Automating computational proofs for public-key-based key exchange

We present an approach to automating computationally sound proofs of key exchange protocols based on public-key encryption. We show that satisfying the property called occultness in the Dolev-Yao model guarantees the security of a related key exchange protocol in a simple computational model. Security in this simpler model has been shown to imply security in a Bellare {Rogaway-like model. Furthermore, the occultness in the Dolev-Yao model can be searched automatically by a mechanisable procedure. Thus automated proofs for key exchange protocols in the computational model can be achieved. We illustrate the method using the well-known Lowe-Needham-Schroeder protocol.

Identifying key belief-based targets for promoting regular physical activity among mothers and fathers with young children

We investigated the key beliefs to target in interventions aimed at increasing physical activity (PA) among mothers and fathers of young children. Parents (288 mothers and 292 fathers) completed a Theory of Planned Behaviour belief-based questionnaire and a 1-week follow-up of PA behaviour. We found that a range of behavioural, normative, and control beliefs were significantly correlated with parents’ PA intentions and behaviour, with only a few differences observed in correlations between PA beliefs and intention and behaviour by gender. A range of key beliefs was identified as making independent contributions to parents’ PA intentions; however, the behavioural beliefs about improving parenting practices (β = 0.13), interfering with other commitments (β = −0.29); normative beliefs about people I exercise with (β = 0.20); and control beliefs about lack of time (β = −0.24), inconvenience (β = −0.14), lack of motivation (β = −0.34), were revealed as significant independent predictors of actual PA behaviour. Furthermore, we found that a limited amount of parents already hold these beliefs, suggesting that these key beliefs warrant changing and, therefore, are appropriate targets for subsequent intervention. The current study fills an empirical gap in the PA literature by investigating an at-risk group and using a well established theoretical framework to identify key beliefs that guide parents’ PA decision-making. Overall, we found support for parents being a unique group who hold distinctive behavioural, normative, and control beliefs toward PA. Attention to these key underlying beliefs will assist intervention work aimed at combating inactivity among this at-risk population.

Strengthening and formally verifying privacy in identity management systems

In a digital world, users’ Personally Identifiable Information (PII) is normally managed with a system called an Identity Management System (IMS). There are many types of IMSs. There are situations when two or more IMSs need to communicate with each other (such as when a service provider needs to obtain some identity information about a user from a trusted identity provider). There could be interoperability issues when communicating parties use different types of IMS. To facilitate interoperability between different IMSs, an Identity Meta System (IMetS) is normally used. An IMetS can, at least theoretically, join various types of IMSs to make them interoperable and give users the illusion that they are interacting with just one IMS. However, due to the complexity of an IMS, attempting to join various types of IMSs is a technically challenging task, let alone assessing how well an IMetS manages to integrate these IMSs. The first contribution of this thesis is the development of a generic IMS model called the Layered Identity Infrastructure Model (LIIM). Using this model, we develop a set of properties that an ideal IMetS should provide. This idealized form is then used as a benchmark to evaluate existing IMetSs. Different types of IMS provide varying levels of privacy protection support. Unfortunately, as observed by Jøsang et al (2007), there is insufficient privacy protection in many of the existing IMSs. In this thesis, we study and extend a type of privacy enhancing technology known as an Anonymous Credential System (ACS). In particular, we extend the ACS which is built on the cryptographic primitives proposed by Camenisch, Lysyanskaya, and Shoup. We call this system the Camenisch, Lysyanskaya, Shoup - Anonymous Credential System (CLS-ACS). The goal of CLS-ACS is to let users be as anonymous as possible. Unfortunately, CLS-ACS has problems, including (1) the concentration of power to a single entity - known as the Anonymity Revocation Manager (ARM) - who, if malicious, can trivially reveal a user’s PII (resulting in an illegal revocation of the user’s anonymity), and (2) poor performance due to the resource-intensive cryptographic operations required. The second and third contributions of this thesis are the proposal of two protocols that reduce the trust dependencies on the ARM during users’ anonymity revocation. Both protocols distribute trust from the ARM to a set of n referees (n > 1), resulting in a significant reduction of the probability of an anonymity revocation being performed illegally. The first protocol, called the User Centric Anonymity Revocation Protocol (UCARP), allows a user’s anonymity to be revoked in a user-centric manner (that is, the user is aware that his/her anonymity is about to be revoked). The second protocol, called the Anonymity Revocation Protocol with Re-encryption (ARPR), allows a user’s anonymity to be revoked by a service provider in an accountable manner (that is, there is a clear mechanism to determine which entity who can eventually learn - and possibly misuse - the identity of the user). The fourth contribution of this thesis is the proposal of a protocol called the Private Information Escrow bound to Multiple Conditions Protocol (PIEMCP). This protocol is designed to address the performance issue of CLS-ACS by applying the CLS-ACS in a federated single sign-on (FSSO) environment. Our analysis shows that PIEMCP can both reduce the amount of expensive modular exponentiation operations required and lower the risk of illegal revocation of users’ anonymity. Finally, the protocols proposed in this thesis are complex and need to be formally evaluated to ensure that their required security properties are satisfied. In this thesis, we use Coloured Petri nets (CPNs) and its corresponding state space analysis techniques. All of the protocols proposed in this thesis have been formally modeled and verified using these formal techniques. Therefore, the fifth contribution of this thesis is a demonstration of the applicability of CPN and its corresponding analysis techniques in modeling and verifying privacy enhancing protocols. To our knowledge, this is the first time that CPN has been comprehensively applied to model and verify privacy enhancing protocols. From our experience, we also propose several CPN modeling approaches, including complex cryptographic primitives (such as zero-knowledge proof protocol) modeling, attack parameterization, and others. The proposed approaches can be applied to other security protocols, not just privacy enhancing protocols.

