Browser security : a requirements-based approach

A browser is a convenient way to access resources located remotely on computer networks. Security in browsers has become a crucial issue for users who use them for sensitive applications without knowledge ofthe hazards. This research utilises a structure approach to analyse and propose enhancements to browser security. Standard evaluation for computer products is important as it helps users to ensure that the product they use is appropriate for their needs. Security in browsers, therefore, has been evaluated using the Common Criteria. The outcome of this was a security requirements profile which attempts to formalise the security needs of browsers. The information collected during the research was used to produce a prototype model for a secure browser program. Modifications to the Lynx browser were made to demonstrate the proposed enhancements.

Announcement and legislation enactment improve children’s seating position in regional areas

New legislation requires all children 7 years and younger to use child-specific Australian Standards approved restraints suitable to their age and restricts seating young children in the front of cars. Observations of child seating position and restraint use were undertaken in Toowoomba and Rockhampton before the Queensland legislation was announced (T1), after the announcement but before it was enacted (T2) and after it came into force (T3). From T1 to T2, the percentage of children seated in the rear increased (69% to 75%), with a further increase from T2 to T3 (75% to 77%). This pattern was clear when there were one or two children in the car, but not when there were 3 or more. The effect on restraint use was more complex. After the announcement (T2) the percentage of children using adult seatbelts significantly increased regardless of the number of child passengers. However, once the legislation was enacted (T3) there was a significant increase in the percentage of children using child seats/boosters where there was one or two child passengers. Where there were three or more children in the vehicle there was little change in restraint choice between pre (T1) and post (T3) legislation.

Use of electronic travel diaries and vehicle instrumentation packages in the year 2000 : Atlanta Regional Household Travel Survey

The Georgia Institute of Technology is currently performing research that will result in the development and deployment of three instrumentation packages that allow for automated capture of personal travel-related data for a given time period (up to 10 days). These three packages include: A handheld electronic travel diary (ETD) with Global Positioning System (GPS) capabilities to capture trip information for all modes of travel; A comprehensive electronic travel monitoring system (CETMS), which includes an ETD, a rugged laptop computer, a GPS receiver and antenna, and an onboard engine monitoring system, to capture all trip and vehicle information; and a passive GPS receiver, antenna, and data logger to capture vehicle trips only.

Creativity, knowledge, engagement : keys to finding the right governance model for a regional community precinct

This paper investigates the Cooroy Mill community precinct (Sunshine Coast, Queensland), as a case study, seeking to understand the way local dynamics interplay and work with the community strengths to build a governance model of best fit. As we move to an age of ubiquitous computing and creative economies, the definition of public place and its governance take on new dimensions, which – while often utilizing models of the past – will need to acknowledge and change to the direction of the future. This paper considers a newly developed community precinct that has been built on three key principles: to foster creative expression with new media, to establish a knowledge economy in a regional area, and to subscribe to principles of community engagement. The study involved qualitative interviews with key stakeholders and a review of common practice models of governance along a spectrum from community control to state control. The paper concludes with a call for governance structures that are locally situated and tailored, inclusive, engaging, dynamic and flexible in order to build community capacity, encourage creativity, and build knowledge economies within emerging digital media cityscapes.

Integrating information security policy management with corporate risk management for strategic alignment

Information security policy defines the governance and implementation strategy for information security in alignment with the corporate risk policy objectives and strategies. Research has established that alignment between corporate concerns may be enhanced when strategies are developed concurrently using the same development process as an integrative relationship is established. Utilizing the corporate risk management framework for security policy management establishes such an integrative relationship between information security and corporate risk management objectives and strategies. There is however limitation in the current literature on presenting a definitive approach that fully integrates security policy management with the corporate risk management framework. This paper presents an approach that adopts a conventional corporate risk management framework for security policy development and management to achieve alignment with the corporate risk policy. A case example is examined to illustrate the alignment achieved in each process step with a security policy structure being consequently derived in the process. It is shown that information security policy management outcomes become both integral drivers and major elements of the corporate-level risk management considerations. Further study should involve assessing the impact of the use of the proposed framework in enhancing alignment as perceived in this paper.

