961 resultados para Islamism, securitization, security agenda, Uzbekistan
Resumo:
The security of industrial control systems in critical infrastructure is a concern for the Australian government and other nations. There is a need to provide local Australian training and education for both control system engineers and information technology professionals. This paper proposes a postgraduate curriculum of four courses to provide knowledge and skills to protect critical infrastructure industrial control systems. Our curriculum is unique in that it provides security awareness but also the advanced skills required for security specialists in this area. We are aware that in the Australian context there is a cultural gap between the thinking of control system engineers who are responsible for maintaining and designing critical infrastructure and information technology professionals who are responsible for protecting these systems from cyber attacks. Our curriculum aims to bridge this gap by providing theoretical and practical exercises that will raise the awareness and preparedness of both groups of professionals.
Resumo:
Extracting and aggregating the relevant event records relating to an identified security incident from the multitude of heterogeneous logs in an enterprise network is a difficult challenge. Presenting the information in a meaningful way is an additional challenge. This paper looks at solutions to this problem by first identifying three main transforms; log collection, correlation, and visual transformation. Having identified that the CEE project will address the first transform, this paper focuses on the second, while the third is left for future work. To aggregate by correlating event records we demonstrate the use of two correlation methods, simple and composite. These make use of a defined mapping schema and confidence values to dynamically query the normalised dataset and to constrain result events to within a time window. Doing so improves the quality of results, required for the iterative re-querying process being undertaken. Final results of the process are output as nodes and edges suitable for presentation as a network graph.
Resumo:
The Australian Business Assessment of Computer User Security (ABACUS) survey is a nationwide assessment of the prevalence and nature of computer security incidents experienced by Australian businesses. This report presents the findings of the survey which may be used by businesses in Australia to assess the effectiveness of their information technology security measures.
Resumo:
Shared services have gained significance as an organizational arrangement, in particular for support functions, to reduce costs, increase quality and create new capabilities. The Information Systems (IS) function is amenable to sharing arrangements and information systems can enable sharing in other functional areas. However, despite being a promising area for IS research, literature on shared services in the IS discipline is scarce and scattered. There is still little consensus on what shared services is. Moreover, a thorough understanding of why shared services are adopted, who are involved, and how things are shared is lacking. In this article, we set out to progress IS research on shared services by establishing a common ground for future research and proposing a research agenda to shape the field based on an analysis of the IS literature. We present a holistic and inclusive definition, discuss the primacy of economic-strategic objectives so far, and introduce conceptual frameworks for stakeholders and the notion of sharing. We also provide an overview of the theories and research methods applied. We propose a research agenda that addresses fundamental issues related to objectives, stakeholders, and the notion of sharing to lay the foundation for taking IS research on shared services forward.
Resumo:
Many countries face enormous development challenges in adapting to demographic change, urbanisation and emerging issues such as housing affordability and climate change. These challenges are best resolved in consultation with communities rather than in conflict with them. A rich tradition of research and intellectual frameworks exist in the fields of urban geography and planning to understand and manage community concerns during the pre-development approval stages of new projects. However current theoretical frameworks are inadequate in construction management and a new research agenda is needed to develop conceptual frameworks to guide thinking about the role of communities in the construction process. By discussing the components of such a model, it is concluded that this would require a fundamental shift in thinking which challenges traditional structuralist paradigms. A new constructivist paradigm is presented that conceives community consultation as a negotiation process which does not stop at the pre-development planning stages but which continues over the entire life of a project.
Resumo:
For any discipline to be regarded as a professional undertaking by which its members may be treated as true “professionals” in a specific area, practitioners must clearly understand that discipline’s history as well as the place and significance of that history in current practice as well as its relevance to available technologies and artefacts at the time. This is common for many professional disciplines such as medicine, pharmacy, engineering, law and so on but not yet, this paper submits, in information technology. Based on twenty five elapsed years of experience in developing and delivering Cybersecurity courses at undergraduate and postgraduate levels, this paper proposes a rationale and set of differing perspectives for the planning and development of curricula relevant to the delivery of appropriate courses in the history of cybersecurity or information assurance to information and communications technology (ICT) students and thus to potential information technology professionals.
Resumo:
We argue that there are at least two significant issues for interaction designers to consider when creating the next generation of human interfaces for civic and urban engagement: (1) The disconnect between citizens participating in either digital or physical realms has resulted in a neglect of the hybrid role that public place and situated technology can play in contributing to civic innovation. (2) Under the veneer of many social media tools, hardly any meaningful strategies or approaches are found that go beyond awareness raising and allow citizens to do more than clicking a ‘Like’ button. We call for an agenda to design the next generation of ‘digital soapboxes’ that contributes towards a new form of polity helping citizens not only to have a voice but also to appropriate their city in order to take action for change.
