71 resultados para VULNERABILITIES
em Deakin Research Online - Australia
Resumo:
Smartphones are mobile phones that offer processing power and features like personal computers (PC) with the aim of improving user productivity as they allow users to access and manipulate data over networks and Internet, through various mobile applications. However, with such anywhere and anytime functionality, new security threats and risks of sensitive and personal data are envisaged to evolve. With the emergence of open mobile platforms that enable mobile users to install applications on their own, it opens up new avenues for propagating malware among various mobile users very quickly. In particular, they become crossover targets of PC malware through the synchronization function between smartphones and computers. Literature lacks detailed analysis of smartphones malware and synchronization vulnerabilities. This paper addresses these gaps in literature, by first identifying the similarities and differences between smartphone malware and PC malware, and then by investigating how hackers exploit synchronization vulnerabilities to launch their attacks.
Resumo:
Similar to seemingly maladaptive genes in general, the persistence of inherited cancer-causing mutant alleles in populations remains a challenging question for evolutionary biologists. In addition to traditional explanations such as senescence or antagonistic pleiotropy, here we put forward a new hypothesis to explain the retention of oncogenic mutations. We propose that although natural defenses evolve to prevent neoplasm formation and progression thus increasing organismal fitness, they also conceal the effects of cancer-causing mutant alleles on fitness and concomitantly protect inherited ones from purging by purifying selection. We also argue for the importance of the ecological contexts experienced by individuals and/or species. These contexts determine the locally predominant fitness-reducing risks, and hence can aid the prediction of how natural selection will influence cancer outcomes.
Resumo:
Purpose Alcohol-related disorder in Australia’s night-time economy has precipitated an expanding regulatory and legislative framework. A key feature is the growth of police-imposed discretionary justice, one example of which are Victoria’s banning provisions. Banning notices are imposed on-the-spot, may be issued pre-emptively, but permit no right of independent appeal. However, there has been little analysis of the enactment, implementation or use of police-imposed banning provisions. The paper aims to discuss these issues.
Design/methodology/approach This paper draws upon a detailed examination of the record of parliamentary debate of the banning notice legislation to document how the provisions, and their embedded procedural vulnerabilities, were legitimised. In addition, an analysis of Victoria Police data informs consideration of the ongoing scrutiny of the police power to ban.
FindingsThe absolute discretion afforded to police officers, and a lack of effective oversight, has created the potential for the disproportionate and discriminatory implementation of Victoria’s banning notice powers. The findings highlight procedural vulnerabilities within the provisions, and concern regarding the particular risk of banning notices for vulnerable recipients.
Research limitations/implications The nature of Victoria’s banning provisions created the circumstances for their inequitable imposition, but public scrutiny of their use and effect is limited. Omissions and deficiencies in the published data restricts meaningful analysis of how banning works in practice.
Originality/value The research underpinning this paper was the first detailed examination of the implementation and ongoing scrutiny of Victoria’s banning notice provisions. The findings presented in this paper highlight key procedural vulnerabilities resulting from the passage of the legislation and the absence of effective oversight.
Resumo:
Together, outdoor education and bush adventure therapy can be seen to constitute a population-wide health intervention strategy. Whether in educational or therapeutic settings, the intentional use of contact with nature, small groups, and adventure provides a unique approach in the promotion of health and wellbeing for the general population, and for individuals with identified health vulnerabilities. This paper explicitly emphasises human and social health, however, an integral assumption is that a healthy and sustainable environment is dependent on healthy human relationships with nature. We invite outdoor educators and bush adventure therapy practitioners to examine the proposition that healthy interactions with nature can create a unique stream of socio-ecological interventions. A spectrum of outdoor adventure programs is provided, allowing outdoor educators and bush adventure therapy practitioners to locate their work according to program context and aims, and participant aims and needs.
Resumo:
Recent research by a team from Deakin University explored the health and wellbeing benefits of civic environmentalism – voluntary communal actions undertaken to promote ecosystem sustainability, typified by membership of a ‘friends of parks’ group. The research confirmed what was known intuitively: that belonging to such a group and undertaking the activities associated with such a group exposes people not only to the benefits of the natural environment, but also to other people and to opportunities to make a contribution which is socially valued.