Requirements for enhancing trust, security and integrity of GNSS location services

The paper describes a number of requirements for enhancing the trust of location acquisition from Satellite Navigation Systems, particularly for those applications where the location is monitored through a remote GNSS receiver. We discuss how the trust of a location acquisition could be propagated to an application through the use of a proposed tamper-­resistant GNSS receiver which quantifies the trust of a location solution from the signaling used (ie. P(Y) code, Galileo SOL, PRS, CS) and provides a cryptographic proof of this to a remote application. The tamper­-resistance state of the receiver is also included in this cryptographic proof.

Impacts and opportunities : resident's view on sustainable development of tourism in regional Queensland, Australia

Tourism development is a priority for rural and regional areas of Australia. The challenge is how to develop the tourism industry in a sustainable manner. As part of a larger project investigating community perceptions of opportunities, strategies and challenges in regional sustainable development, this article explores participant's views and opinions of tourism development. Through purposive sampling, 28 local community leaders and residents in the Darling Downs region in Queensland, Australia, participated in four semi-structured focus groups. This paper focuses on two of these focus groups, where tourism was a critical issue. Participants were generally positive about the tourism industry and its impacts on their community, although they expressed several triple bottom line concerns about economic, environmental and scoial issues. Four key themes emerged: appropriate land use management, limited resources and ageing/insufficient infrastructure, preservaation of community heritage and lifestyle, and regional conflict. Residents supported sustainable tourism development and wanted to be more actively involved in decision-making, demanding greater transparency - and true engagement - from local government.

Regional changes in corneal thickness and shape with soft contact lenses

Purpose: To investigate the influence of soft contact lenses on regional variations in corneal thickness and shape while taking account of natural diurnal variations in these corneal parameters. Methods: Twelve young, healthy subjects wore 4 different types of soft contact lenses on 4 different days. The lenses were of two different materials (silicone hydrogel, hydrogel), designs (spherical, toric) and powers (–3.00, –7.00 D). Corneal thickness and topography measurements were taken before and after 8 hours of lens wear and on two days without lens wear, using the Pentacam HR system. Results: The hydrogel toric contact lens caused the greatest level of corneal thickening in the central (20.3 ± 10.0 microns) as well as peripheral cornea (24.1 ± 9.1 microns) (p < 0.001) with an obvious regional swelling of the cornea beneath the stabilizing zones. The anterior corneal surface generally showed slight flattening. All contact lenses resulted in central posterior corneal steepening and this was weakly correlated with central corneal swelling (p = 0.03) and peripheral corneal swelling (p = 0.01). Conclusions: There was an obvious regional corneal swelling apparent after wear of the hydrogel soft toric lenses, due to the location of the thicker stabilization zones of the toric lenses. However with the exception of the hydrogel toric lens, the magnitude of corneal swelling induced by the contact lenses over the 8 hours of wear was less than the natural diurnal thinning of the cornea over this same period.

Automatic generation of assertions to detect potential security vulnerabilities in C programs that use union and pointer types

Type unions, pointer variables and function pointers are a long standing source of subtle security bugs in C program code. Their use can lead to hard-to-diagnose crashes or exploitable vulnerabilities that allow an attacker to attain privileged access over classified data. This paper describes an automatable framework for detecting such weaknesses in C programs statically, where possible, and for generating assertions that will detect them dynamically, in other cases. Exclusively based on analysis of the source code, it identifies required assertions using a type inference system supported by a custom made symbol table. In our preliminary findings, our type system was able to infer the correct type of unions in different scopes, without manual code annotations or rewriting. Whenever an evaluation is not possible or is difficult to resolve, appropriate runtime assertions are formed and inserted into the source code. The approach is demonstrated via a prototype C analysis tool.