A risk simulation framework for information infrastructure protection

Information communication and technology (ICT) systems are almost ubiquitous in the modern world. It is hard to identify any industry, or for that matter any part of society, that is not in some way dependent on these systems and their continued secure operation. Therefore the security of information infrastructures, both on an organisational and societal level, is of critical importance. Information security risk assessment is an essential part of ensuring that these systems are appropriately protected and positioned to deal with a rapidly changing threat environment. The complexity of these systems and their inter-dependencies however, introduces a similar complexity to the information security risk assessment task. This complexity suggests that information security risk assessment cannot, optimally, be undertaken manually. Information security risk assessment for individual components of the information infrastructure can be aided by the use of a software tool, a type of simulation, which concentrates on modelling failure rather than normal operational simulation. Avoiding the modelling of the operational system will once again reduce the level of complexity of the assessment task. The use of such a tool provides the opportunity to reuse information in many different ways by developing a repository of relevant information to aid in both risk assessment and management and governance and compliance activities. Widespread use of such a tool allows the opportunity for the risk models developed for individual information infrastructure components to be connected in order to develop a model of information security exposures across the entire information infrastructure. In this thesis conceptual and practical aspects of risk and its underlying epistemology are analysed to produce a model suitable for application to information security risk assessment. Based on this work prototype software has been developed to explore these concepts for information security risk assessment. Initial work has been carried out to investigate the use of this software for information security compliance and governance activities. Finally, an initial concept for extending the use of this approach across an information infrastructure is presented.

Development of a data mining-based analysis framework for multi-attribute construction project information

Data mining techniques extract repeated and useful patterns from a large data set that in turn are utilized to predict the outcome of future events. The main purpose of the research presented in this paper is to investigate data mining strategies and develop an efficient framework for multi-attribute project information analysis to predict the performance of construction projects. The research team first reviewed existing data mining algorithms, applied them to systematically analyze a large project data set collected by the survey, and finally proposed a data-mining-based decision support framework for project performance prediction. To evaluate the potential of the framework, a case study was conducted using data collected from 139 capital projects and analyzed the relationship between use of information technology and project cost performance. The study results showed that the proposed framework has potential to promote fast, easy to use, interpretable, and accurate project data analysis.

Flexible airport terminal design : towards a framework

Flexibility is a key driver of any successful design, specifically in highly unpredictable environment such as airport terminal. Ever growing aviation industry requires airport terminals to be planned and constructed in such a way that will allow flexibility for future design, alteration and redevelopment. The concept of flexibility in terminal design is a relatively new initiative, where existing rules or guidelines are not adequate to assist designers. A shift towards flexible design concept would allow terminal buildings to be designed to accommodate future changes and to make passengers’ journey as simple, timely and hassle free as possible. Currently available research indicates that a theoretical framework on flexible design approach for airport terminals would facilitate the future design process. The generic principles of flexibility are investigated in the current research to incorporate flexible design approaches within the process of an airport terminal design. A conceptual framework is proposed herein, which is expected to ascertain flexibility to current passenger terminal facilities within their corresponding locations as well as in future design and expansion.

Quantum key distribution in the classical authenticated key exchange framework

Key establishment is a crucial primitive for building secure channels in a multi-party setting. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational discoveries which could break the secrecy of past keys, violating the secrecy of the confidential channel. Quantum key distribution (QKD) can be used generate secret keys that are secure against any future algorithmic or computational improvements. QKD protocols still require authentication of classical communication, although existing security proofs of QKD typically assume idealized authentication. It is generally considered folklore that QKD when used with computationally secure authentication is still secure against an unbounded adversary, provided the adversary did not break the authentication during the run of the protocol. We describe a security model for quantum key distribution extending classical authenticated key exchange (AKE) security models. Using our model, we characterize the long-term security of the BB84 QKD protocol with computationally secure authentication against an eventually unbounded adversary. By basing our model on traditional AKE models, we can more readily compare the relative merits of various forms of QKD and existing classical AKE protocols. This comparison illustrates in which types of adversarial environments different quantum and classical key agreement protocols can be secure.

Anticipating user experience with a desired product : the AUX Framework

Positive user experience (UX) has become a key factor in designing interactive products. It acts as a differentiator which can determine a product’s success on the mature market. However, current UX frameworks and methods do not fully support the early stages of product design and development. During these phases, assessment of UX is challenging as no actual user-product interaction can be tested. This qualitative study investigated anticipated user experience (AUX) to address this problem. Using the co-discovery method, participants were asked to imagine a desired product, anticipate experiences with it, and discuss their views with another participant. Fourteen sub-categories emerged from the data, and relationships among them were defined through co-occurrence analysis. These data formed the basis of the AUX framework which consists of two networks which elucidate 1) how users imagine a desired product and 2) how they anticipate positive experiences with that product. Through this AUX framework, important factors in the process of imagining future products and experiences were learnt, including the way in which these factors interrelate. Focusing on and exploring each component of the two networks in the framework will allow designers to obtain a deeper understanding of the required pragmatic and hedonic qualities of product, intended uses of product, user characteristics, potential contexts of experience, and anticipated emotions embedded within the experience. This understanding, in turn, will help designers to better foresee users’ underlying needs and to focus on the most important aspects of their positive experience. Therefore, the use of the AUX framework in the early stages of product development will contribute to the design for pleasurable UX.

Introduction and Framework for Understanding

This chapter opens with a description of the empirical realities that shape and have shaped many women's choice to sell sex – realities which have remained constant for some time now. It provides two frameworks for understanding, first, the shifting discourses that currently constitute prostitution, and second, prostitution policies. The chapter also provides a narrative framework in which recent policy changes can be placed.

A proposed validation framework for expert elicited Bayesian Networks

The popularity of Bayesian Network modelling of complex domains using expert elicitation has raised questions of how one might validate such a model given that no objective dataset exists for the model. Past attempts at delineating a set of tests for establishing confidence in an entirely expert-elicited model have focused on single types of validity stemming from individual sources of uncertainty within the model. This paper seeks to extend the frameworks proposed by earlier researchers by drawing upon other disciplines where measuring latent variables is also an issue. We demonstrate that even in cases where no data exist at all there is a broad range of validity tests that can be used to establish confidence in the validity of a Bayesian Belief Network.