235 resultados para Linux security module
Resumo:
Article XX has been a valuable instrument to justify exceptions from the anti-discrimination provisions of the GATT 1994. In general, this Article is considered by experts to be the most likely defence for any climate change mitigation measure in breach GATT 1994 obligations. That assumption is not in dispute here; rather, this article considers the requirements of the Article XX exceptions, but also explores the conditions of the National Security exception contained in Article XXI. Although it is possible that this exception could be used for climate change mitigation measures, this paper argues that it is unlikely that the National Security exception could be legitimately applied in these circumstances without member agreement to the contrary.
Resumo:
Food insecurity is the limited access to, or availability of, nutritious, culturally-appropriate and safe foods, or the inability to access these foods by socially acceptable means. In Australia, the monitoring of food insecurity is limited to the use of a single item, included in the three-yearly National Health Survey (NHS). The current research comprised a) a review of the literature and available tools to measure food security, b) piloting and adaptation of the more comprehensive 16-item United States Department of Agriculture (USDA) Food Security Survey Module (FSSM), and c) a cross-sectional study comparing this more comprehensive tool, and it’s 10- and 6- item short forms, with the current single-item used in the NHS, among a sample of households in disadvantaged urban-areas of Brisbane, Australia. Findings have shown that internationally the 16-item USDA-FSSM is the most widely used tool for the measurement of food insecurity. Furthermore, of the validated tools that exist to measure food insecurity, sensitivity and reliability decline as the number of questions in a tool decreases. Among an Australian sample, the current single-measure utilised in the NHS yielded a significantly lower prevalence for food insecurity compared to the 16-item USDA-FSSM and it’s two shorter forms respectively (four and two percentage points lower respectively). These findings suggest that the current prevalence of food insecurity (estimated at 6% in the most recent NHS) may have been underestimated, and have important implications for the development of an effective means of monitoring food security within the context of a developed country.
Resumo:
Background: Periurban agriculture refers to agricultural practice occurring in areas with mixed rural and urban features. It is responsible 25% of the total gross value of economic production in Australia, despite only comprising 3% of the land used for agriculture. As populations grows and cities expand, they are constantly absorbing surrounding fringe areas, thus creating a new fringe, further from the city causing the periurban region to constantly shift outwards. Periurban regions are fundamental in the provision of fresh food to city populations and residential (and industrial) expansion taking over agricultural land has been noted as a major worldwide concern. Another major concern around the increase in urbanisation and resultant decrease in periurban agriculture is its potential effect on food security. Food security is the availability or access to nutritionally-adequate, culturally-relevant and safe foods in culturally-appropriate ways. Thus food insecurity occurs when access to or availability of these foods is compromised. There is an important level of connectedness between food security and food production and a decrease in periurban agriculture may have adverse effects on food security. A decrease in local, seasonal produce may result in a decrease in the availability of products and an increase in cost, as food must travel greater distances, incurring extra costs present at the consumer level. Currently, few Australian studies exist examining the change in periurban agriculture over time. Such information may prove useful for future health policy and interventions as well as infrastructure planning. The aim of this study is to investigate changes in periurban agriculture among capital cities of Australia. Methods: We compared data pertaining to selected commodities from the Australian Bureau of Statistics 2000-01 and 2005 -2006 Agricultural Census. This survey is distributed online or via mail on a five-yearly basis to approximately 175,000 Agricultural business to ascertain information on a range of factors, such as types of crops, livestock and land preparation practices. For the purpose of this study we compared the land being used for total crops, and cereal , oil seed, legume, fruit and vegetable crops separately. Data was analysed using repeated measures anova in spss. Results: Overall, total area available for crops in urbanised areas of Australia increased slightly by 1.8%. However, Sydney, Melbourne, Adelaide and Perth experienced decreases in the area available for fruit crops by 11%, 5%,and 4% respectively. Furthermore, Brisbane and Perth experienced decreases in land available for vegetable crops by 28% and 14% respectively. Finally, Sydney, Adelaide and Perth experienced decreases in land available for cereal crops by 10 – 79%. Conclusions: These findings suggest that population increases and consequent urban sprawl may be resulting in a decrease in peri-urban agriculture, specifically for several core food groups including fruit, breads and grain based foods. In doing so, access to or availability of these foods may be limited, and the cost of these foods is likely to increase, which may compromise food insecurity for certain sub-groups of the population.
