736 resultados para Security.
Resumo:
Protection of passwords used to authenticate computer systems and networks is one of the most important application of cryptographic hash functions. Due to the application of precomputed memory look up attacks such as birthday and dictionary attacks on the hash values of passwords to find passwords, it is usually recommended to apply hash function to the combination of both the salt and password, denoted salt||password, to prevent these attacks. In this paper, we present the first security analysis of salt||password hashing application. We show that when hash functions based on the compression functions with easily found fixed points are used to compute the salt||password hashes, these hashes are susceptible to precomputed offline birthday attacks. For example, this attack is applicable to the salt||password hashes computed using the standard hash functions such as MD5, SHA-1, SHA-256 and SHA-512 that are based on the popular Davies-Meyer compression function. This attack exposes a subtle property of this application that although the provision of salt prevents an attacker from finding passwords, salts prefixed to the passwords do not prevent an attacker from doing a precomputed birthday attack to forge an unknown password. In this forgery attack, we demonstrate the possibility of building multiple passwords for an unknown password for the same hash value and salt. Interestingly, password||salt (i.e. salts suffixed to the passwords) hashes computed using Davies-Meyer hash functions are not susceptible to this attack, showing the first security gap between the prefix-salt and suffix-salt methods of hashing passwords.
Resumo:
We present an approach for detecting sensor spoofing attacks on a cyber-physical system. Our approach consists of two steps. In the first step, we construct a safety envelope of the system. Under nominal conditions (that is, when there are no attacks), the system always stays inside its safety envelope. In the second step, we build an attack detector: a monitor that executes synchronously with the system and raises an alarm whenever the system state falls outside the safety envelope. We synthesize safety envelopes using a modified machine learning procedure applied on data collected from the system when it is not under attack. We present experimental results that show effectiveness of our approach, and also validate the several novel features that we introduced in our learning procedure.
Resumo:
Preface The 9th Australasian Conference on Information Security and Privacy (ACISP 2004) was held in Sydney, 13–15 July, 2004. The conference was sponsored by the Centre for Advanced Computing – Algorithms and Cryptography (ACAC), Information and Networked Security Systems Research (INSS), Macquarie University and the Australian Computer Society. The aims of the conference are to bring together researchers and practitioners working in areas of information security and privacy from universities, industry and government sectors. The conference program covered a range of aspects including cryptography, cryptanalysis, systems and network security. The program committee accepted 41 papers from 195 submissions. The reviewing process took six weeks and each paper was carefully evaluated by at least three members of the program committee. We appreciate the hard work of the members of the program committee and external referees who gave many hours of their valuable time. Of the accepted papers, there were nine from Korea, six from Australia, five each from Japan and the USA, three each from China and Singapore, two each from Canada and Switzerland, and one each from Belgium, France, Germany, Taiwan, The Netherlands and the UK. All the authors, whether or not their papers were accepted, made valued contributions to the conference. In addition to the contributed papers, Dr Arjen Lenstra gave an invited talk, entitled Likely and Unlikely Progress in Factoring. This year the program committee introduced the Best Student Paper Award. The winner of the prize for the Best Student Paper was Yan-Cheng Chang from Harvard University for his paper Single Database Private Information Retrieval with Logarithmic Communication. We would like to thank all the people involved in organizing this conference. In particular we would like to thank members of the organizing committee for their time and efforts, Andrina Brennan, Vijayakrishnan Pasupathinathan, Hartono Kurnio, Cecily Lenton, and members from ACAC and INSS.
Resumo:
This study questions how the categories of security, education and literacy were brought together as related elements of a whole-of-government strategy in the production of civil society. Drawing on an analysis of key political texts, the study argues that the categories of education and literacy have been used in diverse ways in the production of national, social, economic and geopolitical security interests. As dialogue about security has intensified, rationalisations about the national interest have engaged notions of security leading to the legitimation of a diverse set of policy instruments, strategically used to contain the rise of complex social forces and protect homogenous cultural values.