Interaction, privacy and profiling considerations in local mobile social software : a prototype agile ride share system

Agile ridesharing aims to utilise the capability of social networks and mobile phones to facilitate people to share vehicles and travel in real time. However the application of social networking technologies in local communities to address issues of personal transport faces significant design challenges. In this paper we describe an iterative design-based approach to exploring this problem and discuss findings from the use of an early prototype. The findings focus upon interaction, privacy and profiling. Our early results suggest that explicitly entering information such as ride data and personal profile data into formal fields for explicit computation of matches, as is done in many systems, may not be the best strategy. It might be preferable to support informal communication and negotiation with text search techniques.

The key to successful implementation : project management of sustainable infrastructure provision

Delivering infrastructure projects involves many stakeholders. Their responsibilities and authorities vary over the course of the project lifecycle - from establishing the project parameters and performance requirements, to operating and maintaining the completed infrastructure. To ensure the successful delivery of infrastructure projects, it is important for the project management team to identify and manage the stakeholders and their requirements. This chapter discusses the management of stakeholders in delivering infrastructure projects, from their conception to completion. It includes managing the stakeholders for project selection and involving them to improve project constructability, operability and maintainability.

QoS-oriented resource allocation and scheduling of multiple composite Web services in a hybrid cloud using a random-key genetic algorithm

In cloud computing resource allocation and scheduling of multiple composite web services is an important challenge. This is especially so in a hybrid cloud where there may be some free resources available from private clouds but some fee-paying resources from public clouds. Meeting this challenge involves two classical computational problems. One is assigning resources to each of the tasks in the composite web service. The other is scheduling the allocated resources when each resource may be used by more than one task and may be needed at different points of time. In addition, we must consider Quality-of-Service issues, such as execution time and running costs. Existing approaches to resource allocation and scheduling in public clouds and grid computing are not applicable to this new problem. This paper presents a random-key genetic algorithm that solves new resource allocation and scheduling problem. Experimental results demonstrate the effectiveness and scalability of the algorithm.

Towards defining semantic foundations for purpose-based privacy policies

We define a semantic model for purpose, based on which purpose-based privacy policies can be meaningfully expressed and enforced in a business system. The model is based on the intuition that the purpose of an action is determined by its situation among other inter-related actions. Actions and their relationships can be modeled in the form of an action graph which is based on the business processes in a system. Accordingly, a modal logic and the corresponding model checking algorithm are developed for formal expression of purpose-based policies and verifying whether a particular system complies with them. It is also shown through various examples, how various typical purpose-based policies as well as some new policy types can be expressed and checked using our model.

If Big Brother comes to a venue near you! Employee surveillance issues and the communication professional

Todoy's monogers-drowing on the expertise of their IT professiono/s-privacy, key communication and control issues, the current legal climate, and ethical issues that communication professionals need to address to forestall future problems. lA questionnaire is included as a starting point for communication professionals to assess their own attitudes and values to workplace surveillance.

