922 resultados para secure interoperation
Resumo:
A browser is a convenient way to access resources located remotely on computer networks. Security in browsers has become a crucial issue for users who use them for sensitive applications without knowledge ofthe hazards. This research utilises a structure approach to analyse and propose enhancements to browser security. Standard evaluation for computer products is important as it helps users to ensure that the product they use is appropriate for their needs. Security in browsers, therefore, has been evaluated using the Common Criteria. The outcome of this was a security requirements profile which attempts to formalise the security needs of browsers. The information collected during the research was used to produce a prototype model for a secure browser program. Modifications to the Lynx browser were made to demonstrate the proposed enhancements.
Resumo:
Nature Refuges encompass the second largest extent of protected area estate in Queensland. Major problems exist in the data capture, map presentation, data quality and integrity of these boundaries. The spatial accuracies/inaccuracies of the Nature Refuge administrative boundaries directly influence the ability to preserve valuable ecosystems by challenging negative environmental impacts on these properties. This research work is about supporting the Nature Refuge Programs efforts to secure Queensland’s natural and cultural values on private land by utilising GIS and its advanced functionalities. The research design organizes and enters Queensland’s Nature Refuge boundaries into a spatial environment. Survey quality data collection techniques such as the Global Positioning Systems (GPS) are investigated to capture Nature Refuge boundary information. Using the concepts of map communication GIS Cartography is utilised for the protected area plan design. New spatial datasets are generated facilitating the effectiveness of investigative data analysis. The geodatabase model developed by this study adds rich GIS behaviour providing the capability to store, query, and manipulate geographic information. It provides the ability to leverage data relationships and enforces topological integrity creating savings in customization and productivity. The final phase of the research design incorporates the advanced functions of ArcGIS. These functions facilitate building spatial system models. The geodatabase and process models developed by this research can be easily modified and the data relating to mining can be replaced by other negative environmental impacts affecting the Nature Refuges. Results of the research are presented as graphs and maps providing visual evidence supporting the usefulness of GIS as means for capturing, visualising and enhancing spatial quality and integrity of Nature Refuge boundaries.
Resumo:
A group key exchange (GKE) protocol allows a set of parties to agree upon a common secret session key over a public network. In this thesis, we focus on designing efficient GKE protocols using public key techniques and appropriately revising security models for GKE protocols. For the purpose of modelling and analysing the security of GKE protocols we apply the widely accepted computational complexity approach. The contributions of the thesis to the area of GKE protocols are manifold. We propose the first GKE protocol that requires only one round of communication and is proven secure in the standard model. Our protocol is generically constructed from a key encapsulation mechanism (KEM). We also suggest an efficient KEM from the literature, which satisfies the underlying security notion, to instantiate the generic protocol. We then concentrate on enhancing the security of one-round GKE protocols. A new model of security for forward secure GKE protocols is introduced and a generic one-round GKE protocol with forward security is then presented. The security of this protocol is also proven in the standard model. We also propose an efficient forward secure encryption scheme that can be used to instantiate the generic GKE protocol. Our next contributions are to the security models of GKE protocols. We observe that the analysis of GKE protocols has not been as extensive as that of two-party key exchange protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for GKE protocols. We model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure against KCI attacks. A new proof of security for an existing GKE protocol is given under the revised model assuming random oracles. Subsequently, we treat the security of GKE protocols in the universal composability (UC) framework. We present a new UC ideal functionality for GKE protocols capturing the security attribute of contributiveness. An existing protocol with minor revisions is then shown to realize our functionality in the random oracle model. Finally, we explore the possibility of constructing GKE protocols in the attribute-based setting. We introduce the concept of attribute-based group key exchange (AB-GKE). A security model for AB-GKE and a one-round AB-GKE protocol satisfying our security notion are presented. The protocol is generically constructed from a new cryptographic primitive called encapsulation policy attribute-based KEM (EP-AB-KEM), which we introduce in this thesis. We also present a new EP-AB-KEM with a proof of security assuming generic groups and random oracles. The EP-AB-KEM can be used to instantiate our generic AB-GKE protocol.
Resumo:
This article concerns the changing nature of the relationship between age and the labour market. Global demographic, economic and technological changes potentially pose major challenges for older workers trying to maintain a secure attachment to the labour market. Recent public policy has responded by defining concepts such as 'active ageing' which encourage older workers to participate fully within society, including maintaining workforce participation. Older workers' ability to secure quality work within a volatile labour market is considered. While activation approaches are currently popular among policymakers, the notion that older workers will easily avoid a diminution of their employment prospects is challenged.
