886 resultados para Management Control
Resumo:
Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.
Resumo:
Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.
Resumo:
Use of Unmanned Aerial Vehicles (UAVs) in support of government applications has already seen significant growth and the potential for use of UAVs in commercial applications is expected to rapidly expand in the near future. However, the issue remains on how such automated or operator-controlled aircraft can be safely integrated into current airspace. If the goal of integration is to be realized, issues regarding safe separation in densely populated airspace must be investigated. This paper investigates automated separation management concepts in uncontrolled airspace that may help prepare for an expected growth of UAVs in Class G airspace. Not only are such investigations helpful for the UAV integration issue, the automated separation management concepts investigated by the authors can also be useful for the development of new or improved Air Traffic Control services in remote regions without any existing infrastructure. The paper will also provide an overview of the Smart Skies program and discuss the corresponding Smart Skies research and development effort to evaluate aircraft separation management algorithms using simulations involving realworld data communication channels, and verified against actual flight trials. This paper presents results from a unique flight test concept that uses real-time flight test data from Australia over existing commercial communication channels to a control center in Seattle for real-time separation management of actual and simulated aircraft. The paper also assesses the performance of an automated aircraft separation manager.
Resumo:
Paramedics are at high risk of exposure to infectious diseases because they frequently undertake procedures such as the use and disposal of sharps as components of everyday practice. While the literature demonstrates that the management of sharps is problematic across all health disciplines, there is a paucity of research examining sharps management practices in the Australian pre-hospital paramedic context. This study examines knowledge and practices of sharps control among paramedics in Queensland, Australia. A mail survey focusing on infection control knowledge and practices was sent to all clinical personnel of the Queensland Ambulance Service (QAS) (N = 2274). A total of 1258 surveys were returned, a response rate of 55.3%. Participants responded to 12 true/false statements on the management of sharps and three questions about recapping practices. Most respondents were knowledgeable about the correct management of sharps, with a mean of 11.28 (out of 12, SD = 1.32). When gauging reported practices, more than half (59.1%, n = 736) of participants reported recapping a needle, and 38.5% (n = 479) reported never having done so. These results reflect good knowledge of general management of sharps among respondents, but suggest deficits regarding reported practices. The results suggest that a comprehensive ambulance in-service education programme focusing particularly on sharps management is required. The study highlights the need for further research on sharps management practices in the field, identification of barriers to safe sharps practices in pre-hospital settings, and 'best practice' for translating good sharps management knowledge into practice.
Resumo:
The automation of various aspects of air traffic management has many wide-reaching benefits including: reducing the workload for Air Traffic Controllers; increasing the flexibility of operations (both civil and military) within the airspace system through facilitating automated dynamic changes to en-route flight plans; ensuring safe aircraft separation for a complex mix of airspace users within a highly complex and dynamic airspace management system architecture. These benefits accumulate to increase the efficiency and flexibility of airspace use(1). Such functions are critical for the anticipated increase in volume of manned and unmanned aircraft traffic. One significant challenge facing the advancement of airspace automation lies in convincing air traffic regulatory authorities that the level of safety achievable through the use of automation concepts is comparable to, or exceeds, the accepted safety performance of the current system.
Resumo:
A recent Australian survey of beginning teachers indicates that issue of classroom management continues to be a key concern for early career educators (Australian Education Union, 2007). This finding is supported by the wider literature that identifies managing the classroom, particularly managing behaviour within the classroom, as critical issues for early career teachers (Arends, 2006; Charles, 2004; Groundwater-Smith, Ewing & Le Cornu, 2007). In fact, struggling to manage student behaviour and maintain positive relationships with students are among the top reasons for teachers leaving the teaching profession (Charles, 2004). So, how does a teacher effectively organise and manage up to thirty students learning and behaviour at any one time? The issue of classroom management is a persistent one for all teachers, but is particularly daunting for new teachers. Historically, classrooms were established on strong hierarchical structures that relied heavily on teacher control and authority. However, more recent approaches to managing the classroom are proactive and more collaborative. That is not to say that there exists a single management recipe, far from it. Beginning teachers must view possible approaches to managing the classroom in light of their own beliefs about teaching and learning, their current classroom practice and variables from the context in which they are teaching.
Resumo:
Decentralized and regional load-frequency control of power systems operating in normal and near-normal conditions has been well studied; and several analysis/synthesis approaches have been developed during the last few decades. However in contingency and off-normal conditions, the existing emergency control plans, such as under-frequency load shedding, are usually applied in a centralized structure using a different analysis model. This paper discusses the feasibility of using frequency-based emergency control schemes based on tie-line measurements and local information available within a control area. The conventional load-frequency control model is generalized by considering the dynamics of emergency control/protection schemes and an analytic approach to analyze the regional frequency response under normal and emergency conditions is presented.