Resumo:
The potential benefits of shared eHealth records systems are promising for the future of improved healthcare. However, the uptake of such systems is hindered by concerns over the security and privacy of patient information. The use of Information Accountability and so called Accountable-eHealth (AeH) systems has been proposed to balance the privacy concerns of patients with the information needs of healthcare professionals. However, a number of challenges remain before AeH systems can become a reality. Among these is the need to protect the information stored in the usage policies and provenance logs used by AeH systems to define appropriate use of information and hold users accountable for their actions. In this paper, we discuss the privacy and security issues surrounding these accountability mechanisms, define valid access to the information they contain, discuss solutions to protect them, and verify and model an implementation of the access requirements as part of an Information Accountability Framework.
Resumo:
"It could easily provide the back-drop for a James Bond movie. Deep inside a mountain near the North Pole, down a fortified tunnel, and behind airlocked doors in a vault frozen to -18 degrees Celsius, scientists are squirreling away millions of seed samples. The samples constitute the very foundation of agriculture, the biological diversity needed so the world's major food crops can adapt to the next pest or disease, or to climate change. It's little wonder that the Svalbard Global Seed Vault has captured the public's imagination more than almost any agricultural topic in recent years. Popular press reports about the ‘Doomsday Vault,’ however, typically mask the complexity of the endeavor and, if anything, underestimate its practical utility." Cary Fowler This chapter considers the use of seed banks to address concerns about intellectual property, climate change and food security. It has a number of themes. First of all, it is interested in the use of ‘Big Science’ projects to address pressing global scientific concerns and Millennium Development Goals. Second, it highlights the increasing use of banks as a means of managing both property and intellectual property across a wide range of fields of agriculture and biotechnology. Third, it considers the linkage of intellectual property, access to genetic resources and benefit sharing. There are a variety of positions in this debate. Some see requirements in respect of access to genetic resources and benefit sharing as an inconvenient burden for science and commerce. Others defend access to genetic resources and benefit sharing as meaningful and productive. Those inclined to somewhat more conspiratorial views suggest that access to genetic resources and benefit sharing are a ruse to facilitate biopiracy. This chapter has a number of components. Section I focuses upon the Consultative Group on International Agricultural Research (CGIAR) network – often raised as a model for Climate Innovation Centres. Section II considers the Svalbard Global Seed Vault – the so-called Doomsday Vault. After a consideration of the World Summit on Food Security in 2009, it is concluded in this chapter that any future international agreement on climate change needs to address intellectual property, plant genetic resources and food security.
Resumo:
In light of larger public policy debates over intellectual property and climate change, this article considers patent practice, law, and policy in respect of biofuels. This debate has significant implications for public policy discussions in respect of energy independence, food security, and climate change. The first section of the paper provides a network analysis of patents in respect of biofuels across the three generations. It provides empirical research in respect of patent subject matter, ownership, and strategy in respect of biofuels. The second section provides a case study of significant patent litigation over biofuels. There is an examination of the biofuels patent litigation between the Danish company Novozymes, and Danisco and DuPont. The third section examines flexibilities in respect of patent law and clean technologies in the context of the case study of biofuels. In particular, it explores the debate over substantive doctrinal matters in respect of biofuels – such as patentable subject matter, technology transfer, patent pools, compulsory licensing, and disclosure requirements. The conclusion explores the relevance of the debate over patent law and biofuels to the larger public policy discussions over energy independence, food security, and climate change.
