905 resultados para Weaknesses
Resumo:
The purpose of this paper is to introduce the concept of hydraulic damage and its numerical integration. Unlike the common phenomenological continuum damage mechanics approaches, the procedure introduced in this paper relies on mature concepts of homogenization, linear fracture mechanics, and thermodynamics. The model is applied to the problem of fault reactivation within resource reservoirs. The results show that propagation of weaknesses is highly driven by the contrasts of properties in porous media. In particular, it is affected by the fracture toughness of host rocks. Hydraulic damage is diffused when it takes place within extended geological units and localized at interfaces and faults.
Resumo:
This paper surveys the practical benefits and drawbacks of several identity-based encryption schemes based on bilinear pairings. After providing some background on identity-based cryptography, we classify the known constructions into a handful of general approaches. We then describe efficient and fully secure IBE and IBKEM instantiations of each approach, with reducibility to practice as the main design parameter. Finally, we catalogue the strengths and weaknesses of each construction according to a few theoretical and many applied comparison criteria.
Resumo:
WG-7 is a stream cipher based on WG stream cipher and has been designed by Luo et al. (2010). This cipher is designed for low cost and lightweight applications (RFID tags and mobile phones, for instance). This paper addresses cryptographic weaknesses of WG-7 stream cipher. We show that the key stream generated by WG-7 can be distinguished from a random sequence after knowing 213.5 keystream bits and with a negligible error probability. Also, we investigate the security of WG-7 against algebraic attacks. An algebraic key recovery attack on this cipher is proposed. The attack allows to recover both the internal state and the secret key with the time complexity about 2/27.
Resumo:
Numeric set watermarking is a way to provide ownership proof for numerical data. Numerical data can be considered to be primitives for multimedia types such as images and videos since they are organized forms of numeric information. Thereby, the capability to watermark numerical data directly implies the capability to watermark multimedia objects and discourage information theft on social networking sites and the Internet in general. Unfortunately, there has been very limited research done in the field of numeric set watermarking due to underlying limitations in terms of number of items in the set and LSBs in each item available for watermarking. In 2009, Gupta et al. proposed a numeric set watermarking model that embeds watermark bits in the items of the set based on a hash value of the items’ most significant bits (MSBs). If an item is chosen for watermarking, a watermark bit is embedded in the least significant bits, and the replaced bit is inserted in the fractional value to provide reversibility. The authors show their scheme to be resilient against the traditional subset addition, deletion, and modification attacks as well as secondary watermarking attacks. In this paper, we present a bucket attack on this watermarking model. The attack consists of creating buckets of items with the same MSBs and determine if the items of the bucket carry watermark bits. Experimental results show that the bucket attack is very strong and destroys the entire watermark with close to 100% success rate. We examine the inherent weaknesses in the watermarking model of Gupta et al. that leave it vulnerable to the bucket attack and propose potential safeguards that can provide resilience against this attack.
Resumo:
RC4(n, m) is a stream cipher based on RC4 and is designed by G. Gong et al. It can be seen as a generalization of the famous RC4 stream cipher designed by Ron Rivest. The authors of RC4(n, m) claim that the cipher resists all the attacks that are successful against the original RC4. The paper reveals cryptographic weaknesses of the RC4(n, m) stream cipher. We develop two attacks. The first one is based on non-randomness of internal state and allows to distinguish it from a truly random cipher by an algorithm that has access to 24·n bits of the keystream. The second attack exploits low diffusion of bits in the KSA and PRGA algorithms and recovers all bytes of the secret key. This attack works only if the initial value of the cipher can be manipulated. Apart from the secret key, the cipher uses two other inputs, namely, initial value and initial vector. Although these inputs are fixed in the cipher specification, some applications may allow the inputs to be under the attacker control. Assuming that the attacker can control the initial value, we show a distinguisher for the cipher and a secret key recovery attack that for the L-bit secret key, is able to recover it with about (L/n) · 2n steps. The attack has been implemented on a standard PC and can reconstruct the secret key of RC(8, 32) in less than a second.
Resumo:
Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs. Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87. If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 2 54.
Resumo:
This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)
Resumo:
Indigenous Australian visual art is an outstanding case of the dynamics of globalization and its intersection with the hyper-local wellsprings of cultural expression, and of the strengths and weaknesses of state, philanthropic and commercial backing for cultural production and dissemination. The chapter traces the development of the international profile of Indigenous ‘dot’ art – a traditional symbolic art form from the Western Desert – as ‘high-end’ visual art, and its positioning within elite markets and finance supported by key international brokers, collectors and philanthropists.
Resumo:
This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.