Resumo:
Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.
Resumo:
The protection of privacy has gained considerable attention recently. In response to this, new privacy protection systems are being introduced. SITDRM is one such system that protects private data through the enforcement of licenses provided by consumers. Prior to supplying data, data owners are expected to construct a detailed license for the potential data users. A license specifies whom, under what conditions, may have what type of access to the protected data. The specification of a license by a data owner binds the enterprise data handling to the consumer’s privacy preferences. However, licenses are very detailed, may reveal the internal structure of the enterprise and need to be kept synchronous with the enterprise privacy policy. To deal with this, we employ the Platform for Privacy Preferences Language (P3P) to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses. A P3P policy is more abstract than a license, allows data owners to specify the purposes for which data are being collected and directly reflects the privacy policy of an enterprise.
Resumo:
Digital rights management allows information owners to control the use and dissemination of electronic documents via a machine-readable licence. This paper describes the design and implementation of a system for creating and enforcing licences containing location constraints that can be used to restrict access to sensitive documents to a defined area. Documents can be loaded onto a portable device and used in the approved areas, but cannot be used if the device moves to another area. Our contribution includes a taxonomy for access control in the presence of requests to perform non-instantaneous controlled actions.
Resumo:
SITDRM 1 is a privacy protection system that protects private data through the enforcement of MPEG REL licenses provided by consumers. Direct issuing of licenses by consumers has several usability problems that will be mentioned in this paper. Further, we will describe how SITDRM incorporates P3P language to provide a consumer-centered privacy protection system.
Resumo:
The purpose of this paper is to conduct a qualitative review of randomised controlled trials in relation to the treatment of adults with co-occurring mental health and substance use disorder (MH/SUD). In particular, integrated approaches are compared with non-integrated approaches to treatment. Ten articles were identified for inclusion in the review. The findings are equivocal with regard to the superior efficacy of integrated approaches to treatment, although the many limitations of the studies need to be considered in our understanding of this finding. Clearly, this is an extremely challenging client group to engage and maintain in intervention research, and the complexity and variability of the problems render control particularly difficult. The lack of available evidence to support the superiority of integration is discussed in relation to these challenges. Much remains to be investigated with regard to integrated management and care for people with co-occurring and MH/SUD, particularly for specific combinations of dual diagnosis and giving consideration to the level of inter-relatedness between the disorders.
Resumo:
Background: Reducing rates of healthcare acquired infection has been identified by the Australian Commission on Safety and Quality in Health Care as a national priority. One of the goals is the prevention of central venous catheter-related bloodstream infection (CR-BSI). At least 3,500 cases of CR-BSI occur annually in Australian hospitals, resulting in unnecessary deaths and costs to the healthcare system between $25.7 and $95.3 million. Two approaches to preventing these infections have been proposed: use of antimicrobial catheters (A-CVCs); or a catheter care and management ‘bundle’. Given finite healthcare budgets, decisions about the optimal infection control policy require consideration of the effectiveness and value for money of each approach. Objectives: The aim of this research is to use a rational economic framework to inform efficient infection control policy relating to the prevention of CR-BSI in the intensive care unit. It addresses three questions relating to decision-making in this area: 1. Is additional investment in activities aimed at preventing CR-BSI an efficient use of healthcare resources? 2. What is the optimal infection control strategy from amongst the two major approaches that have been proposed to prevent CR-BSI? 3. What uncertainty is there in this decision and can a research agenda to improve decision-making in this area be identified? Methods: A decision analytic model-based economic evaluation was undertaken to identify an efficient approach to preventing CR-BSI in Queensland Health intensive care units. A Markov model was developed in conjunction with a panel of clinical experts which described the epidemiology and prognosis of CR-BSI. The model was parameterised using data systematically identified from the published literature and extracted from routine databases. The quality of data used in the model and its validity to clinical experts and sensitivity to modelling assumptions was assessed. Two separate economic evaluations were conducted. The first evaluation compared all commercially available A-CVCs alongside uncoated catheters to identify which was cost-effective for routine use. The uncertainty in this decision was estimated along with the value of collecting further information to inform the decision. The second evaluation compared the use of A-CVCs to a catheter care bundle. We were unable to estimate the cost of the bundle because it is unclear what the full resource requirements are for its