These findings confirm results from a 2007 research (Ketchen et al., 2007) which suggests supply chain practice and teachings need to take a strategic direction in the twenty-first century. To date, competence in supply chain management has built up from functional and process orientations rather than from a strategic perspective. This study confirms that there is a need for more generalists that can integrate with various disciplines, particularly those who can understand and implement strategic supply chain management. Social implications – Possible social implications accrue through the development of responsible government policy in terms of industry supply chains. Strategic supply chain management and supply chain innovation management have impacts to the social fabric of nations through the sustainability of their industries, especially agribusiness industries which deal with food safety and security. If supply chains are now the competitive weapon of nations then funding innovation and managing their supply chain competitiveness in global markets requires a strategic approach from everyone, not just the industry participants. Originality/value – This is original empirical research, seeking to add value to embryonic and important developing literature concerned with adopting a strategic approach to supply chain management. It also seeks to add to existing literature in the area of innovation management, particularly through greater understanding of the implications of nations developing industry-wide, industry-led innovation agendas, and their ramifications to industry supply chains.

Government grants - an abrogation or management of risks?

New public management (NPFM), with its hands-on, private sector-style performance measurement, output control, parsimonious use of resources, disaggreation of public sector units and greater competition in the public sector, has significantly affected charitable and nonprofit organisations delivering community services (Hood, 1991; Dunleavy, 1994; George & Wilding, 2002). The literature indicates that nonprofit organisations under NPM believe they are doing more for less: while administration is increasing, core costs are not being met; their dependence on government funding comes at the expense of other funding strategies; and there are concerns about proportionality and power asymmetries in the relationship (Kerr & Savelsberg, 2001; Powell & Dalton, 2011; Smith, 2002, p. 175; Morris, 1999, 2000a). Government agencies are under increased pressure to do more with less, demonstrate value for money, measure social outcomes, not merely outputs and minimise political risk (Grant, 2008; McGreogor-Lowndes, 2008). Government-community service organisation relationships are often viewed as 'uneasy alliances' characterised by the pressures that come with the parties' differing roles and expectations and the pressures that come with the parties' differing roles and expectations and the pressurs of funding and security (Productivity Commission, 2010, p. 308; McGregor-Lowndes, 2008, p. 45; Morris, 200a). Significant community services are now delivered to citizens through such relationships, often to the most disadvantaged in the community, and it is important for this to be achieved with equity, efficiently and effectively. On one level, the welfare state was seen as a 'risk management system' for the poor, with the state mitigating the risks of sickness, job loss and old age (Giddens, 1999) with the subsequent neoliberalist outlook shifting this risk back to households (Hacker, 2006). At the core of this risk shift are written contracts. Vincent-Jones (1999,2006) has mapped how NPM is characterised by the use of written contracts for all manner of relations; e.g., relgulation of dealings between government agencies, between individual citizens and the state, and the creation of quais-markets of service providers and infrastructure partners. We take this lens of contracts to examine where risk falls in relation to the outsourcing of community services. First we examine the concept of risk. We consider how risk might be managed and apportioned between governments and community serivce organisations (CSOs) in grant agreements, which are quasiy-market transactions at best. This is informed by insights from the law and economics literature. Then, standard grant agreements covering several years in two jurisdictions - Australia and the United Kingdom - are analysed, to establish the risk allocation between government and CSOs. This is placed in the context of the reform agenda in both jurisdictions. In Australia this context is th enonprofit reforms built around the creation of a national charities regulator, and red tape reduction. In the United Kingdom, the backdrop is the THird Way agenda with its compacts, succeed by Big Society in a climate of austerity. These 'case studies' inform a discussion about who is best placed to bear and manage the risks of community service provision on behalf of government. We conclude by identifying the lessons to be learned from our analysis and possible pathways for further scholarship.

Improved Security Analysis of Fugue-256 (Poster)

We present some improved analytical results as part of the ongoing work on the analysis of Fugue-256 hash function, a second round candidate in the NIST’s SHA3 competition. First we improve Aumasson and Phans’ integral distinguisher on the 5.5 rounds of the final transformation of Fugue-256 to 16.5 rounds. Next we improve the designers’ meet-in-the-middle preimage attack on Fugue-256 from 2480 time and memory to 2416. Finally, we comment on possible methods to obtain free-start distinguishers and free-start collisions for Fugue-256.

Information Security and Privacy : Proceedings of the 9th Australasian Conference, ACISP 2004, Sydney, Australia, July 13-15, 2004.

Preface The 9th Australasian Conference on Information Security and Privacy (ACISP 2004) was held in Sydney, 13–15 July, 2004. The conference was sponsored by the Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Information and Networked Security Systems Research (INSS), Macquarie University and the Australian Computer Society. The aims of the conference are to bring together researchers and practitioners working in areas of information security and privacy from universities, industry and government sectors. The conference program covered a range of aspects including cryptography, cryptanalysis, systems and network security. The program committee accepted 41 papers from 195 submissions. The reviewing process took six weeks and each paper was carefully evaluated by at least three members of the program committee. We appreciate the hard work of the members of the program committee and external referees who gave many hours of their valuable time. Of the accepted papers, there were nine from Korea, six from Australia, five each from Japan and the USA, three each from China and Singapore, two each from Canada and Switzerland, and one each from Belgium, France, Germany, Taiwan, The Netherlands and the UK. All the authors, whether or not their papers were accepted, made valued contributions to the conference. In addition to the contributed papers, Dr Arjen Lenstra gave an invited talk, entitled Likely and Unlikely Progress in Factoring. This year the program committee introduced the Best Student Paper Award. The winner of the prize for the Best Student Paper was Yan-Cheng Chang from Harvard University for his paper Single Database Private Information Retrieval with Logarithmic Communication. We would like to thank all the people involved in organizing this conference. In particular we would like to thank members of the organizing committee for their time and efforts, Andrina Brennan, Vijayakrishnan Pasupathinathan, Hartono Kurnio, Cecily Lenton, and members from ACAC and INSS.

