A hierarchical security assessment model for object-oriented programs

We present a hierarchical model for assessing an object-oriented program's security. Security is quantified using structural properties of the program code to identify the ways in which `classified' data values may be transferred between objects. The model begins with a set of low-level security metrics based on traditional design characteristics of object-oriented classes, such as data encapsulation, cohesion and coupling. These metrics are then used to characterise higher-level properties concerning the overall readability and writability of classified data throughout the program. In turn, these metrics are then mapped to well-known security design principles such as `assigning the least privilege' and `reducing the size of the attack surface'. Finally, the entire program's security is summarised as a single security index value. These metrics allow different versions of the same program, or different programs intended to perform the same task, to be compared for their relative security at a number of different abstraction levels. The model is validated via an experiment involving five open source Java programs, using a static analysis tool we have developed to automatically extract the security metrics from compiled Java bytecode.

Australian children's experiences of parents' online mediation

This paper draws on the work of the ‘EU Kids Online’ network funded by the EC (DG Information Society) Safer Internet plus Programme (project code SIP-KEP-321803); see www.eukidsonline.net, and addresses Australian children’s online activities in terms of risk, harm and opportunity. In particular, it draws upon data that indicates that Australian children are more likely to encounter online risks — especially around seeing sexual images, bullying, misuse of personal data and exposure to potentially harmful user-generated content — than is the case with their EU counterparts. Rather than only comparing Australian children with their European equivalents, this paper places the risks experienced by Australian children in the context of the mediation and online protection practices adopted by their parents, and asks about the possible ways in which we might understand data that seems to indicate that Australian children’s experiences of online risk and harm differ significantly from the experiences of their Europe-based peers. In particular, and as an example, this paper sets out to investigate the apparent conundrum through which Australian children appear twice as likely as most European children to have seen sexual images in the past 12 months, but parents are more likely to filter their access to the internet than is the case with most children in the wider EU Kids Online study. Even so, one in four Australian children (25%) believes that what their parents do helps ‘a lot’ to improve their internet experience, and Australian children and their parents are a little less likely to agree about the mediation practices taking place in the family home than is the case in the EU. The AU Kids Online study was carried out as a result of the ARC Centre of Excellence for Creative Industries and Innovation’s funding of a small scale randomised sample (N = 400) of Australian families with at least one child, aged 9–16, who goes online. The report on Risks and safety for Australian children on the internet follows the same format and uses much of the contextual statement around these issues as the ‘county level’ reports produced by the 25 EU nations involved in EU Kids Online, first drafted by Livingstone et al. (2010). The entirely new material is the data itself, along with the analysis of that data.

Kerberos based security system for session initiation protocol

Session Initiation Protocol (SIP) is developed to provide advanced voice services over IP networks. SIP unites telephony and data world, permitting telephone calls to be transmitted over Intranets and Internet. Increase in network performance and new mechanisms for guaranteed quality of service encourage this consolidation to provide toll cost savings. Security comes up as one of the most important issues when voice communication and critical voice applications are considered. Not only the security methods provided by traditional telephony systems, but also additional methods are required to overcome security risks introduced by the public IP networks. SIP considers security problems of such a consolidation and provides a security framework. There are several security methods defined within SIP specifications and extensions. But, suggested methods can not solve all the security problems of SIP systems with various system requirements. In this thesis, a Kerberos based solution is proposed for SIP security problems, including SIP authentication and privacy. The proposed solution tries to establish flexible and scalable SIP system that will provide desired level of security for voice communications and critical telephony applications.

Quality of life in chronic fatigue syndrome

Whilst the debilitating fatigue experienced in patients suffering from Chronic Fatigue Syndrome (CFS) results in a subjective marked impairment in functioning, little research has investigated the impact of this disorder on quality of life. Forty-seven subjects with a confirmed diagnosis of CFS and 30 healthy controls were compared using the Sickness Impact Profile (SIP). A subgroup of subjects were interviewed regarding the impact CFS has had on their social and family relationships, work and recreational activities. Results from both the SIP and the interview revealed that CFS subjects had significantly impaired quality of life, especially in areas of social functioning. These findings highlight the importance of addressing the social isolation and loss of role functioning experienced by CFS sufferers.

Implementation and evaluation of open source unified communications for SMBs

Unified Communication (UC) is the integration of two or more real time communication systems into one platform. Integrating core communication systems into one overall enterprise level system delivers more than just cost saving. These real-time interactive communication services and applications over Internet Protocol (IP) have become critical in boosting employee accessibility and efficiency, improving customer support and fostering business agility. However, some small and medium-sized businesses (SMBs) are far from implementing this solution due to the high cost of initial deployment and ongoing support. In this paper, we will discuss and demonstrate an open source UC solution, viz. “Asterisk” for use by SMBs, and report on some performance tests using SIPp. The contribution from this research is the provision of technical advice to SMBs in deploying UC, which is manageable in terms of cost, ease of deployment and support.