736 resultados para outsourcing decryption
Resumo:
Background Physical inactivity is a modifiable risk factor for many chronic conditions and a leading cause of premature mortality. An increasing proportion of adults worldwide are not engaging in a level of physical activity sufficient to prevent or alleviate these adverse effects. Medical professionals have been identified as potentially powerful sources of influence for those who do not meet minimum physical activity guidelines. Health professionals are respected and expected sources of advice and they reach a large and relevant proportion of the population. Despite this potential, health professionals are not routinely practicing physical activity promotion. Discussion Medical professionals experience several known barriers to physical activity promotion including lack of time and lack of perceived efficacy in changing physical activity behaviour in patients. Furthermore, evidence for effective physical activity promotion by medical professionals is inconclusive. To address these problems, new approaches to physical activity promotion are being proposed. These include collaborating with community based physical activity behaviour change interventions, preparing patients for effective brief counselling during a consultation with the medical professional, and use of interactive behaviour change technology. Summary It is important that we recognise the latent risk of physical inactivity among patients presenting in clinical settings. Preparation for improving patient physical activity behaviours should commence before the consultation and may include physical activity screening. Medical professionals should also identify suitable community interventions to which they can refer physically inactive patients. Outsourcing the majority of a comprehensive physical activity intervention to community based interventions will reduce the required clinical consultation time for addressing the issue with each patient. Priorities for future research include investigating ways to promote successful referrals and subsequent engagement in comprehensive community support programs to increase physical activity levels of inactive patients. Additionally, future clinical trials of physical activity interventions should be evaluated in the context of a broader framework of outcomes to inform a systematic consideration of broad strengths and weaknesses regarding not only efficacy but cost-effectiveness and likelihood of successful translation of interventions to clinical contexts.
Resumo:
In this issue of the Journal, the articles considered reflect the depth of research and practice that is unique to project management discipline. The range of topics addressed includes managing project contracts (Chan et al., “A Comparative Study of the Benefits of Applying Target Cost Contracts Between South Australia and Hong Kong”), managing project complexity (Chronéer and Bergquist, “Managerial Complexity in Process Industrial R&D Projects: A Swedish Study”), identifying early warning signs in complex projects (Williams et al., “Identifying and Acting on Early Warning Signs in Complex Projects”), project risk management (Krane, Olsson, and Rolstadås, “How Project Manager–Project Owner Interaction Can Work Within and Influence Project Risk Management”), exploring decisions regarding outsourcing and alignment of the project management office (Martins and Martins, “Outsourcing Operations in Project Management Offices: The Reality of Brazilian Companies”), and project management practices at strategic and tactical levels of the organization leading to sustainable development (Herazo, Lizarralde, and Paquin, “Sustainable Development in the Building Sector: A Canadian Case Study on the Alignment of Strategic and Tactical Management”).
Resumo:
To protect the health information security, cryptography plays an important role to establish confidentiality, authentication, integrity and non-repudiation. Keys used for encryption/decryption and digital signing must be managed in a safe, secure, effective and efficient fashion. The certificate-based Public Key Infrastructure (PKI) scheme may seem to be a common way to support information security; however, so far, there is still a lack of successful large-scale certificate-based PKI deployment in the world. In addressing the limitations of the certificate-based PKI scheme, this paper proposes a non-certificate-based key management scheme for a national e-health implementation. The proposed scheme eliminates certificate management and complex certificate validation procedures while still maintaining security. It is also believed that this study will create a new dimension to the provision of security for the protection of health information in a national e-health environment.