2nd International Workshop on Secure and Privacy-Aware Information Management in eHealth

Information security and privacy in the healthcare domain is a complex and challenging problem for computer scientists, social scientists, law experts and policy makers. Appropriate healthcare provision requires specialized knowledge, is information intensive and much patient information is of a particularly sensitive nature. Electronic health record systems provide opportunities for information sharing which may enhance healthcare services, for both individuals and populations. However, appropriate information management measures are essential for privacy preservation...

On food security and alternative food networks: Understanding and performing food security in the context of urban bias

This paper offers one explanation for the institutional basis of food insecurity in Australia, and argues that while alternative food networks and the food sovereignty movement perform a valuable function in building forms of social solidarity between urban consumers and rural producers, they currently make only a minor contribution to Australia’s food and nutrition security. The paper begins by identifying two key drivers of food security: household incomes (on the demand side) and nutrition-sensitive, ‘fair food’ agriculture (on the supply side). We focus on this second driver and argue that healthy populations require an agricultural sector that delivers dietary diversity via a fair and sustainable food system. In order to understand why nutrition-sensitive, fair food agriculture is not flourishing in Australia we introduce the development economics theory of urban bias. According to this theory, governments support capital intensive rather than labour intensive agriculture in order to deliver cheap food alongside the transfer of public revenues gained from rural agriculture to urban infrastructure, where the majority of the voting public resides. We chart the unfolding of the Urban Bias across the twentieth century and its consolidation through neo-liberal orthodoxy, and argue that agricultural policies do little to sustain, let alone revitalize, rural and regional Australia. We conclude that by observing food system dynamics through a re-spatialized lens, Urban Bias Theory is valuable in highlighting rural–urban socio-economic and political economy tensions, particularly regarding food system sustainability. It also sheds light on the cultural economy tensions for alternative food networks as they move beyond niche markets to simultaneously support urban food security and sustainable rural livelihoods.

The role of institutional pressures and top management support in the intention to adopt cloud computing solutions

Purpose – While many studies have predominantly looked at the benefits and risks of cloud computing, little is known whether and to what extent institutional forces play a role in cloud computing adoption. The purpose of this paper is to explore the role of institutional factors in top management team’s (TMT’s) decision to adopt cloud computing services. Design/methodology/approach – A model is developed and tested with data from an Australian survey using the partial least squares modeling technique. Findings – The results suggest that mimetic and coercive pressures influence TMT’s beliefs in the benefits of cloud computing. The results also show that TMT’s beliefs drive TMT’s participation, which in turn affects the intention to increase the adoption of cloud computing solutions. Research limitations/implications – Future studies could incorporate the influences of local actors who might also press for innovation. Practical implications – Given the influence of institutional forces and the plethora of cloud-based solutions on the market, it is recommended that TMTs exercise a high degree of caution when deciding for the types of applications to be outsourced as organizational requirements in terms of performance and security will differ. Originality/value – The paper contributes to the growing empirical literature on cloud computing adoption and offers the institutional framework as an alternative lens with which to interpret cloud-based information technology outsourcing.

Food security in welfare capitalism: Comparing social entitlements to food in Australia and Norway

The concept of food security is often anchored in popular understandings of the challenge to produce and supply enough food. However, decades of policies for intensive agriculture have not alleviated hunger and malnutrition, with an absence of food security featuring in both economically developing and developed nations. Despite perceptions that the economic growth in advanced, capitalist societies will ensure freedom from hunger, this is not universal across so-called ‘wealthy nations’. To explore the dynamics of food security in economically developed countries, this paper considers institutional approaches to domestic food security primarily through responses to poverty and welfare entitlements, and, secondarily, through food relief. Through the lens of social entitlements to food and their formation under various expressions of welfare capitalism, we highlight how the specific institutional settings of two economically developed nations, Australia and Norway, respond to uncertain or insufficient access to food. Whilst Norway's political agenda on agricultural support, food pricing regulation and universal social security support offers a robust, although indirect, safety net in ensuring entitlements to food, Australia's neoliberal trajectory means that approaches to food security are ad hoc and rely on a combination of self-help, charitable and market responses. Despite its extensive food production Australia appears less capable of ensuring food security for all its inhabitants compared to the highly import-dependent Norway.

Decentralised key management for delay tolerant networks

Public key authentication is the verification of the identity-public key binding, and is foundational to the security of any network. The contribution of this thesis has been to provide public key authentication for a decentralised and resource challenged network such as an autonomous Delay Tolerant Network (DTN). It has resulted in the development and evaluation of a combined co-localisation trust system and key distribution scheme evaluated on a realistic large geographic scale mobility model. The thesis also addresses the problem of unplanned key revocation and replacement without any central authority.