On the basis of those findings, a pilot project involving intentional engagement of people suffering depression and related disorders in supported nature-based activities in a woodland environment is being implemented and evaluated. This article reports on that project and discusses the implications of its findings to date, and the findings of the three earlier projects, both for urban woodland/forest managers and for the health sector.
As this contribution indicates, there appears to be potential for the use of civic environmentalism to promote health, wellbeing and social connectedness for individuals and the wider population, as well as for groups with identified health vulnerabilities. However, the realization of the benefits of such an approach will be dependent on co-operation between the environment and health sectors to create and promote opportunities for increased civic environmentalism, and to identify and address the barriers to their effective use.
Resumo:
In an environment where commercial software is continually patched to correct security flaws, penetration testing can provide organisations with a realistic assessment of their security posture. Penetration testing uses the same principles as criminal hackers to penetrate corporate networks and thereby verify the presence of software vulnerabilities. Network administrators can use the results of a penetration test to correct flaws and improve overall security. The use of hacking techniques, however, raises several ethical questions that centre on the integrity of the tester to maintain professional distance and uphold the profession. This paper discusses the ethics of penetration testing and presents our conceptual model and revised taxonomy.
Resumo:
With information warfare (IW) becoming a reality, the need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. With the shift from computer security to information warfare, logical transformation models (LTMS) were looked at as a solution to quantifying information system requirements. The paper will introduce the concepts involved with fourth generational models and it's application to IW. The basic advantages and disadvantages will also be discussed and presented.
Resumo:
Supply chains are increasingly relying on information and communications technologies and in particular electronic commerce to facilitate transactions between supply chain partners. The adoption of these enabling technologies brings several enhancements to the conduct of business including gains in efficiency. However there are also drawbacks inherent in these technologies that include threats that are imposed on businesses that use them. This paper presents a study on retail supply chains and the risks and vulnerabilities that cooperating supply chain partners are exposed to when adopting these technologies. In particular, the paper discusses the various threats and vulnerabilities of retail supply and presents a conceptual model of such risks.
Resumo:
Wilh the protection of critical information infrastructure becoming a priority for all levels of management. there is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. The fourth generation security risk analysis melhod which copes wilh the shift from computer/information security to critical information iinfrastructure protectionl is lhe next step toward handling security risk at all levels. The paper will present the methodology of
fourth generation models and their application to critical information infrastructure protection and the associated advantagess of this methodology.
Resumo:
Critical Information Infrastructure (CII) has become a priority for all levels of management, It is one of the key components of efficient business and business continuity plans. There is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. Critical Information Infrastructure Protection - Risk Analysis Methodology
(ClIP-RAM), is a new security risk analysis method which copes with the shift from computer/information security to critical information infrastructure protection. This type of methodology is the next step toward handling information technology security risk at all levels from upper management information security down to firewall configurations. The paper will present the methodology of the new techniques and their application to critical information infrastructure protection. The associated advantages of this methodology will also be discussed.
Resumo:
The integration of supply chains offers many benefits; yet, it may also render organisations more vulnerable to electronic fraud (e-fraud). E-fraud can drain on organisations’ financial resources, and can have a significant adverse effect on the ability to achieve their strategic objectives. Therefore, efraud control should be part of corporate board-level due diligence, and should be integrated into organisations’ practices and business plans.
Management is responsible for taking into consideration the relevant cultural, strategic and implementation elements that inter-relate with each other and to coordinating the human, technological and financial resources necessary to designing and implementing policies and procedures for controlling e-fraud. Due to the characteristics of integrated supply chains, a move from the traditional vertical approach to a systemic, horizontal-vertical approach is necessary. Although the e-fraud risk cannot be eliminated, risk mitigation policies and processes tailored to an organisation’s particular vulnerabilities can significantly reduce the risk and may even preclude certain classes of frauds.
In this paper, a conceptual framework of e-fraud control in an integrated supply chain is proposed. The proposed conceptual framework can help managers and practitioners better understand the issues and plan the activities involved in a systemic, horizontal-vertical approach to e-fraud control in an integrated supply chain, and can be a basis upon which empirical studies can be build.
Resumo:
The dynamic nature of threats and vulnerabilities within the E-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, E-business security has to become proactive, by reviewing and continuously improving security to strengthen E-business security measures and policies. This can be achieved through benchmarking the security measures and policies utilised within the Ebusiness, against recognised information technology (IT) and information security (IS) security standards.
