Responding to terrorism through networks at sites of critical infrastructure : a case study of Australian airport security networks

The importance of effective multilateral security networks is widely recognised in Australia and internationally as being essential to facilitate the large-scale sharing of information required to respond to the threat of terrorism. Australian national security agencies are currently constructing networks in order to bring the diverse national and international security agencies together to achieve this. This paper examines this process of security network formation in the area of critical infrastructure protection, with particular emphasis on airport security. We address the key issues and factors shaping network formation and the dynamics involved in network practice. These include the need for the networks to extend membership beyond the strictly defined elements of national security; the integration of public and private ‘nodes’ in counter-terrorism ‘networks’; and the broader ‘responsibilisation’ of the private sector and the challenges with ‘enabling’ them in counter-terrorism networks. We argue that the need to integrate public and private agencies in counter-terrorism networks is necessary but faces considerable organisational, cultural, and legal barriers.

Airport and air cargo operation systems

Analysis of airport and air cargo operations is commonly performed in isolation, sharing only simple information such as flight schedules. Systems theory and Systems methodology can enhance such analysis by considering all aspects of air operations. It provides the decision-maker with an improved understanding of the implication of policy decisions, resource allocations and infrastructure investment strategies, through the capture of emergent behaviours and interdependencies. For example, the term airport operations, initially reminds us of the thought of passengers being transported by aircraft. Deeper thinking would identify activities that affect passenger operations, such as baggage handling systems, aircraft maintenance, and passenger security. In reality, airport operations consist of numerous aspects, including; concourses, runways, airlines, fuel depots, cargo terminal operators, retail, parking, cleaning, catering and many interacting people including travellers, service providers and visitors. For the airport to function effectively, these numerous systems must work together. This talk will focus on new tools and methodologies that are required for model development and analysis. It will then focus on modelling, simulation and analysis of the airport operations, providing greater understanding of airport operation with an emphasis towards security.

A national information infrastructure model for information warfare defence

Information infrastructures are an eclectic mix of open and closed networks, private and public systems, the Internet, and government, military, and civilian organisations. Significant efforts are required to provide infrastructure protection, increase cooperation between sectors, and identify points of responsibility. The threats to infrastructures are many and various, and are increasing daily: information warfare, hackers, terrorists, criminals, activists, and even competing organisations all pose significant threats that cannot be sufficiently dealt with using the current infrastructure model. We present a National Information Infrastructure model that is based on defence against threats such as information warfare.

Robust parallel job scheduling infrastructure for service-oriented grid computing systems

Recent trends in grid computing development is moving towards a service-oriented architecture. With the momentum gaining for the service-oriented grid computing systems, the issue of deploying support for integrated scheduling and fault-tolerant approaches becomes paramount importance. To this end, we propose a scalable framework that loosely couples the dynamic job scheduling approach with the hybrid replications approach to schedule jobs efficiently while at the same time providing fault-tolerance. The novelty of the proposed framework is that it uses passive replication approach under high system load and active replication approach under low system loads. The switch between these two replication methods is also done dynamically and transparently.

Safeguard information infrastructure against DDoS attacks: experiments and modeling

Nowadays Distributed Denial of Service (DDoS) attacks have made one of the most serious threats to the information infrastructure. In this paper we firstly present a new filtering approach, Mark-Aided Distributed Filtering (MADF), which is to find the network anomalies by using a back-propagation neural network, deploy the defense system at distributed routers, identify and filtering the attack packets before they can reach the victim; and secondly propose an analytical model for the interactions between DDoS attack party and defense party, which allows us to have a deep insight of the interactions between the attack and defense parties. According to the experimental results, we find that MADF can detect and filter DDoS attack packets with high sensitivity and accuracy, thus provide high legitimate traffic throughput and low attack traffic throughput. Through the comparison between experiments and numerical results, we also demonstrate the validity of the analytical model that can precisely estimate the effectiveness of a DDoS defense system before it encounters different attacks.

Grid accounting service infrastructure for service-oriented grid computing systems

In this paper, we propose an architecture of accounting and payment services for service-oriented grid computing systems. The proposed accounting and payment services provide the mechanisms for service providers to be paid for authorized use of their resources. It supports the recording of usage data, secure storage of that data, analysis of that data for purposes of billing and so forth. It allows a variety of payment methods, it is scalable, secure, convenient, and reduce the overall cost of payment processing while taking into account requirements of Grid computing systems.

Security management : modelling critical infrastructure

Secure management of Australia's commercial critical infrastructure presents ongoing challenges to owners and the government. Currently a high-level iriformation sharing collaboration between the government and business manages complex security issues, but critical irifrastructure protection also lacks a scalable model exhibiting the overall structure of critical infrastructure at various levels, sectors and sub-sectors. This research builds on the work of Marasea and Warren (2003) to establish a representative model of Australia's critical irifrastructure; discusses the boundaries between critical infrastructures, and considers the existence andpotential irifluence ofcritical irifrastructure relationships.

Information security, cyber crime, and infrastructure protection : information security management within Australian healthcare organisations

Information security is now recognised as critical factor within the healthcare industry. With the gradual move from paper -based to electronic information there is an even greater need for protection. However, financial and operational constraints often exist which influence the practicality of developing a secure system. A new baseline security standard, the Health Information Security Management Implementation Guide, has been drafted which applies specifically to the unique information security requirements of the healthcare industry. The aim of this paper is to look at the effectiveness of the health information security standard and the development of information security within the Australian healthcare industry.

A review of critical information infrastructure protection within IT security guidelines

This research takes the form of a review and looks at the current advisories offered to informationl security professionals in Ihe area of critical information infrastructure protection A critical information infrastructure protection mode! is also presented along with a critical review of some of lhe recent formal guidance that has been offered. The Critical lnformation Infrastructure Protection - Risk Analysis-Methodology (CIlP-RAM) is then offered as a solution to the lack of information and advice.

CIIP-RAM - a step-wise security risk analysis methodology for critical information infrastructure protection

Wilh the protection of critical information infrastructure becoming a priority for all levels of management. there is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. The fourth generation security risk analysis melhod which copes wilh the shift from computer/information security to critical information iinfrastructure protectionl is lhe next step toward handling security risk at all levels. The paper will present the methodology of
fourth generation models and their application to critical information infrastructure protection and the associated advantagess of this methodology.

Data infrastructure for evidence-based local government policy

This paper outlines an approach for collecting and integrating data useful for evidence based planning and decision making in the not-for-profit sector, in particular for local government policy and planning. Given the methodological advances in multi-level analysis and the nature of rigorous policy analysis, leading academics and practitioners are advocating that policy driven research to be undertaken at a number of levels of analysis. Recent years have brought an explosion of public domain data in many aspects of social, economic and cultural aspects of society (cites and examples) and with this comes the opportunity, as outlined here, to integrate relevant public domain data in order to construct community profiles for local government areas in Victoria.