868 resultados para public integrity verification
em Queensland University of Technology - ePrints Archive
Resumo:
Literally, the word compliance suggests conformity in fulfilling official requirements. The thesis presents the results of the analysis and design of a class of protocols called compliant cryptologic protocols (CCP). The thesis presents a notion for compliance in cryptosystems that is conducive as a cryptologic goal. CCP are employed in security systems used by at least two mutually mistrusting sets of entities. The individuals in the sets of entities only trust the design of the security system and any trusted third party the security system may include. Such a security system can be thought of as a broker between the mistrusting sets of entities. In order to provide confidence in operation for the mistrusting sets of entities, CCP must provide compliance verification mechanisms. These mechanisms are employed either by all the entities or a set of authorised entities in the system to verify the compliance of the behaviour of various participating entities with the rules of the system. It is often stated that confidentiality, integrity and authentication are the primary interests of cryptology. It is evident from the literature that authentication mechanisms employ confidentiality and integrity services to achieve their goal. Therefore, the fundamental services that any cryptographic algorithm may provide are confidentiality and integrity only. Since controlling the behaviour of the entities is not a feasible cryptologic goal,the verification of the confidentiality of any data is a futile cryptologic exercise. For example, there exists no cryptologic mechanism that would prevent an entity from willingly or unwillingly exposing its private key corresponding to a certified public key. The confidentiality of the data can only be assumed. Therefore, any verification in cryptologic protocols must take the form of integrity verification mechanisms. Thus, compliance verification must take the form of integrity verification in cryptologic protocols. A definition of compliance that is conducive as a cryptologic goal is presented as a guarantee on the confidentiality and integrity services. The definitions are employed to provide a classification mechanism for various message formats in a cryptologic protocol. The classification assists in the characterisation of protocols, which assists in providing a focus for the goals of the research. The resulting concrete goal of the research is the study of those protocols that employ message formats to provide restricted confidentiality and universal integrity services to selected data. The thesis proposes an informal technique to understand, analyse and synthesise the integrity goals of a protocol system. The thesis contains a study of key recovery,electronic cash, peer-review, electronic auction, and electronic voting protocols. All these protocols contain message format that provide restricted confidentiality and universal integrity services to selected data. The study of key recovery systems aims to achieve robust key recovery relying only on the certification procedure and without the need for tamper-resistant system modules. The result of this study is a new technique for the design of key recovery systems called hybrid key escrow. The thesis identifies a class of compliant cryptologic protocols called secure selection protocols (SSP). The uniqueness of this class of protocols is the similarity in the goals of the member protocols, namely peer-review, electronic auction and electronic voting. The problem statement describing the goals of these protocols contain a tuple,(I, D), where I usually refers to an identity of a participant and D usually refers to the data selected by the participant. SSP are interested in providing confidentiality service to the tuple for hiding the relationship between I and D, and integrity service to the tuple after its formation to prevent the modification of the tuple. The thesis provides a schema to solve the instances of SSP by employing the electronic cash technology. The thesis makes a distinction between electronic cash technology and electronic payment technology. It will treat electronic cash technology to be a certification mechanism that allows the participants to obtain a certificate on their public key, without revealing the certificate or the public key to the certifier. The thesis abstracts the certificate and the public key as the data structure called anonymous token. It proposes design schemes for the peer-review, e-auction and e-voting protocols by employing the schema with the anonymous token abstraction. The thesis concludes by providing a variety of problem statements for future research that would further enrich the literature.
Resumo:
Georgia’s ‘National Integrity Systems’ are the institutions, laws, procedures, practices and attitudes that encourage and support integrity in the exercise of power in modern Georgian society. Integrity systems function to ensure that power is exercised in a manner that is true to the values, purposes and duties for which that power is entrusted to, or held by, institutions and individual office-holders. This report presents the results of the Open Society Institute / Open Society – Georgia Foundation funded project Georgian National Integrity Systems Assessment (GNISA), conducted in 2005–2006 by Caucasus Institute for Peace, Democracy and Development, Transparency International Georgia, Georgian Young Lawyers Association, in close cooperation with Griffith University Institute for Ethics, Governance and Law (Australia), and Tiri Group (UK), into how different elements of integrity systems interact, which combinations of institutions and reforms make for a strong integrity system, and how Georgia’s integrity systems should evolve to ensure coherence, not chaos in the way public integrity is maintained. Nevertheless all participants of the research may not share some conclusions given in the GNISA report.