Resumo:
Objective: Food insecurity may be associated with a number of adverse health and social outcomes however our knowledge of its public health significance in Australia has been limited by use of a single-item measure in the Australian National Health Surveys (NHS) and, more recently, the exclusion of food security items from these surveys. The current study compares prevalence estimates of food insecurity in disadvantaged urban areas of Brisbane using the one-item NHS measure with three adaptations of the United States Department of Agriculture Food Security Survey Module (USDA-FSSM). Design: Data were collected by postal survey (n= 505, 53% response). Food security status was ascertained by the measure used in the NHS, and the 6-, 10- and 18-item versions of the USDA-FSSM. Demographic characteristics of the sample, prevalence estimates of food insecurity and different levels of food insecurity estimated by each tool were determined. Setting: Disadvantaged suburbs of Brisbane city, Australia, 2009. Subjects: Individuals aged ≥ 18 years. Results: Food insecurity was prevalent in socioeconomically-disadvantaged urban areas, estimated as 19.5% using the single-item NHS measure. This was significantly less than the 24.6% (P <0.01), 22.0% (P = 0.01) and 21.3% (P = 0.03) identified using the 18-item, 10-item and 6-item versions of the USDA-FSSM, respectively. The proportion of the sample reporting more severe levels of food insecurity were 10.7%, 10% and 8.6% for the 18-, 10- and 6-item USDA measures respectively, however this degree of food insecurity could not be ascertained using the NHS measure. Conclusions: The measure of food insecurity employed in the NHS may underestimate its prevalence and public health significance. Future monitoring and surveillance efforts should seek to employ a more accurate measure.
Resumo:
Modern applications comprise multiple components, such as browser plug-ins, often of unknown provenance and quality. Statistics show that failure of such components accounts for a high percentage of software faults. Enabling isolation of such fine-grained components is therefore necessary to increase the robustness and resilience of security-critical and safety-critical computer systems. In this paper, we evaluate whether such fine-grained components can be sandboxed through the use of the hardware virtualization support available in modern Intel and AMD processors. We compare the performance and functionality of such an approach to two previous software based approaches. The results demonstrate that hardware isolation minimizes the difficulties encountered with software based approaches, while also reducing the size of the trusted computing base, thus increasing confidence in the solution's correctness. We also show that our relatively simple implementation has equivalent run-time performance, with overheads of less than 34%, does not require custom tool chains and provides enhanced functionality over software-only approaches, confirming that hardware virtualization technology is a viable mechanism for fine-grained component isolation.
Resumo:
The use of Trusted Platform Module (TPM) is be- coming increasingly popular in many security sys- tems. To access objects protected by TPM (such as cryptographic keys), several cryptographic proto- cols, such as the Object Specific Authorization Pro- tocol (OSAP), can be used. Given the sensitivity and the importance of those objects protected by TPM, the security of this protocol is vital. Formal meth- ods allow a precise and complete analysis of crypto- graphic protocols such that their security properties can be asserted with high assurance. Unfortunately, formal verification of these protocols are limited, de- spite the abundance of formal tools that one can use. In this paper, we demonstrate the use of Coloured Petri Nets (CPN) - a type of formal technique, to formally model the OSAP. Using this model, we then verify the authentication property of this protocol us- ing the state space analysis technique. The results of analysis demonstrates that as reported by Chen and Ryan the authentication property of OSAP can be violated.
Resumo:
This paper describes in detail our Security-Critical Program Analyser (SCPA). SCPA is used to assess the security of a given program based on its design or source code with regard to data flow-based metrics. Furthermore, it allows software developers to generate a UML-like class diagram of their program and annotate its confidential classes, methods and attributes. SCPA is also capable of producing Java source code for the generated design of a given program. This source code can then be compiled and the resulting Java bytecode program can be used by the tool to assess the program's overall security based on our security metrics.
Resumo:
Refactoring is a common approach to producing better quality software. Its impact on many software quality properties, including reusability, maintainability and performance, has been studied and measured extensively. However, its impact on the information security of programs has received relatively little attention. In this work, we assess the impact of a number of the most common code-level refactoring rules on data security, using security metrics that are capable of measuring security from the viewpoint of potential information flow. The metrics are calculated for a given Java program using a static analysis tool we have developed to automatically analyse compiled Java bytecode. We ran our Java code analyser on various programs which were refactored according to each rule. New values of the metrics for the refactored programs then confirmed that the code changes had a measurable effect on information security.