Resumo:
This paper offers one explanation for the institutional basis of food insecurity in Australia, and argues that while alternative food networks and the food sovereignty movement perform a valuable function in building forms of social solidarity between urban consumers and rural producers, they currently make only a minor contribution to Australia’s food and nutrition security. The paper begins by identifying two key drivers of food security: household incomes (on the demand side) and nutrition-sensitive, ‘fair food’ agriculture (on the supply side). We focus on this second driver and argue that healthy populations require an agricultural sector that delivers dietary diversity via a fair and sustainable food system. In order to understand why nutrition-sensitive, fair food agriculture is not flourishing in Australia we introduce the development economics theory of urban bias. According to this theory, governments support capital intensive rather than labour intensive agriculture in order to deliver cheap food alongside the transfer of public revenues gained from rural agriculture to urban infrastructure, where the majority of the voting public resides. We chart the unfolding of the Urban Bias across the twentieth century and its consolidation through neo-liberal orthodoxy, and argue that agricultural policies do little to sustain, let alone revitalize, rural and regional Australia. We conclude that by observing food system dynamics through a re-spatialized lens, Urban Bias Theory is valuable in highlighting rural–urban socio-economic and political economy tensions, particularly regarding food system sustainability. It also sheds light on the cultural economy tensions for alternative food networks as they move beyond niche markets to simultaneously support urban food security and sustainable rural livelihoods.
Resumo:
This paper addresses the gap in economic theory underlying the multidimensional concept of food security and observed data by deriving a composite food security index using the latent class model. The link between poverty and food security is then examined using the new food security index and the robustness of the link is compared with two unidimensional measures often used in the literature. Using Vietnam as a case study, it was found that a weak link exists for the rural but not for the urban composite food security index. The unidimensional measures on the other hand show a strong link in both the rural and urban regions. The results on the link are also different and mixed when two poverty types given by persistent and transient poverty are considered. These findings have important policy implications for a targeted approach to addressing food security.
Resumo:
While enhanced cybersecurity options, mainly based around cryptographic functions, are needed overall speed and performance of a healthcare network may take priority in many circumstances. As such the overall security and performance metrics of those cryptographic functions in their embedded context needs to be understood. Understanding those metrics has been the main aim of this research activity. This research reports on an implementation of one network security technology, Internet Protocol Security (IPSec), to assess security performance. This research simulates sensitive healthcare information being transferred over networks, and then measures data delivery times with selected security parameters for various communication scenarios on Linux-based and Windows-based systems. Based on our test results, this research has revealed a number of network security metrics that need to be considered when designing and managing network security for healthcare-specific or non-healthcare-specific systems from security, performance and manageability perspectives. This research proposes practical recommendations based on the test results for the effective selection of network security controls to achieve an appropriate balance between network security and performance
Resumo:
Rigid security boundaries hinder the proliferation of eHealth. Through active audit logs, accountable-eHealth systems alleviate privacy concerns and enhance information availability.
Resumo:
Cooperative Intelligent Transportation Systems (C-ITS) allow in-vehicle systems, and ultimately the driver, to enhance their awareness of their surroundings by enabling communication between vehicles and road infrastructure. C-ITS are widely considered as the next major step in driving assistance systems, aiming at increasing safety, comfort and mobility for drivers. However, any communicating systems are subjected to security threats. A key component for providing secure communications at a large scale is a Public Key Infrastructure (PKI). Due to the safety-critical nature of Vehicle-to-Vehicle (V2V) communications, a C-ITS PKI has functional, performance and scalability requirements that differ from traditional non-automotive environments. This paper identifies and defines the key functional and security requirements for C-ITS PKI systems and analyses proposed C-ITS PKI standards against these requirements. In particular, the proposed US and European C-ITS PKI systems are identified as being too complex and not scalable. The paper also highlights various privacy, security and scalability concerns that should be considered for a secure C-ITS PKI solution in the Australian transport landscape.
Resumo:
The power system network is assumed to be in steady-state even during low frequency transients. However, depending on generator dynamics, and toad and control characteristics, the system model and the nature of power flow equations can vary The nature of power flow equations describing the system during a contingency is investigated in detail. It is shown that under some mild assumptions on load-voltage characteristics, the power flow equations can be decoupled in an exact manner. When the generator dynamics are considered, the solutions for the load voltages are exact if load nodes are not directly connected to each other