Resumo:
New venture growth is a central topic in entrepreneurship research. Although sales growth is emerging as the most commonly used measure of growth for emerging ventures, employment growth has also been used frequently. However, empirical research demonstrates that there are only very low to moderately sized correlations between the two (Delmar et aL, 2003; Weinzimmer, et al., 1998). In addition) sales growth and employment growth respond differently to a wide variety of criteria (Baum et al., 2001; Delmar et al., 2003). In this study we use transaction cost economics (Williamson, 1996) as a theoretical base to examine transaction cost influences on the addition of new employees as emerging ventures experience sales growth. \\le theorize that transaction cost economics variables will moderate the relationship between sales growth and employment growth. W'e develop and test hypotheses related to asset specificity, behavioral uncertainty, and the influence of resource munificence on the strength of the sales growth/ employment growth relationship. Asset specificity is theorized to be a positive moderator of the relationship between sales growth and employment growth. When the behavioral uncertainty associated with adding new employees is greater than that of outsourcing or subcontracting, it is hypothesized to be a negative moderator of the sales growth/employment growth relationship. We also hypothesize that resource scarcity will strengthen those relationships.
Resumo:
Predicate encryption (PE) is a new primitive which supports exible control over access to encrypted data. In PE schemes, users' decryption keys are associated with predicates f and ciphertexts encode attributes a that are specified during the encryption procedure. A user can successfully decrypt if and only if f(a) = 1. In this thesis, we will investigate several properties that are crucial to PE. We focus on expressiveness of PE, Revocable PE and Hierarchical PE (HPE) with forward security. For all proposed systems, we provide a security model and analysis using the widely accepted computational complexity approach. Our first contribution is to explore the expressiveness of PE. Existing PE supports a wide class of predicates such as conjunctions of equality, comparison and subset queries, disjunctions of equality queries, and more generally, arbitrary combinations of conjunctive and disjunctive equality queries. We advance PE to evaluate more expressive predicates, e.g., disjunctive comparison or disjunctive subset queries. Such expressiveness is achieved at the cost of computational and space overhead. To improve the performance, we appropriately revise the PE to reduce the computational and space cost. Furthermore, we propose a heuristic method to reduce disjunctions in the predicates. Our schemes are proved in the standard model. We then introduce the concept of Revocable Predicate Encryption (RPE), which extends the previous PE setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We propose two RPE schemes. Our first scheme, termed Attribute- Hiding RPE (AH-RPE), offers attribute-hiding, which is the standard PE property. Our second scheme, termed Full-Hiding RPE (FH-RPE), offers even stronger privacy guarantees, i.e., apart from possessing the Attribute-Hiding property, the scheme also ensures that no information about revoked users is leaked from a given ciphertext. The proposed schemes are also proved to be secure under well established assumptions in the standard model. Secrecy of decryption keys is an important pre-requisite for security of (H)PE and compromised private keys must be immediately replaced. The notion of Forward Security (FS) reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. We present the first Forward-Secure Hierarchical Predicate Encryption (FS-HPE) that is proved secure in the standard model. Our FS-HPE scheme offers some desirable properties: time-independent delegation of predicates (to support dynamic behavior for delegation of decrypting rights to new users), local update for users' private keys (i.e., no master authority needs to be contacted), forward security, and the scheme's encryption process does not require knowledge of predicates at any level including when those predicates join the hierarchy.
Resumo:
Retaining customers is a relevant topic throughout all service industries. However, only limited attention has been directed towards studying the antecedents of subscription renewal in the context of operational cloud enterprise systems. Cloud services have historically been offered as subscription-based services with the (theoretical) possibility of seamless service cancellation, in contrast to classical IT-Outsourcing contracts or license-based software installations of on-premise enterprise systems. In this work, we investigate the central concept of subscription renewal by focusing on different facets of IS success and their relevance for distinct employee cohorts. Analyzing inter-cohort differences has strong practical implications, as it helps IT vendors to focus on specific IT-related factors when trying to retain customers. Therefore an empirical study was undertaken. The hypotheses were developed on an individual level and tested using survey responses of IT decision makers within companies which adopted cloud enterprise systems. Gathered data was then analyzed using PLS. The results show that subscription renewal intention of the strategic cohort is mainly based on perceived system quality, whereas information quality explains most of the variance of subscription renewal in the management cohort. Beneath the cloud enterprise systems specific contributions, the work adds to the theoretical body of research related to IS success and IS continuation, as well as stakeholder perspectives.
