Crossing boundaries: Implications of advances in basic sciences for the management of addiction.

This set of papers in this issue of "Addictive Behaviors" was presented at the 2004 'Addictions' conference, which, for the first time, was held in the Southern Hemisphere, on the Sunshine Coast of Queensland, Australia. The theme of the conference, Crossing Boundaries: Implications of Advances in Basic Sciences for the Management of Addiction, speaks for itself. The papers derive from a wide range of empirical paradigms and cover issues with relevance to the development of addiction, to the maintenance of problematic use, and to assessment, treatment, and relapse. Research from Europe and the United States is represented, as well as work from Australia. An international perspective is strongly emphasized from the initial paper by Obot, Poznyak, and Moneiro, (see record 2004-19599-015) which describes the WHO Report on the Neuroscience of Psychoactive Substance Use and Dependence, and summarises some of the report's implications for policy and practice. Hall, Carter, and Morley (see record 2004-19599-014) close the issue with a paper on the wide-ranging ethical implications of advances in neuroscience research, including issues arising from the identification of high risk for addiction, the potential for coercive pharmacotherapy, use of medications to enhance function, and risks to privacy.

Efficient one-round key exchange in the standard model

We consider one-round key exchange protocols secure in the standard model. The security analysis uses the powerful security model of Canetti and Krawczyk and a natural extension of it to the ID-based setting. It is shown how KEMs can be used in a generic way to obtain two different protocol designs with progressively stronger security guarantees. A detailed analysis of the performance of the protocols is included; surprisingly, when instantiated with specific KEM constructions, the resulting protocols are competitive with the best previous schemes that have proofs only in the random oracle model.

A multiple-control fuzzy vault

We introduce multiple-control fuzzy vaults allowing generalised threshold, compartmented and multilevel access structure. The presented schemes enable many useful applications employing multiple users and/or multiple locking sets. Introducing the original single control fuzzy vault of Juels and Sudan we identify several similarities and differences between their vault and secret sharing schemes which influence how best to obtain working generalisations. We design multiple-control fuzzy vaults suggesting applications using biometric credentials as locking and unlocking values. Furthermore we assess the security of our obtained generalisations for insider/ outsider attacks and examine the access-complexity for legitimate vault owners.

User-Created Content and Online Social Networks

Traditional media are under assault from digital technologies. Online advertising is eroding the financial basis of newspapers and television, demarcations between different forms of media are fading, and audiences are fragmenting. We can podcast our favourite radio show, data accompanies television programs, and we catch up with newspaper stories on our laptops. Yet mainstream media remain enormously powerful. The Media and Communications in Australia offers a systematic introduction to this dynamic field. Fully updated and revised to take account of recent developments, this third edition outlines the key media industries and explains how communications technologies are impacting on them. It provides a thorough overview of the main approaches taken in studying the media, and includes new chapters on social media, gaming, telecommunications, sport and cultural diversity. With contributions from some of Australia's best researchers and teachers in the field, The Media and Communications in Australia is the most comprehensive and reliable introduction to media and communications available. It is an ideal student text, and a reference for teachers of media and anyone interested in this influential industry.

Regulatory approaches to genetic testing in insurance

Rapid advancements in the field of genetic science have engendered considerable debate, speculation, misinformation and legislative action worldwide. While programs such as the Human Genome Project bring the prospect of seemingly miraculous medical advancements within imminent reach, they also create the potential for significant invasions of traditional areas of privacy and human dignity through laying the potential foundation for new forms of discrimination in insurance, employment and immigration regulation. The insurance industry, which has of course, traditionally been premised on discrimination as part of its underwriting process, is proving to be the frontline of this regulatory battle with extensive legislation, guidelines and debate marking its progress.

One-time-password-authenticated key exchange

To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time passwords have been susceptible to sophisticated phishing attacks. ---------- We give a formal security treatment of this important practical problem. We consider the use of one-time passwords in the context of password-authenticated key exchange (PAKE), which allows for mutual authentication, session key agreement, and resistance to phishing attacks. We describe a security model for the use of one-time passwords, explicitly considering the compromise of past (and future) one-time passwords, and show a general technique for building a secure one-time-PAKE protocol from any secure PAKE protocol. Our techniques also allow for the secure use of pseudorandomly generated and time-dependent passwords.