Resumo:
The term “cloud computing” has emerged as a major ICT trend and has been acknowledged by respected industry survey organizations as a key technology and market development theme for the industry and ICT users in 2010. However, one of the major challenges that faces the cloud computing concept and its global acceptance is how to secure and protect the data and processes that are the property of the user. The security of the cloud computing environment is a new research area requiring further development by both the academic and industrial research communities. Today, there are many diverse and uncoordinated efforts underway to address security issues in cloud computing and, especially, the identity management issues. This paper introduces an architecture for a new approach to necessary “mutual protection” in the cloud computing environment, based upon a concept of mutual trust and the specification of definable profiles in vector matrix form. The architecture aims to achieve better, more generic and flexible authentication, authorization and control, based on a concept of mutuality, within that cloud computing environment.
Resumo:
Secret-sharing schemes describe methods to securely share a secret among a group of participants. A properly constructed secret-sharing scheme guarantees that the share belonging to one participant does not reveal anything about the shares of others or even the secret itself. Besides being used to distribute a secret, secret-sharing schemes have also been used in secure multi-party computations and redundant residue number systems for error correction codes. In this paper, we propose that the secret-sharing scheme be used as a primitive in a Network-based Intrusion Detection System (NIDS) to detect attacks in encrypted Networks. Encrypted networks such as Virtual Private Networks (VPNs) fully encrypt network traffic which can include both malicious and non-malicious traffic. Traditional NIDS cannot monitor such encrypted traffic. We therefore describe how our work uses a combination of Shamir's secret-sharing scheme and randomised network proxies to enable a traditional NIDS to function normally in a VPN environment.
Resumo:
International research has found that domestic violence is a significant barrier to accessing and sustaining work (Lloyd and Taluc 1999, 385; Browne et al. 1999, 398). In the Australian context, the Bureau of Crime Statistics and Research reports that between 6 and 9 per cent of Australian women aged 18 and over are physically assaulted each year and that more than half of all women in Australia experience sexual or physical violence across their adult lifetime. Such behaviour has been estimated to cost $8.1 billion, of which $4.4 billion is estimated to be borne by the victims themselves, $1.2 billion by the general community and smaller amounts by friends and family and various levels of government (Access Economics 2004). This assessment underestimates the costs of domestic violence in terms of the inability of those who have experienced domestic violence to move into and secure sustainable employment options. Despite these statistics there is a dearth of Australian research focussing on the link between domestic violence and its impact on long-term sustainable employment for those who have been subjected to such violence. This paper explores the issue of domestic violence and access to work opportunities. In so doing, it links the work of Gianakos (1999) and her Career Development theory with that of Bandura‘s (1989) Social Cognitive Career Theory to develop a framework which would provide a pathway to enable those who have suffered domestic violence to achieve sustainable employment and economic independence.
Resumo:
Universities are wanting to drive research performance to new levels to increase competitiveness and secure additional research funding. Information technology departments, libraries and research offices are being tasked with the triple role of developing infrastructure, introducing new services, and raising researchers’ awareness and skill levels in the uptake of these services and related eResearch concepts in order to achieve institutional goals. The purpose of this poster is to provide an overview of the coordinated approach to the provision of research skills workshops and seminars provided to researchers and higher degree research (HDR) students at QUT. Seminars and workshops are provided by the Library in collaboration with High Performance Computing and Research Support (HPC) and the Research Students Centre. The sessions are findable and bookable via the Library’s KickStart system. A list of session topics is provided. The Research Support services web site brings together information on a range of research support services provided by the Library and HPC. Seminars and workshops are also available via a research training calendar system into which all sessions are populated, regardless of the provider. The Library and HPC are also undertaking a train the trainer program.
Resumo:
Even though security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human machine interface. This paper reports on a diary study conducted in order to investigate what people identify as security decisions that they make while using the web. The study aimed to uncover how security is perceived in the individual's context of use. From this data, themes were drawn, with a focus on addressing security goals such as confidentiality and authentication. This study is the first study investigating users' web usage focusing on their self-documented perceptions of security and the security choices they made in their own environment.