Resumo:
A5/1 is a shift register based stream cipher which provides privacy for the GSM system. In this paper, we analyse the loading of the secret key and IV during the initialisation process of A5/1. We demonstrate the existence of weak key-IV pairs in the A5/1 cipher due to this loading process; these weak key-IV pairs may generate one, two or three registers containing all-zero values, which may lead in turn to weak keystream sequences. In the case where two or three registers contain only zeros, we describe a distinguisher which leads to a complete decryption of the affected messages.
Resumo:
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistinguishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can be essentially relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) for ciphertexts once they pass the gateway that acts as an IND-CCA/CPA filter by first checking the validity of an incoming IND-CCA ciphertext, then transforming it (if valid) into an IND-CPA ciphertext, and forwarding the latter to the recipient in the private domain. “Non-trivial filtering'' can result in reduced decryption costs on the receivers' side. We identify a class of encryption schemes with publicly verifiable ciphertexts that admit generic constructions of (non-trivial) IND-CCA/CPA filters. These schemes are characterized by existence of public algorithms that can distinguish between valid and invalid ciphertexts. To this end, we formally define (non-trivial) public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms, and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Resumo:
Drawing on data from the Australian Business Assessment of Computer User Security (ABACUS) survey, this paper examines a range of factors that may influence businesses’ likelihood of being victimised by a computer security incident. It has been suggested that factors including business size, industry sector, level of outsourcing, expenditure on computer security functions and types of computer security tools and/or policies used may influence the probability of particular businesses experiencing such incidents. This paper uses probability modelling to test whether this is the case for the 4,000 businesses that responded to the ABACUS survey. It was found that the industry sector that a business belonged to, and business expenditure on computer security, were not related to businesses’ likelihood of detecting computer security incidents. Instead, the number of employees that a business has and whether computer security functions were outsourced were found to be key indicators of businesses’ likelihood of detecting incidents. Some of the implications of these findings are considered in this paper.
Resumo:
Make-buy decisions are an important aspect of the overall strategic plans for most firms, and the introduction of a new and potentially radical technology into an industry should therefore be a cue for managers to review their make-buy policies. Should a company make in-house the components and processes underpinning the technology, or should it buy them from an outside supplier? Earlier attempts to answer this question may have failed to agree on a single verdict because they have overlooked two important market forces: supplier relations and industry clockspeed. Based on an intensive three-year study at the University of Cambridge which analyzed supply chain management practices from a broad range of manufacturers around the world, this book helps to resolve this classic technology outsourcing dilemma and gives managers the tools they will need to determine if they should make or buy the components and processes that go into a potentially radical innovation.
Resumo:
The purpose of this paper is to empirically examine the state of cloud computing adoption in Australia. I specifically focus on the drivers, risks, and benefits of cloud computing from the perspective of IT experts and forensic accountants. I use thematic analysis of interview data to answer the research questions of the study. The findings suggest that cloud computing is increasingly gaining foothold in many sectors due to its advantages such as flexibility and the speed of deployment. However, security remains an issue and therefore its adoption is likely to be selective and phased. Of particular concern are the involvement of third parties and foreign jurisdictions, which in the event of damage may complicate litigation and forensic investigations. This is one of the first empirical studies that reports on cloud computing adoption and experiences in Australia.