Resumo:
The advent of eLearning has seen online discussion forums widely used in both undergraduate and postgraduate nursing education. This paper reports an Australian university experience of design, delivery and redevelopment of a distance education module developed for Vietnamese nurse academics. The teaching experience of Vietnamese nurse academics is mixed and frequently limited. It was decided that the distance module should attempt to utilise the experience of senior Vietnamese nurse academics - asynchronous online discussion groups were used to facilitate this. Online discussion occurred in both Vietnamese and English and was moderated by an Australian academic working alongside a Vietnamese translator. This paper will discuss the design of an online learning environment for foreign correspondents, the resources and translation required to maximise the success of asynchronous online discussion groups, as well as the rationale of delivering complex content in a foreign language. While specifically addressing the first iteration of the first distance module designed, this paper will also address subsequent changes made for the second iteration of the module and comment on their success. While a translator is clearly a key component of success, the elements of simplicity and clarity combined with supportive online moderation must not be overlooked.
Resumo:
NeSSi (network security simulator) is a novel network simulation tool which incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profile-based automated attack generation, traffic analysis and support for detection algorithm plug-ins allow it to be used for security research and evaluation purposes. NeSSi has been successfully used for testing intrusion detection algorithms, conducting network security analysis and developing overlay security frameworks. NeSSi is built upon the agent framework JIAC, resulting in a distributed and extensible architecture. In this paper, we provide an overview of the NeSSi architecture as well as its distinguishing features and briefly demonstrate its application to current security research projects.
Resumo:
Collaborative methods are promising tools for solving complex security tasks. In this context, the authors present the security overlay framework CIMD (Collaborative Intrusion and Malware Detection), enabling participants to state objectives and interests for joint intrusion detection and find groups for the exchange of security-related data such as monitoring or detection results accordingly; to these groups the authors refer as detection groups. First, the authors present and discuss a tree-oriented taxonomy for the representation of nodes within the collaboration model. Second, they introduce and evaluate an algorithm for the formation of detection groups. After conducting a vulnerability analysis of the system, the authors demonstrate the validity of CIMD by examining two different scenarios inspired sociology where the collaboration is advantageous compared to the non-collaborative approach. They evaluate the benefit of CIMD by simulation in a novel packet-level simulation environment called NeSSi (Network Security Simulator) and give a probabilistic analysis for the scenarios.
Resumo:
Many commentators have treated the internet as a site of democratic freedom and as a new kind of public sphere. While there are good reasons for optimism, like any social space digital space also has its dark side. Citizens and governments alike have expressed anxiety about cybercrime and cyber-security. In August 2011, the Australian government introduced legislation to give effect to Australia becoming a signatory to the European Convention on Cybercrime (2001). At the time of writing, that legislation is still before the Parliament. In this article, attention is given to how the legal and policy-making process enabling Australia to be compliant with the European Convention on Cybercrime came about. Among the motivations that informed both the development of the Convention in Europe and then the Australian exercise of legislating for compliance with it was a range of legitimate concerns about the impact that cybercrime can have on individuals and communities. This article makes the case that equal attention also needs to be given to ensuring that legislators and policy makers differentiate between legitimate security imperatives and any over-reach evident in the implementation of this legislation that affects rule of law principles, our capacity to engage in democratic practices, and our civic and human rights.
Resumo:
Threats against computer networks evolve very fast and require more and more complex measures. We argue that teams respectively groups with a common purpose for intrusion detection and prevention improve the measures against rapid propagating attacks similar to the concept of teams solving complex tasks known from field of work sociology. Collaboration in this sense is not easy task especially for heterarchical environments. We propose CIMD (collaborative intrusion and malware detection) as a security overlay framework to enable cooperative intrusion detection approaches. Objectives and associated interests are used to create detection groups for exchange of security-related data. In this work, we contribute a tree-oriented data model for device representation in the scope of security. We introduce an algorithm for the formation of detection groups, show realization strategies for the system and conduct vulnerability analysis. We evaluate the benefit of CIMD by simulation and probabilistic analysis.
Resumo:
Smartphones started being targets for malware in June 2004 while malware count increased steadily until the introduction of a mandatory application signing mechanism for Symbian OS in 2006. From this point on, only few news could be read on this topic. Even despite of new emerging smartphone platforms, e.g. android and iPhone, malware writers seemed to lose interest in writing malware for smartphones giving users an unappropriate feeling of safety. In this paper, we revisit smartphone malware evolution for completing the appearance list until end of 2008. For contributing to smartphone malware research, we continue this list by adding descriptions on possible techniques for creating the first malware(s) for Android platform. Our approach involves usage of undocumented Android functions enabling us to execute native Linux application even on retail Android devices. This can be exploited to create malicious Linux applications and daemons using various methods to attack a device. In this manner, we also show that it is possible to bypass the Android permission system by using native Linux applications.