Resumo:
Iris based identity verification is highly reliable but it can also be subject to attacks. Pupil dilation or constriction stimulated by the application of drugs are examples of sample presentation security attacks which can lead to higher false rejection rates. Suspects on a watch list can potentially circumvent the iris based system using such methods. This paper investigates a new approach using multiple parts of the iris (instances) and multiple iris samples in a sequential decision fusion framework that can yield robust performance. Results are presented and compared with the standard full iris based approach for a number of iris degradations. An advantage of the proposed fusion scheme is that the trade-off between detection errors can be controlled by setting parameters such as the number of instances and the number of samples used in the system. The system can then be operated to match security threat levels. It is shown that for optimal values of these parameters, the fused system also has a lower total error rate.
Resumo:
Practitioners from both the upstream oil and gas industry and the space and satellite sector have repeatedly noted several striking similarities between the two industries over the years, which have in turn resulted in many direct comparisons in the media and industry press. The two sectors have previously worked together and shared ideas in ways that have yielded some important breakthroughs, but relatively little sharing or cross-pollination has occurred in the area of asset maintenance. This is somewhat surprising in light of the fact that here, too, the sectors have much in common. This paper accordingly puts forward the viewpoint that the upstream oil and gas industry could potentially make significant improvements in asset maintenance—specifically, with regard to offshore platforms and remote pipelines—by selectively applying some aspects of the maintenance strategies and philosophies that have been learned in the space and satellite sector. The paper then offers a research agenda toward accelerating the rate of learning and sharing between the two industries in this domain, and concludes with policy recommendations that could facilitate this kind of cross-industry learning.
Resumo:
The creation of value through emotion has been previously explored through product design, marketing and consumer hedonics. While the notion of value creation is an important driver in business model generation, understanding what the customer honestly values and why, also needs to be considered. However, the role of emotion as a source of innovation, spanning business model creation to customer experience is not yet well understood. This research investigates how the inclusion of emotion will impact the design of a business model and business operations. A brief overview of relevant literature, the research gap and question, along with the future direction of this research is discussed in this paper.
Resumo:
Organizations make increasingly use of social media in order to compete for customer awareness and improve the quality of their goods and services. Multiple techniques of social media analysis are already in use. Nevertheless, theoretical underpinnings and a sound research agenda are still unavailable in this field at the present time. In order to contribute to setting up such an agenda, we introduce digital social signal processing (DSSP) as a new research stream in IS that requires multi-facetted investigations. Our DSSP concept is founded upon a set of four sequential activities: sensing digital social signals that are emitted by individuals on social media; decoding online data of social media in order to reconstruct digital social signals; matching the signals with consumers’ life events; and configuring individualized goods and service offerings tailored to the individual needs of customers. We further contribute to tying loose ends of different research areas together, in order to frame DSSP as a field for further investigation. We conclude with developing a research agenda.
Resumo:
Most security models for authenticated key exchange (AKE) do not explicitly model the associated certification system, which includes the certification authority (CA) and its behaviour. However, there are several well-known and realistic attacks on AKE protocols which exploit various forms of malicious key registration and which therefore lie outside the scope of these models. We provide the first systematic analysis of AKE security incorporating certification systems (ASICS). We define a family of security models that, in addition to allowing different sets of standard AKE adversary queries, also permit the adversary to register arbitrary bitstrings as keys. For this model family we prove generic results that enable the design and verification of protocols that achieve security even if some keys have been produced maliciously. Our approach is applicable to a wide range of models and protocols; as a concrete illustration of its power, we apply it to the CMQV protocol in the natural strengthening of the eCK model to the ASICS setting.
Resumo:
The Transport Layer Security (TLS) protocol is the most widely used security protocol on the Internet. It supports negotiation of a wide variety of cryptographic primitives through different cipher suites, various modes of client authentication, and additional features such as renegotiation. Despite its widespread use, only recently has the full TLS protocol been proven secure, and only the core cryptographic protocol with no additional features. These additional features have been the cause of several practical attacks on TLS. In 2009, Ray and Dispensa demonstrated how TLS renegotiation allows an attacker to splice together its own session with that of a victim, resulting in a man-in-the-middle attack on TLS-reliant applications such as HTTP. TLS was subsequently patched with two defence mechanisms for protection against this attack. We present the first formal treatment of renegotiation in secure channel establishment protocols. We add optional renegotiation to the authenticated and confidential channel establishment model of Jager et al., an adaptation of the Bellare--Rogaway authenticated key exchange model. We describe the attack of Ray and Dispensa on TLS within our model. We show generically that the proposed fixes for TLS offer good protection against renegotiation attacks, and give a simple new countermeasure that provides renegotiation security for TLS even in the face of stronger adversaries.
Resumo:
Dáwat, Pamahándí, Tawíd, Ságda, Lampísa, Ibabások, Lapát, Panedlák: for most of us gathered here, these are words that we don’t usually use in our daily lives. Others may consider them as exotic, alien, funny and even backward. However, for indigenous kindred among us, these words denote an intimate identity and deep understanding of the world around them. It constitutes a broader knowledge system, be written or otherwise, which guides them in the management of resources within their ancestral land. This paper will provide a brief theoretical framework of the concepts of indigenous knowledge systems—hereinafter called IKS, and indigenous peoples food security, and hopefully a deeper or continued appreciation in the study of both concepts in general.