Resumo:
The primary goal of the Vehicular Ad Hoc Network (VANET) is to provide real-time safety-related messages to motorists to enhance road safety. Accessing and disseminating safety-related information through the use of wireless communications technology in VANETs should be secured, as motorists may make critical decisions in dealing with an emergency situation based on the received information. If security concerns are not addressed in developing VANET systems, an adversary can tamper with, or suppress, the unprotected message to mislead motorists to cause traffic accidents and hazards. Current research on secure messaging in VANETs focuses on employing the certificate-based Public Key Infrastructure (PKI) scheme to support message encryption and digital signing. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This thesis has proposed a novel public key verification and management approach for VANETs; namely, the Public Key Registry (PKR) regime. Compared to the VANET PKI scheme, this new approach can satisfy necessary security requirements with improved performance and scalability, and at a lower cost by reducing the security overheads of message transmission and eliminating digital certificate deployment and maintenance issues. The proposed PKR regime consists of the required infrastructure components, rules for public key management and verification, and a set of interactions and associated behaviours to meet these rule requirements. This is achieved through a system design as a logic process model with functional specifications. The PKR regime can be used as development guidelines for conforming implementations. An analysis and evaluation of the proposed PKR regime includes security features assessment, analysis of the security overhead of message transmission, transmission latency, processing latency, and scalability of the proposed PKR regime. Compared to certificate-based PKI approaches, the proposed PKR regime can maintain the necessary security requirements, significantly reduce the security overhead by approximately 70%, and improve the performance by 98%. Meanwhile, the result of the scalability evaluation shows that the latency of employing the proposed PKR regime stays much lower at approximately 15 milliseconds, whether operating in a huge or small environment. It is therefore believed that this research will create a new dimension to the provision of secure messaging services in VANETs.
Resumo:
Encouraging Ethics and Preventing Corruption brings theory and practice together in addressing the question: How are we to be ethical in public life and through public institutions? It is a major contribution to public sector ethics within Australia and internationally because it provides an exhaustive analysis of reform across a decade in one jurisdiction, Queensland, and then proceeds to itemise a best practice integrity system or ethics regime. Drawing on the extensive research of two of Australia's leading practical ethicists, this text is essential reading for all students and practitioners of applied and professional ethics in the public sphere. Part A of the text provides a preferred theoretical and conceptual framework which both justifies and guides the development of a public sector ethics regime. Part B examines the place of the individual within a world of institutional ethics. Part C outlines the Queensland governance reforms introduced since 1989 following the Fitzgerald Inquiry which exposed corruption in the police and ministry. The final chapter, the 'Epilogue', gathers the insights of earlier chapters and suggests a more explicitly ethics-centred approach to governance reform that may take us 'beyond best practice'. Clearly, while it is the Australian context we have in mind, we are confident that this is a text which addresses the quest for integrity and ethics in government wherever society is committed to social and liberal democratic ideals.
Resumo:
We describe the design and implementation of a public-key platform, secFleck, based on a commodity Trusted Platform Module (TPM) chip that extends the capability of a standard node. Unlike previous software public-key implementations this approach provides E- Commerce grade security; is computationally fast, energy efficient; and has low financial cost — all essential attributes for secure large-scale sen- sor networks. We describe the secFleck message security services such as confidentiality, authenticity and integrity, and present performance re- sults including computation time, energy consumption and cost. This is followed by examples, built on secFleck, of symmetric key management, secure RPC and secure software update.
Resumo:
Communication security for wireless sensor networks (WSN) is a challenge due to the limited computation and energy resources available at nodes. We describe the design and implementation of a public-key (PK) platform based on a standard Trusted Platform Module (TPM) chip that extends the capability of a standard node. The result facilitates message security services such as confidentiality, authenticity and integrity. We present results including computation time, energy consumption and cost.