implementation, and what the value of these would be in an Australian context. As such we undertook a threshold analysis to identify the cost and effectiveness thresholds at which a hypothetical bundle would dominate the use of A-CVCs under various clinical scenarios. Results: In the first evaluation of A-CVCs, the findings from the baseline analysis, in which uncertainty is not considered, show that the use of any of the four A-CVCs will result in health gains accompanied by cost-savings. The MR catheters dominate the baseline analysis generating 1.64 QALYs and cost-savings of $130,289 per 1.000 catheters. With uncertainty, and based on current information, the MR catheters remain the optimal decision and return the highest average net monetary benefits ($948 per catheter) relative to all other catheter types. This conclusion was robust to all scenarios tested, however, the probability of error in this conclusion is high, 62% in the baseline scenario. Using a value of $40,000 per QALY, the expected value of perfect information associated with this decision is $7.3 million. An analysis of the expected value of perfect information for individual parameters suggests that it may be worthwhile for future research to focus on providing better estimates of the mortality attributable to CR-BSI and the effectiveness of both SPC and CH/SSD (int/ext) catheters. In the second evaluation of the catheter care bundle relative to A-CVCs, the results which do not consider uncertainty indicate that a bundle must achieve a relative risk of CR-BSI of at least 0.45 to be cost-effective relative to MR catheters. If the bundle can reduce rates of infection from 2.5% to effectively zero, it is cost-effective relative to MR catheters if national implementation costs are less than $2.6 million ($56,610 per ICU). If the bundle can achieve a relative risk of 0.34 (comparable to that reported in the literature) it is cost-effective, relative to MR catheters, if costs over an 18 month period are below $613,795 nationally ($13,343 per ICU). Once uncertainty in the decision is considered, the cost threshold for the bundle increases to $2.2 million. Therefore, if each of the 46 Level III ICUs could implement an 18 month catheter care bundle for less than $47,826 each, this approach would be cost effective relative to A-CVCs. However, the uncertainty is substantial and the probability of error in concluding that the bundle is the cost-effective approach at a cost of $2.2 million is 89%. Conclusions: This work highlights that infection control to prevent CR-BSI is an efficient use of healthcare resources in the Australian context. If there is no further investment in infection control, an opportunity cost is incurred, which is the potential for a more efficient healthcare system. Minocycline/rifampicin catheters are the optimal choice of antimicrobial catheter for routine use in Australian Level III ICUs, however, if a catheter care bundle implemented in Australia was as effective as those used in the large studies in the United States it would be preferred over the catheters if it was able to be implemented for less than $47,826 per Level III ICU. Uncertainty is very high in this decision and arises from multiple sources. There are likely greater costs to this uncertainty for A-CVCs, which may carry hidden costs, than there are for a catheter care bundle, which is more likely to provide indirect benefits to clinical practice and patient safety. Research into the mortality attributable to CR-BSI, the effectiveness of SPC and CH/SSD (int/ext) catheters and the cost and effectiveness of a catheter care bundle in Australia should be prioritised to reduce uncertainty in this decision. This thesis provides the economic evidence to inform one area of infection control, but there are many other infection control decisions for which information about the cost-effectiveness of competing interventions does not exist. This work highlights some of the challenges and benefits to generating and using economic evidence for infection control decision-making and provides support for commissioning more research into the cost-effectiveness of infection control.
Resumo:
Aims & Rationale/Objectives: With the knowledge that overweight is a major public health concern in Australia, that a multidisciplinary team approach to the management of lifestyle-related conditions is supported, and that the Australian Government recently recognised the role of the exercise physiologist (EP) in reducing the health burden of disease by their inclusion for reimbursement under the Medicare Plus scheme, this study sought to undertake a pilot RCT to compare GP and EP interventions to reduce primary cardiovascular risk in the overweight general practice population. Methods and Measures: Overweight patients recruited by a convenience sample of GPs were randomised into one of three arms: the control group, or the GP or EP intervention group (in which patients received either five GP or five EP consultations over 24 weeks). Patients had baseline, 12- and 24-week measures of body composition and cardio-respiratory fitness, and completed baseline and end-of-study surveys, fasting lipids and glucose. GPs and EPs completed an end-of-study survey. Results:Sixty-seven patients attended the baseline assessment. Overall retention rate was 67%. Patients were generally satisfied with the effectiveness of the interventions and their weight reduction. Favourable trends in BMI, weight, glucose and exercise levels for GP and EP intervention groups and in physical activity levels for all groups Conclusions: This study supports the feasibility of a RCT of GP and EP interventions for decreasing primary cardiovascular risk in the overweight general practice population.