Identifying critical components during information security evaluations

Electronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device's design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device's design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth.

Investigating information requirements for evaluating effectiveness of marine protected areas - Indonesian case studies

Identifying the information needs of managers and other stakeholders is an important first step in designing an evaluation of management effectiveness for marine protected areas (MPAs) that will be relevant to local circumstances and useful for improving management practices. Information requirements for evaluating effectiveness were investigated at two MPAs in Indonesia. Results show that, despite similar management objectives, information needs for evaluation differ between sites and those differences reflect the unique context within which management operates in each case. The scope of information needs at each site covers a broad range of issues including context, planning, resources, processes, outputs, and outcomes. Relevant components of a variety of different evaluation tools will need to be used to satisfy information needs at these sites. Evaluation tools that are based primarily on stated management objectives or the expressed views of a few key stakeholders are unlikely to be very useful for improving management in these cases.

Information flow analysis for fail-secure devices

Information security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our method uses reachability matrices to identify potentially undesirable information flows based on the fault modes of the system's components.