Resumo:
Proxy re-encryption (PRE) is a highly useful cryptographic primitive whereby Alice and Bob can endow a proxy with the capacity to change ciphertext recipients from Alice to Bob, without the proxy itself being able to decrypt, thereby providing delegation of decryption authority. Key-private PRE (KP-PRE) specifies an additional level of confidentiality, requiring pseudo-random proxy keys that leak no information on the identity of the delegators and delegatees. In this paper, we propose a CPA-secure PK-PRE scheme in the standard model (which we then transform into a CCA-secure scheme in the random oracle model). Both schemes enjoy highly desirable properties such as uni-directionality and multi-hop delegation. Unlike (the few) prior constructions of PRE and KP-PRE that typically rely on bilinear maps under ad hoc assumptions, security of our construction is based on the hardness of the standard Learning-With-Errors (LWE) problem, itself reducible from worst-case lattice hard problems that are conjectured immune to quantum cryptanalysis, or “post-quantum”. Of independent interest, we further examine the practical hardness of the LWE assumption, using Kannan’s exhaustive search algorithm coupling with pruning techniques. This leads to state-of-the-art parameters not only for our scheme, but also for a number of other primitives based on LWE published the literature.
Resumo:
The fifth edition of this text has been thoroughly updated, continuing its strong emphasis on the importance of the Asian region to contemporary Australian and New Zealand organisations. Many Asian case examples are featured to illustrate key management concepts, and these provide a useful basis for comparison with management practices in Australia and New Zealand. Numerous practical examples throughout the text highlight contemporary management issues, such as: •workplace diversity •sustainability •ethics/corporate social responsibility •the impact of technology •innovation in the workplace •globalisation •employee engagement •flexible working arrangements •work-life balance •generational issues in the workplace •skills shortages in various industries •the importance of effective employee recruitment and training •organisational culture •workforce flexibility and casualisation •the ‘24/7’ nature of contemporary communication technology, including social media •outsourcing Management, 5th Asia Pacific edition, has also retained the features that have made previous editions so popular with students and lecturers, including the Career Readiness Workbook activities at the end of the book, and the accompanying Interactive Study Guide with its vast array of multimedia resources.
Resumo:
The second edition of this text has been thoroughly updated, continuing its strong emphasis on the importance of the Asian region to contemporary Australian and New Zealand organisations. Many Asian case examples are featured to illustrate key management concepts, and these provide a useful basis for comparison with management practices in Australia and New Zealand. Numerous practical examples throughout the text highlight contemporary management issues, such as: •workplace diversity •sustainability •ethics/corporate social responsibility •the impact of technology •innovation in the workplace •globalisation •employee engagement •flexible working arrangements •work-life balance •generational issues in the workplace •skills shortages in various industries •the importance of effective employee recruitment and training •organisational culture •workforce flexibility and casualisation •the ‘24/7’ nature of contemporary communication technology, including social media •outsourcing Management, Foundation and Applications, 2nd Asia-Pacific edition, has also retained the features that made its previous edition so popular with students and lecturers, including the Career Readiness Workbook activities at the end of the book, and the accompanying Interactive Study Guide with its vast array of multimedia resources.
Resumo:
We construct two efficient Identity-Based Encryption (IBE) systems that admit selective-identity security reductions without random oracles in groups equipped with a bilinear map. Selective-identity secure IBE is a slightly weaker security model than the standard security model for IBE. In this model the adversary must commit ahead of time to the identity that it intends to attack, whereas in an adaptive-identity attack the adversary is allowed to choose this identity adaptively. Our first system—BB1—is based on the well studied decisional bilinear Diffie–Hellman assumption, and extends naturally to systems with hierarchical identities, or HIBE. Our second system—BB2—is based on a stronger assumption which we call the Bilinear Diffie–Hellman Inversion assumption and provides another approach to building IBE systems. Our first system, BB1, is very versatile and well suited for practical applications: the basic hierarchical construction can be efficiently secured against chosen-ciphertext attacks, and further extended to support efficient non-interactive threshold decryption, among others, all without using random oracles. Both systems, BB1 and BB2, can be modified generically to provide “full” IBE security (i.e., against adaptive-identity attacks), either using random oracles, or in the standard model at the expense of a non-polynomial but easy-to-compensate security reduction.