Resumo:
Tony Fitzgerald’s visionary leap was to see beyond localised, individual wrongdoing. He suggested remedies that were systemic, institutionalised, and directed at underlying structural problems that led to corruption. His report said ‘the problems with which this Inquiry is concerned are not merely associated with individuals, but are institutionalized and related to attitudes which have become entrenched’ (Fitzgerald Report 1989, 13). His response was to suggest an enmeshed system of measures to not only respond reactively to future corruption, but also to prevent its recurrence through improved integrity systems. In the two decades since that report the primary focus of corruption studies and anti-corruption activism has remained on corruption at the local level or within sovereign states. International activism was largely directed at co-ordinating national campaigns and to use international instruments to make these campaigns more effective domestically. This reflects the broader fact that, since the rise of the nation state, states have comprised the majority of the largest institutional actors and have been the most significant institution in the lives of most individuals. This made states the ‘main game in town’ for the ‘governance disciplines’ of ethics, law, political science and economics.
Resumo:
The major purpose of Vehicular Ad Hoc Networks (VANETs) is to provide safety-related message access for motorists to react or make a life-critical decision for road safety enhancement. Accessing safety-related information through the use of VANET communications, therefore, must be protected, as motorists may make critical decisions in response to emergency situations in VANETs. If introducing security services into VANETs causes considerable transmission latency or processing delays, this would defeat the purpose of using VANETs to improve road safety. Current research in secure messaging for VANETs appears to focus on employing certificate-based Public Key Cryptosystem (PKC) to support security. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes an efficient public key management system for VANETs: the Public Key Registry (PKR) system. Not only does this paper demonstrate that the proposed PKR system can maintain security, but it also asserts that it can improve overall performance and scalability at a lower cost, compared to the certificate-based PKC scheme. It is believed that the proposed PKR system will create a new dimension to the key management and verification services for VANETs.
Resumo:
Over the last century, environmental and occupational medicine has played a significant role in the protection and improvement of public health. However, scientific integrity in this field has been increasingly threatened by pressure from some industries and governments. For example, it has been reported that the tobacco industry manipulated eminent scientists to legitimise their industrial positions, irresponsibly distorted risk and deliberately subverted scientific processes, and influenced many organisations in receipt of tobacco funding. Many environmental whistleblowers were sued and encountered numerous personal attacks. In some countries, scientific findings have been suppressed and distorted, and scientific advisory committees manipulated for political purposes by government agencies. How to respond to these threats is an important challenge for environmental and occupational medicine professionals and their societies. The authors recommend that professional organisations adopt a code of ethics that requires openness from public health professionals; that they not undertake research or use data where they do not have freedom to publish their results if these data have public health implications; that they disclose all possible conflicts; that the veracity of their research results should not be compromised; and that their research independence be protected through professional and legal support. The authors furthermore recommend that research funding for public health not be directly from the industry to the researcher. An independent, intermediate funding scheme should be established to ensure that there is no pressure to analyse data and publish results in bad faith. Such a funding system should also provide equal competition for funds and selection of the best proposals according to standard scientific criteria.
Resumo:
This paper examines some of the central global ethical and governance challenges of climate change and carbon emis-sions reduction in relation to globalization, the “global financial crisis” (GFC), and unsustainable conceptions of the “good life”, and argues in favour of the development of a global carbon “integrity system”. It is argued that a funda-mental driver of our climate problems is the incipient spread of an unsustainable Western version of the “good life”, where resource-intensive, high-carbon western lifestyles, although frequently criticized as unsustainable and deeply unsatisfying, appear to have established an unearned ethical legitimacy. While the ultimate solution to climate change is the development of low carbon lifestyles, the paper argues that it is also important that economic incentives support and stimulate that search: the sustainable versions of the good life provide an ethical pull, whilst the incentives provide an economic push. Yet, if we are going to secure sustainable low carbon lifestyles, it is argued, we need more than the ethical pull and the economic push. Each needs to be institutionalized—built into the governance of global, regional, national, sub-regional, corporate and professional institutions. Where currently weakness in each exacerbates the weaknesses in others, it is argued that governance reform is required in all areas supporting sustainable, low carbon versions of the good life.
Resumo:
Current research in secure messaging for Vehicular Ad hoc Networks (VANETs) appears to focus on employing a digital certificate-based Public Key Cryptosystem (PKC) to support security. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes a non-certificate-based public key management for VANETs. A comprehensive evaluation of performance and scalability of the proposed public key management regime is presented, which is compared to a certificate-based PKC by employing a number of quantified analyses and simulations. Not only does this paper demonstrate that the proposal can maintain security, but it also asserts that it can improve overall performance and scalability at a lower cost, compared to the certificate-based PKC. It is believed that the proposed scheme will add a new dimension to the key management and verification services for VANETs.