Resumo:
This research analyses the extent of damage to buildings in Brisbane, Ipswich and Grantham during the recent Eastern Australia flooding and explore the role planning and design/construction regulations played in these failures. It highlights weaknesses in the current systems and propose effective solutions to mitigate future damage and financial loss under current or future climates. 2010 and early 2011 saw major flooding throughout much of Eastern Australia. Queensland and Victoria were particularly hard hit, with insured losses in these states reaching $2.5 billion and many thousands of homes inundated. The Queensland cities of Brisbane and Ipswich were the worst affected; around two-thirds of all inundated property/buildings were in these two areas. Other local government areas to record high levels of inundation were Central Highlands and Rockhampton Regional Councils in Queensland, and Buloke, Campaspe, Central Gold Fields and Loddon in Victoria. Flash flooding was a problem in a number of Victorian councils, but the Lockyer Valley west of Ipswich suffered the most extensive damage with 19 lives lost and more than 100 homes completely destroyed. In all more than 28,000 properties were inundated in Queensland and around 2,500 buildings affected in Victoria. Of the residential properties affected in Brisbane, around 90% were in areas developed prior to the introduction of floodplain development controls, with many also suffering inundation during the 1974 floods. The project developed a predictive model for estimating flood loss and occupant displacement. This model can now be used for flood risk assessments or rapid assessment of impacts following a flood event.
Resumo:
In this paper we discuss the strengths and weaknesses of a range of artificial intelligence approaches used in legal domains. Symbolic reasoning systems which rely on deductive, inductive and analogical reasoning are described and reviewed. The role of statistical reasoning in law is examined, and the use of neural networks analysed. There is discussion of architectures for, and examples of, systems which combine a number of these reasoning strategies. We conclude that to build intelligent legal decision support systems requires a range of reasoning strategies.
Resumo:
Conceptual modeling is an important tool for understanding and revealing weaknesses of business processes. Yet, the current practice in reengineering projects often considers simply the as-is process model as a brain-storming tool. This approach heavily relies on the intuition of the participants and misses a clear description of the quality requirements. Against this background, we identify four generic quality categories of business process quality, and populate them with quality requirements from related research. We refer to the resulting framework as the Quality of Business Process (QoBP) framework. Furthermore, we present the findings from applying the QoBP framework in a case study with a major Australian bank, showing that it helps to systematically fill the white space between as-is and to-be process modeling.
Resumo:
Purpose The paper aims to evaluate the knowledge-based urban development (KBUD) dynamics of a rapidly emerging knowledge city-region, Tampere region, Finland. Design/methodology/approach The paper empirically investigates Tampere region’s development achievements and progress from the knowledge perspective. Findings The research, through qualitative and quantitative analyses, reveals the regional development strengths, weaknesses, opportunities and threats of Tampere region. Originality/value The paper provides useful suggestions based on the lessons learned from the Tampere case investigation that could shed light on the KBUD journey of city-regions.
Resumo:
Background Family child care homes (FCCHs) are the second-largest provider of nonrelative care in the U.S. However, despite providing care for nearly 1.9 million children aged <5 years, little is known about the nutrition and physical activity practices of FCCHs. Purpose To address this gap, this study aims to describe policies and practices related to nutrition and physical activity in a representative sample of FCCHs. Methods A stratified random sample of registered FCCHs operating in Kansas (N=297) completed the Nutrition and Physical Activity Self Assessment for Child Care (NAPSACC) instrument. Prevalence estimates and 95% CIs for meeting or exceeding accepted child care standards were calculated using SAS PROC SURVEYFREQ. Results Most providers either met or exceeded child care standards related to serving fruit and vegetables and provision of daily physical activity. Very few providers reported serving fried meats or vegetables or unhealthy snack foods on a regular basis. Areas of concern included infrequent servings of low-fat milk, frequent use of unhealthy foods for celebrations, widespread use of TV and video games throughout the day, restricting physical activity for children who misbehave, and lack of appropriate indoor spaces for physical activity. Only a small percentage of providers reported receiving regular training in nutrition or physical activity. Relatively few providers had written guidelines on nutrition or physical activity. Conclusions Some strengths were exhibited by FCCHs, but substantial weaknesses were shown with respect to meeting established child care standards for nutrition and physical activity. Interventions to promote healthy eating and regular physical activity in FCCHs are thus warranted.
Resumo:
This chapter investigates a variety of water quality assessment tools for reservoirs with balanced/unbalanced monitoring designs and focuses on providing informative water quality assessments to ensure decision-makers are able to make risk-informed management decisions about reservoir health. In particular, two water quality assessment methods are described: non-compliance (probability of the number of times the indicator exceeds the recommended guideline) and amplitude (degree of departure from the guideline). Strengths and weaknesses of current and alternative water quality methods will be discussed. The proposed methodology is particularly applicable to unbalanced designs with/without missing values and reflects the general conditions and is not swayed too heavily by the occasional extreme value (very high or very low quality). To investigate the issues in greater detail, we use as a case study, a reservoir within South-East Queensland (SEQ), Australia. The purpose here is to obtain an annual score that reflected the overall water quality, temporally, spatially and across water quality indicators for each reservoir.