Predicate-based key exchange

We provide the first description of and security model for authenticated key exchange protocols with predicate-based authentication. In addition to the standard goal of session key security, our security model also provides for credential privacy: a participating party learns nothing more about the other party's credentials than whether they satisfy the given predicate. Our model also encompasses attribute-based key exchange since it is a special case of predicate-based key exchange.---------- We demonstrate how to realize a secure predicate-based key exchange protocol by combining any secure predicate-based signature scheme with the basic Diffie-Hellman key exchange protocol, providing an efficient and simple solution.

Legal aspects of Web 2.0 activities : management of legal risk associated with use of YouTube, MySpace and Second Life

This Report, prepared for Smart Service Queensland (“SSQ”), addresses legal issues, areas of risk and other factors associated with activities conducted on three popular online platforms—YouTube, MySpace and Second Life (which are referred to throughout this Report as the “Platforms”). The Platforms exemplify online participatory spaces and behaviours, including blogging and networking, multimedia sharing, and immersive virtual environments.

A genealogy of the problematic of homelessness and the homeless in Australia

The homeless have been subject to considerable scrutiny, historically and within current social, political and public discourse. The aetiology of homelessness has been the focus of a large body of economic, sociological, historical and political investigation. Importantly, efforts to conceptualise, explain and measure, the phenomenon of homelessness and homeless people has occurred largely within the context of defining “the problem of the homeless” and the generation of solutions to the ‘problem’. There has been little consideration of how and why homelessness has come to be seen, or understood, as a problem, or how this can change across time and/or place. This alternative stream of research has focused on tracing and analysing the relationship between how people experiencing homeless have become a matter of government concern and the manner in which homelessness itself has been problematised. With this in mind this study has analysed the discourses - political, social and economic rationalities and knowledges - which have provided the conditions of possibility for the identification of the homeless and homelessness as a problem needing to be governed and the means for translating these discourses into the applied domain. The aim of this thesis has been to contribute to current knowledge by developing a genealogy of the conditions and rationalities that have underpinned the problematisation of homelessness and the homeless. The outcome of this analysis has been to open up the opportunity to consider alternative governmental possibilities arising from the exposure of the way in which contemporary problematisation and responses have been influenced by the past. An understanding of this process creates an ability to appreciate the intended and unintended consequences for the future direction of public policy and contemporary research.

Fraud detection in ERP systems using scenario matching

ERP systems generally implement controls to prevent certain common kinds of fraud. In addition however, there is an imperative need for detection of more sophisticated patterns of fraudulent activity as evidenced by the legal requirement for company audits and the common incidence of fraud. This paper describes the design and implementation of a framework for detecting patterns of fraudulent activity in ERP systems. We include the description of six fraud scenarios and the process of specifying and detecting the occurrence of those scenarios in ERP user log data using the prototype software which we have developed. The test results for detecting these scenarios in log data have been verified and confirm the success of our approach which can be generalized to ERP systems in general.

If it's encrypted it's secure! The viability of US state-based encryption exemptions

US state-based data breach notification laws have unveiled serious corporate and government failures regarding the security of personal information. These laws require organisations to notify persons who may be affected by an unauthorized acquisition of their personal information. Safe harbours to notification exist if personal information is encrypted. Three types of safe harbour have been identified in the literature: exemptions, rebuttable presumptions and factors. The underlying assumption of exemptions is that encrypted personal information is secure and therefore unauthorized access does not pose a risk. However, the viability of this assumption is questionable when examined against data breaches involving encrypted information and the demanding practical requirements of effective encryption management. Recent recommendations by the Australian Law Reform Commission (ALRC) would amend the Privacy Act 1988 (Cth) to implement a data breach scheme that includes a different type of safe harbour, factor based analysis. The authors examine the potential capability of the ALRC’s proposed encryption safe harbour in relation to the US experience at the state legislature level.

Home advantage

This article discusses a house located in Bowen Hills, Brisbane, Queensland, that was designed by its owner, architect Paul Curran of Push. The house features a zinc clad multipurpose structure in front of the living areas that also acts to provide privacy to the house from its busy street.