Luxury fashion: The role of innovation as a key contributing factor in the development of luxury fashion goods and sustainable fashion design

Luxury is a quality that is difficult to define as the historical concept of luxury appears to be both dynamic and culturally specific. The everyday definition explains a ‘luxury’ in relation to a necessity: a luxury (product or service) is defined as something that consumers want rather than need. However, the growth of global markets has seen a boom in what are now referred to as ‘luxury brands’. This branding of products as luxury has resulted in a change in the way consumers understand luxury goods and services. In their attempts to characterize a luxury brand, Fionda & Moore in their article “The anatomy of a Luxury Brand” summarize a range of critical conditions that are in addition to product branding “... including product and design attributes of quality, craftsmanship and innovative, creative and unique products” (Fionda & Moore, 2009). For the purposes of discussing fashion design however, quality and craftsmanship are inseparable while creativity and innovation exist under different conditions. The terms ‘creative’ and ‘innovative’ are often used inter-changeably and are connected with most descriptions of the design process, defining ‘design’ and ‘fashion’ in many cases. Christian Marxt and Fredrik Hacklin identify this condition in their paper “Design, product development, innovation: all the same in the end?”(Marxt & Hacklin, 2005) and suggest that design communities should be aware that the distinction between these terms, whilst once quite definitive, is becoming narrow to a point where they will mean the same thing. In relation to theory building in the discipline this could pose significant problems. Brett Richards (2003) identifies innovation as different from creativity in that innovation aims to transform and implement rather than simply explore and invent. Considering this distinction, in particular relation to luxury branding, may affect the way in which design can contribute to a change in the way luxury fashion goods might be perceived in a polarised fashion market, namely suggesting that ‘luxury’ is what consumers need rather than the ‘pile it high, sell it cheap’ fashion that the current market dynamic would indicate they want. This paper attempts to explore the role of innovation as a key contributing factor in luxury concepts, in particular the relationship between innovation and creativity, the conditions which enable innovation, the role of craftsmanship in innovation and design innovation in relation to luxury fashion products. An argument is presented that technological innovation can be demonstrated as a common factor in the development of luxury fashion product and that the connection between designer and maker will play an important role in the development of luxury fashion goods for a sustainable fashion industry.

Youth Homelessness and Early Intervention: Key Characteristics and Challenges

The key requirements for effective early intervention into youth homelessness are discussed. Young people are exposed to the risk of homelessness from a constellation of factors at the structural through to the individual level and early intervention has generally been conceptualized as part of a continuum of responses.

Privacy v IP Litigation : preliminary third party discovery on the Internet

The enforcement of Intellectual Property rights poses one of the greatest current threats to the privacy of individuals online. Recent trends have shown that the balance between privacy and intellectual property enforcement has been shifted in favour of intellectual property owners. This article discusses the ways in which the scope of preliminary discovery and Anton Piller orders have been overly expanded in actions where large amounts of electronic information is available, especially against online intermediaries (service providers and content hosts). The victim in these cases is usually the end user whose privacy has been infringed without a right of reply and sometimes without notice. This article proposes some ways in which the delicate balance can be restored, and considers some safeguards for user privacy. These safeguards include restructuring the threshold tests for discovery, limiting the scope of information disclosed, distinguishing identity discovery from information discovery, and distinguishing information preservation from preliminary discovery.

Encryption schemes and key exchange protocols in the certificateless setting

The contributions of this thesis fall into three areas of certificateless cryptography. The first area is encryption, where we propose new constructions for both identity-based and certificateless cryptography. We construct an n-out-of- n group encryption scheme for identity-based cryptography that does not require any special means to generate the keys of the trusted authorities that are participating. We also introduce a new security definition for chosen ciphertext secure multi-key encryption. We prove that our construction is secure as long as at least one authority is uncompromised, and show that the existing constructions for chosen ciphertext security from identity-based encryption also hold in the group encryption case. We then consider certificateless encryption as the special case of 2-out-of-2 group encryption and give constructions for highly efficient certificateless schemes in the standard model. Among these is the first construction of a lattice-based certificateless encryption scheme. Our next contribution is a highly efficient certificateless key encapsulation mechanism (KEM), that we prove secure in the standard model. We introduce a new way of proving the security of certificateless schemes based that are based on identity-based schemes. We leave the identity-based part of the proof intact, and just extend it to cover the part that is introduced by the certificateless scheme. We show that our construction is more efficient than any instanciation of generic constructions for certificateless key encapsulation in the standard model. The third area where the thesis contributes to the advancement of certificateless cryptography is key agreement. Swanson showed that many certificateless key agreement schemes are insecure if considered in a reasonable security model. We propose the first provably secure certificateless key agreement schemes in the strongest model for certificateless key agreement. We extend Swanson's definition for certificateless key agreement and give more power to the adversary. Our new schemes are secure as long as each party has at least one uncompromised secret. Our first construction is in the random oracle model and gives the adversary slightly more capabilities than our second construction in the standard model. Interestingly, our standard model construction is as efficient as the random oracle model construction.