A framework for improved adolescent and child safety in MMOs

This paper presents an approach to providing better safety for adolescents playing online games. We highlight an emerging paedophile presence in online games and offer a general framework for the design of monitoring and alerting tools. Our method is to monitor and detect relationships forming with a child in online games, and alert if the relationship indicates an offline meeting with the child has been arranged or has the potential to occur. A prototype implementation with demonstrative components of the framework has been created and is introduced. The prototype demonstration and evaluation uses a teen rated online relationship-building environment for its case study, specifically the predominant Massive Multiplayer Online Game (MMO) World of Warcraft.

Integrating information security policy management with corporate risk management for strategic alignment

Information security policy defines the governance and implementation strategy for information security in alignment with the corporate risk policy objectives and strategies. Research has established that alignment between corporate concerns may be enhanced when strategies are developed concurrently using the same development process as an integrative relationship is established. Utilizing the corporate risk management framework for security policy management establishes such an integrative relationship between information security and corporate risk management objectives and strategies. There is however limitation in the current literature on presenting a definitive approach that fully integrates security policy management with the corporate risk management framework. This paper presents an approach that adopts a conventional corporate risk management framework for security policy development and management to achieve alignment with the corporate risk policy. A case example is examined to illustrate the alignment achieved in each process step with a security policy structure being consequently derived in the process. It is shown that information security policy management outcomes become both integral drivers and major elements of the corporate-level risk management considerations. Further study should involve assessing the impact of the use of the proposed framework in enhancing alignment as perceived in this paper.

Requirements for enhancing trust, security and integrity of GNSS location services

The paper describes a number of requirements for enhancing the trust of location acquisition from Satellite Navigation Systems, particularly for those applications where the location is monitored through a remote GNSS receiver. We discuss how the trust of a location acquisition could be propagated to an application through the use of a proposed tamper-­resistant GNSS receiver which quantifies the trust of a location solution from the signaling used (ie. P(Y) code, Galileo SOL, PRS, CS) and provides a cryptographic proof of this to a remote application. The tamper­-resistance state of the receiver is also included in this cryptographic proof.

Mutual protection in a cloud computing environment

The term “cloud computing” has emerged as a major ICT trend and has been acknowledged by respected industry survey organizations as a key technology and market development theme for the industry and ICT users in 2010. However, one of the major challenges that faces the cloud computing concept and its global acceptance is how to secure and protect the data and processes that are the property of the user. The security of the cloud computing environment is a new research area requiring further development by both the academic and industrial research communities. Today, there are many diverse and uncoordinated efforts underway to address security issues in cloud computing and, especially, the identity management issues. This paper introduces an architecture for a new approach to necessary “mutual protection” in the cloud computing environment, based upon a concept of mutual trust and the specification of definable profiles in vector matrix form. The architecture aims to achieve better, more generic and flexible authentication, authorization and control, based on a concept of mutuality, within that cloud computing environment.

Reinforcing bad behaviour : the misuse of security indicators on popular websites

Before making a security or privacy decision, Internet users should evaluate several security indicators in their browser, such as the use of HTTPS (indicated via the lock icon), the domain name of the site, and information from extended validation certificates. However, studies have shown that human subjects infrequently employ these indicators, relying on other indicators that can be spoofed and convey no cryptographic assurances. We identify four simple security indicators that accurately represent security properties of the connection and then examine 125 popular websites to determine if the sites' designs result in correctly displayed security indicators during login. In the vast majority of cases, at least some security indicators are absent or suboptimal. This suggests users are becoming habituated to ignoring recommended security indicators.

Group segmentation during object tracking using optical flow discontinuities

Within a surveillance video, occlusions are commonplace, and accurately resolving these occlusions is key when seeking to accurately track objects. The challenge of accurately segmenting objects is further complicated by the fact that within many real-world surveillance environments, the objects appear very similar. For example, footage of pedestrians in a city environment will consist of many people wearing dark suits. In this paper, we propose a novel technique to segment groups and resolve occlusions using optical flow discontinuities. We demonstrate that the ratio of continuous to discontinuous pixels within a region can be used to locate the overlapping edges, and incorporate this into an object tracking framework. Results on a portion of the ETISEO database show that the proposed algorithm results in improved tracking performance overall, and improved tracking within occlusions.

Security metrics for object-oriented designs

Several studies have developed metrics for software quality attributes of object-oriented designs such as reusability and functionality. However, metrics which measure the quality attribute of information security have received little attention. Moreover, existing security metrics measure either the system from a high level (i.e. the whole system’s level) or from a low level (i.e. the program code’s level). These approaches make it hard and expensive to discover and fix vulnerabilities caused by software design errors. In this work, we focus on the design of an object-oriented application and define a number of information security metrics derivable from a program’s design artifacts. These metrics allow software designers to discover and fix security vulnerabilities at an early stage, and help compare the potential security of various alternative designs. In particular, we present security metrics based on composition, coupling, extensibility, inheritance, and the design size of a given object-oriented, multi-class program from the point of view of potential information flow.

Assessing the impact of refactoring on security-critical object-oriented designs

Refactoring focuses on improving the reusability, maintainability and performance of programs. However, the impact of refactoring on the security of a given program has received little attention. In this work, we focus on the design of object-oriented applications and use metrics to assess the impact of a number of standard refactoring rules on their security by evaluating the metrics before and after refactoring. This assessment tells us which refactoring steps can increase the security level of a given program from the point of view of potential information flow, allowing application designers to improve their system’s security at an early stage.

