Securing the commercial internet: Lessons learned in developing a postgraduate course in information security management

This paper describes the inception, planning and first delivery of a security course as part of a postgraduate ecommerce program. The course is reviewed in terms of existing literature on security courses, the common body of knowledge established for security professionals and the job market into which students will graduate. The course described in this paper is a core subject for the e-commerce program. This program was established in 1999 and the first batch of students graduated in 2001. The program is offered at both postgraduate and undergraduate level. The work described here relates to the postgraduate offering. Students on this program are graduates of diverse disciplines and do not have a common e-commerce or business background.

Development of a web-service-agents-based family wealth management system

The roiling financial markets, constantly changing tax law and increasing complexity of planning transaction increase the demand of aggregated family wealth management (FWM) services. However, current trend of developing such advisory systems is mainly focusing on financial or investment side. In addition, these existing systems lack of flexibility and are hard to be integrated with other organizational information systems, such as CRM systems. In this paper, a novel architecture of Web-service-agents-based FWM systems has been proposed. Multiple intelligent agents are wrapped as Web services and can communicate with each other via Web service protocols. On the one hand, these agents can collaborate with each other and provide comprehensive FWM advices. On the other hand, each service can work independently to achieve its own tasks. A prototype system for supporting financial advice is also presented to demonstrate the advances of the proposed Webservice- agents-based FWM system architecture.

Towards a standards-based autonomic context management system

Pervasive computing applications must be sufficiently autonomous to adapt their behaviour to changes in computing resources and user requirements. This capability is known as context-awareness. In some cases, context-aware applications must be implemented as autonomic systems which are capable of dynamically discovering and replacing context sources (sensors) at run-time. Unlike other types of application autonomy, this kind of dynamic reconfiguration has not been sufficiently investigated yet by the research community. However, application-level context models are becoming common, in order to ease programming of context-aware applications and support evolution by decoupling applications from context sources. We can leverage these context models to develop general (i.e., application-independent) solutions for dynamic, run-time discovery of context sources (i.e., context management). This paper presents a model and architecture for a reconfigurable context management system that supports interoperability by building on emerging standards for sensor description and classification.

Identifying critical components during information security evaluations

Electronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device's design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device's design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth.

A power system control scheme based on security visualisation in parameter space

Power system real time security assessment is one of the fundamental modules of the electricity markets. Typically, when a contingency occurs, it is required that security assessment and enhancement module shall be ready for action within about 20 minutes’ time to meet the real time requirement. The recent California black out again highlighted the importance of system security. This paper proposed an approach for power system security assessment and enhancement based on the information provided from the pre-defined system parameter space. The proposed scheme opens up an efficient way for real time security assessment and enhancement in a competitive electricity market for single contingency case

Making Fedora easier to implement with Fez: A free open source content model and workflow management front-end to Fedora

The University of Queensland, Australia has developed Fez, a world-leading user-interface and management system for Fedora-based institutional repositories, which bridges the gap between a repository and users. Christiaan Kortekaas, Andrew Bennett and Keith Webster will review this open source software that gives institutions the power to create a comprehensive repository solution without the hassle..

Aspects of adaptive management of coastal wetlands: Case studies of processes, conservation, restoration, impacts and assessment

Coastal wetlands are dynamic and include the freshwater-intertidal interface. In many parts of the world such wetlands are under pressure from increasing human populations and from predicted sea-level rise. Their complexity and the limited knowledge of processes operating in these systems combine to make them a management challenge.Adaptive management is advocated for complex ecosystem management (Hackney 2000; Meretsky et al. 2000; Thom 2000;National Research Council 2003).Adaptive management identifies management aims,makes an inventory/environmental assessment,plans management actions, implements these, assesses outcomes, and provides feedback to iterate the process (Holling 1978;Walters and Holling 1990). This allows for a dynamic management system that is responsive to change. In the area of wetland management recent adaptive approaches are exemplified by Natuhara et al. (2004) for wild bird management, Bunch and Dudycha (2004) for a river system, Thom (2000) for restoration, and Quinn and Hanna (2003) for seasonal wetlands in California. There are many wetland habitats for which we currently have only rudimentary knowledge (Hackney 2000), emphasizing the need for good information as a prerequisite for effective management. The management framework must also provide a way to incorporate the best available science into management decisions and to use management outcomes as opportunities to improve scientific understanding and provide feedback to the decision system. Figure 9.1 shows a model developed by Anorov (2004) based on the process-response model of Maltby et al. (1994) that forms a framework for the science that underlies an adaptive management system in the wetland context.

Information flow analysis for fail-secure devices

Information security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our method uses reachability matrices to identify potentially undesirable information flows based on the fault modes of the system's components.

Scalable location management for context-aware systems

Location information is commonly used in context-aware applications and pervasive systems. These applications and systems may require knowledge, of the location of users, devices and services. This paper presents a location management system able to gather, process and manage location information from a variety of physical and virtual location sensors. The system scales to the complexity of context-aware applications, to a variety of types and large number of location sensors and clients, and to geographical size of the system. The proposed location management system provides conflict resolution of location information and mechanisms to ensure privacy.