Resumo:
Many cities worldwide face the prospect of major transformation as the world moves towards a global information order. In this new era, urban economies are being radically altered by dynamic processes of economic and spatial restructuring. The result is the creation of ‘informational cities’ or its new and more popular name, ‘knowledge cities’. For the last two centuries, social production had been primarily understood and shaped by neo-classical economic thought that recognized only three factors of production: land, labor and capital. Knowledge, education, and intellectual capacity were secondary, if not incidental, factors. Human capital was assumed to be either embedded in labor or just one of numerous categories of capital. In the last decades, it has become apparent that knowledge is sufficiently important to deserve recognition as a fourth factor of production. Knowledge and information and the social and technological settings for their production and communication are now seen as keys to development and economic prosperity. The rise of knowledge-based opportunity has, in many cases, been accompanied by a concomitant decline in traditional industrial activity. The replacement of physical commodity production by more abstract forms of production (e.g. information, ideas, and knowledge) has, however paradoxically, reinforced the importance of central places and led to the formation of knowledge cities. Knowledge is produced, marketed and exchanged mainly in cities. Therefore, knowledge cities aim to assist decision-makers in making their cities compatible with the knowledge economy and thus able to compete with other cities. Knowledge cities enable their citizens to foster knowledge creation, knowledge exchange and innovation. They also encourage the continuous creation, sharing, evaluation, renewal and update of knowledge. To compete nationally and internationally, cities need knowledge infrastructures (e.g. universities, research and development institutes); a concentration of well-educated people; technological, mainly electronic, infrastructure; and connections to the global economy (e.g. international companies and finance institutions for trade and investment). Moreover, they must possess the people and things necessary for the production of knowledge and, as importantly, function as breeding grounds for talent and innovation. The economy of a knowledge city creates high value-added products using research, technology, and brainpower. Private and the public sectors value knowledge, spend money on its discovery and dissemination and, ultimately, harness it to create goods and services. Although many cities call themselves knowledge cities, currently, only a few cities around the world (e.g., Barcelona, Delft, Dublin, Montreal, Munich, and Stockholm) have earned that label. Many other cities aspire to the status of knowledge city through urban development programs that target knowledge-based urban development. Examples include Copenhagen, Dubai, Manchester, Melbourne, Monterrey, Singapore, and Shanghai. Knowledge-Based Urban Development To date, the development of most knowledge cities has proceeded organically as a dependent and derivative effect of global market forces. Urban and regional planning has responded slowly, and sometimes not at all, to the challenges and the opportunities of the knowledge city. That is changing, however. Knowledge-based urban development potentially brings both economic prosperity and a sustainable socio-spatial order. Its goal is to produce and circulate abstract work. The globalization of the world in the last decades of the twentieth century was a dialectical process. On one hand, as the tyranny of distance was eroded, economic networks of production and consumption were constituted at a global scale. At the same time, spatial proximity remained as important as ever, if not more so, for knowledge-based urban development. Mediated by information and communication technology, personal contact, and the medium of tacit knowledge, organizational and institutional interactions are still closely associated with spatial proximity. The clustering of knowledge production is essential for fostering innovation and wealth creation. The social benefits of knowledge-based urban development extend beyond aggregate economic growth. On the one hand is the possibility of a particularly resilient form of urban development secured in a network of connections anchored at local, national, and global coordinates. On the other hand, quality of place and life, defined by the level of public service (e.g. health and education) and by the conservation and development of the cultural, aesthetic and ecological values give cities their character and attract or repel the creative class of knowledge workers, is a prerequisite for successful knowledge-based urban development. The goal is a secure economy in a human setting: in short, smart growth or sustainable urban development.
Resumo:
Client puzzles are meant to act as a defense against denial of service (DoS) attacks by requiring a client to solve some moderately hard problem before being granted access to a resource. However, recent client puzzle difficulty definitions (Stebila and Ustaoglu, 2009; Chen et al., 2009) do not ensure that solving n puzzles is n times harder than solving one puzzle. Motivated by examples of puzzles where this is the case, we present stronger definitions of difficulty for client puzzles that are meaningful in the context of adversaries with more computational power than required to solve a single puzzle. A protocol using strong client puzzles may still not be secure against DoS attacks if the puzzles are not used in a secure manner. We describe a security model for analyzing the DoS resistance of any protocol in the context of client puzzles and give a generic technique for combining any protocol with a strong client puzzle to obtain a DoS-resistant protocol.
Resumo:
The chapters of this book form a persuasive chorus of social practices that advocate the use of music to build a capacity for resilience in individuals and groups. As a whole they exemplify music projects that share common features aligned with an ecological view of reform in health, education and social work systems. Internationally renowned and early career academics have collaborated with practitioners to sing ‘Songs of Resilience’; some of which are narratives that report on the effects of music practices for a general population, and some are based on a specific approach, genre or service. Others are quite literally ‘songs’ that demonstrate aspects of resilience in action. The book makes the connection between music and resilience explicit by posing the following questions—Do music projects in education, health and social services build a measurable capacity for resilience amongst individuals? Can we replicate these projects’ outcomes to develop a capacity for resilience in diverse cultural groups? Does shared use of the term ‘resilience’ help to secure funding for innovative musical activities that provide tangible health, education and social outcomes?