Models of collective cell spreading with variable cell aspect ratio : a motivation for degenerate diffusion models

Continuum diffusion models are often used to represent the collective motion of cell populations. Most previous studies have simply used linear diffusion to represent collective cell spreading, while others found that degenerate nonlinear diffusion provides a better match to experimental cell density profiles. In the cell modeling literature there is no guidance available with regard to which approach is more appropriate for representing the spreading of cell populations. Furthermore, there is no knowledge of particular experimental measurements that can be made to distinguish between situations where these two models are appropriate. Here we provide a link between individual-based and continuum models using a multi-scale approach in which we analyze the collective motion of a population of interacting agents in a generalized lattice-based exclusion process. For round agents that occupy a single lattice site, we find that the relevant continuum description of the system is a linear diffusion equation, whereas for elongated rod-shaped agents that occupy L adjacent lattice sites we find that the relevant continuum description is connected to the porous media equation (pme). The exponent in the nonlinear diffusivity function is related to the aspect ratio of the agents. Our work provides a physical connection between modeling collective cell spreading and the use of either the linear diffusion equation or the pme to represent cell density profiles. Results suggest that when using continuum models to represent cell population spreading, we should take care to account for variations in the cell aspect ratio because different aspect ratios lead to different continuum models.

How HCI design influences web security decisions

Even though security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human machine interface. This paper reports on a diary study conducted in order to investigate what people identify as security decisions that they make while using the web. The study aimed to uncover how security is perceived in the individual's context of use. From this data, themes were drawn, with a focus on addressing security goals such as confidentiality and authentication. This study is the first study investigating users' web usage focusing on their self-documented perceptions of security and the security choices they made in their own environment.

The role of informal networks in providing effective work opportunities for people with an intellectual disability

Being in paid employment is socially valued, and is linked to health, financial security and time use. Issues arising from a lack of occupational choice and control, and from diminished role partnerships are particularly problematic in the lives of people with an intellectual disability. Informal support networks are shown to influence work opportunities for people without disabilities, but their impact on the work experiences of people with disability has not been thoroughly explored. The experience of 'work' and preparation for work was explored with a group of four people with an intellectual disability (the participants) and the key members of their informal support networks (network members) in New South Wales, Australia. Network members and participants were interviewed and participant observations of work and other activities were undertaken. Data analysis included open, conceptual and thematic coding. Data analysis software assisted in managing the large datasets across multiple team members. The insight and actions of network members created and sustained the employment and support opportunities that effectively matched the needs and interests of the participants. Recommendations for future research are outlined.

The delta-phase spectrum with application to voice activity detection and speaker recognition

For several reasons, the Fourier phase domain is less favored than the magnitude domain in signal processing and modeling of speech. To correctly analyze the phase, several factors must be considered and compensated, including the effect of the step size, windowing function and other processing parameters. Building on a review of these factors, this paper investigates a spectral representation based on the Instantaneous Frequency Deviation, but in which the step size between processing frames is used in calculating phase changes, rather than the traditional single sample interval. Reflecting these longer intervals, the term delta-phase spectrum is used to distinguish this from instantaneous derivatives. Experiments show that mel-frequency cepstral coefficients features derived from the delta-phase spectrum (termed Mel-Frequency delta-phase features) can produce broadly similar performance to equivalent magnitude domain features for both voice activity detection and speaker recognition tasks. Further, it is shown that the fusion of the magnitude and phase representations yields performance benefits over either in isolation.

Enhancing security and continuity management at international airports

Operators of busy contemporary airports have to balance tensions between the timely flow of passengers, flight operations, the conduct of commercial business activities and the effective application of security processes. In addition to specific onsite issues airport operators liaise with a range of organisations which set and enforce aviation-related policies and regulations as well as border security agencies responsible for customs, quarantine and immigration, in addition to first response security services. The challenging demands of coordinating and planning in such complex socio-technical contexts place considerable pressure on airport management to facilitate coordination of what are often conflicting goals and expectations among groups that have standing in respect to safe and secure air travel. What are, as yet, significantly unexplored issues in large airports are options for the optimal coordination of efforts from the range of public and private sector participants active in airport security and crisis management. A further aspect of this issue is how airport management systems operate when there is a transition from business-as-usual into an emergency/crisis situation and then, on recovery, back to ‘normal’ functioning. Business Continuity Planning (BCP), incorporating sub-plans for emergency response, continuation of output and recovery of degraded operating capacity, would fit such a context. The implementation of BCP practices in such a significant high security setting offers considerable potential benefit yet entails considerable challenges. This paper presents early results of a 4 year nationally funded industry-based research project examining the merger of Business Continuity Planning and Transport Security Planning as a means of generating capability for improved security and reliability and, ultimately, enhanced resilience in major airports. The project is part of a larger research program on the Design of Secure Airports that includes most of the gazetted ‘first response’ international airports in Australia, key Aviation industry groups and all aviation-related border and security regulators as collaborative partners. The paper examines a number of initial themes in the research, including: ? Approaches to integrating Business Continuity & Aviation Security Planning within airport operations; ? Assessment of gaps in management protocols and operational capacities for identifying and responding to crises within and across critical aviation infrastructure; ? Identification of convergent and divergent approaches to crisis management used across Austral-Asia and their alignment to planned and possible infrastructure evolution.

Noise robust voice activity detection using normal probability testing and time-domain histogram analysis

This paper presents a method of voice activity detection (VAD) suitable for high noise scenarios, based on the fusion of two complementary systems. The first system uses a proposed non-Gaussianity score (NGS) feature based on normal probability testing. The second system employs a histogram distance score (HDS) feature that detects changes in the signal through conducting a template-based similarity measure between adjacent frames. The decision outputs by the two systems are then merged using an open-by-reconstruction fusion stage. Accuracy of the proposed method was compared to several baseline VAD methods on a database created using real recordings of a variety of high-noise environments.