Resumo:
Operators of busy contemporary airports have to balance tensions between the timely flow of passengers, flight operations, the conduct of commercial business activities and the effective application of security processes. In addition to specific onsite issues airport operators liaise with a range of organisations which set and enforce aviation-related policies and regulations as well as border security agencies responsible for customs, quarantine and immigration, in addition to first response security services. The challenging demands of coordinating and planning in such complex socio-technical contexts place considerable pressure on airport management to facilitate coordination of what are often conflicting goals and expectations among groups that have standing in respect to safe and secure air travel. What are, as yet, significantly unexplored issues in large airports are options for the optimal coordination of efforts from the range of public and private sector participants active in airport security and crisis management. A further aspect of this issue is how airport management systems operate when there is a transition from business-as-usual into an emergency/crisis situation and then, on recovery, back to ‘normal’ functioning. Business Continuity Planning (BCP), incorporating sub-plans for emergency response, continuation of output and recovery of degraded operating capacity, would fit such a context. The implementation of BCP practices in such a significant high security setting offers considerable potential benefit yet entails considerable challenges. This paper presents early results of a 4 year nationally funded industry-based research project examining the merger of Business Continuity Planning and Transport Security Planning as a means of generating capability for improved security and reliability and, ultimately, enhanced resilience in major airports. The project is part of a larger research program on the Design of Secure Airports that includes most of the gazetted ‘first response’ international airports in Australia, key Aviation industry groups and all aviation-related border and security regulators as collaborative partners. The paper examines a number of initial themes in the research, including: ? Approaches to integrating Business Continuity & Aviation Security Planning within airport operations; ? Assessment of gaps in management protocols and operational capacities for identifying and responding to crises within and across critical aviation infrastructure; ? Identification of convergent and divergent approaches to crisis management used across Austral-Asia and their alignment to planned and possible infrastructure evolution.
Resumo:
The construction industry should be a priority to all governments because it impacts economically and socially on all citizens. Sector turnover in industrialised economies typically averages 8-12% of GDP. Further, construction is critical to economic growth. Recent Australian studies estimate that a 10% gain in efficiency in construction translates to a 2.5% increase in GDP ----- ----- Inefficiencies in the Australian construction industry have been identified by a number of recent studies modelling the building process. They have identified potential savings in time of between 25% and 40% by reducing non-value added steps in the process. A culture of reform is now emerging in the industry – one in which alternate forms of project delivery are being trial. ----- ----- Government and industry have identified Alliance Contracting as a means to increase efficiency in the construction industry as part of a new innovative procurement environment. Alliance contracting requires parties to form relationships and work cooperatively to provide a more complete service. This is a significant cultural change for the construction industry, with its well-known adversarial record in traditional contracting. Alliance contracts offer enormous potential benefits, but the Australian construction industry needs to develop new skills to effectively participate in the new relationship environment. ----- ----- This paper describes a collaborative project identifying skill needs for clients and construction professionals to more effectively participate in an increasingly sophisticated international procurement environment. The aim of identifying these skill needs is to assist industry, government, and skill developers to prepare the Australian construction workforce for the future. The collaborating Australian team has been fortunate to secure the Australian National Museum in Canberra as its live case study. The Acton Peninsula Development is the first major building development in the world awarded on the basis of a joint alliance contract.
Resumo:
The building and construction sector is one of the five largest contributors to the Australian economy and is a key performance component in the economy of many other jurisdictions. However, the ongoing viability of this sector is increasingly reliant on its ability to foster and transfer innovated products and practices. Interorganisational networks, which bring together key industry stakeholders and facilitate the flows of information, resources and trust necessary to secure innovation, have emerged as a key growth strategy within this and other arenas. The blending of organisations, resources and purposes creates new, hybrid institutional forms that draw on a mix of contract, structure and interpersonal relationship as integration processes. This paper argues that hybrid networked arrangements, because they incorporate relational elements, require management strategies and techniques that not always synonymous with conventional management approaches, including those used within the building and construction sector. It traces the emergence of the Construction Innovation Project in Australia as a hybrid institutional arrangement moulding public, private and academic stakeholders of the building and construction industry into a coherent collective force aimed at fostering innovation and its application within all levels of the industry. Specifically, the paper examines the Construction Innovation Project to ascertain the impact of relational governance and its management to harness and leverage the skills, resources and capacities of members to secure innovative outcomes. Finally, the paper offers some prospects to guide the ongoing work of this body and any other charged with a similar integrative responsibility.
