A broadcast authentication and integrity augmentation for trusted differential GPS in marine navigation

In this paper we propose an efficient authentication and integrity scheme to support DGPS corrections using the RTCM protocol, such that the identified vulnerabilities in DGPS are mitigated. The proposed scheme is based on the TESLA broadcast protocol with modifications that make it suitable for the bandwidth and processor constrained environment of marine DGPS.

Universally composable contributory group key exchange

We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.

Modeling key compromise impersonation attacks on group key exchange protocols

A key exchange protocol allows a set of parties to agree upon a secret session key over a public network. Two-party key exchange (2PKE) protocols have been rigorously analyzed under various models considering different adversarial actions. However, the analysis of group key exchange (GKE) protocols has not been as extensive as that of 2PKE protocols. Particularly, the security attribute of key compromise impersonation (KCI) resilience has so far been ignored for the case of GKE protocols. We first model the security of GKE protocols addressing KCI attacks by both outsider and insider adversaries. We then show that a few existing protocols are not secure even against outsider KCI attacks. The attacks on these protocols demonstrate the necessity of considering KCI resilience for GKE protocols. Finally, we give a new proof of security for an existing GKE protocol under the revised model assuming random oracles.

Secure communication protocol for preserving E-tendering integrity.

This paper presents a secure communication protocol which can be used as the framework for an e-tendering scheme. This protocol is focused on securing the integrity of tendering documents and ensuring that a secure record of document generation is kept. Our protocol provides a mechanism to manage e-tendering contract evidence as a legal record in a unique and effective manner. It is the starting point of reliable record keeping. To a certain extent, it also addresses existing security problems in the traditional tendering processes.

End-of-life care pathways for improving outcomes in caring for the dying (Protocol)

We aim to assess the effects of end-of-life care pathways, compared with usual care or with care guided by another end-of-life care pathway across all healthcare settings (hospitals, residential aged care facilities, community). In particular, we aim to assess the effects on symptom severity and quality of life of people who are dying and/or those related to the care such as families, caregivers and health professionals.

Treadmill adaptation and verification of self-selected walking speed : a protocol for children

The term self-selected (i.e., individual or comfortable walking pace or speed) is commonly used in the literature (Frost, Dowling, Bar-Or, & Dyson, 1997; Jeng, Liao, Lai, & Hou, 1997; Wergel-Kolmert & Wohlfart, 1999; Maltais, Bar-Or, Pienynowski, & Galea, 2003; Browning & Kram, 2005; Browning, Baker, Herron, & Kram, 2006; Hills, Byrne, Wearing, & Armstrong, 2006) and is identified as the most efficient walking speed, with increased efficiency defined by lower oxygen uptake (VO^sub 2^) per unit mechanical work (Hoyt & Taylor, 1981; Taylor, Heglund, & Maloiy, 1982; Hreljac, 1993). [...] assessing individual and group differences in metabolic energy expenditure using oxygen uptake requires individuals to be comfortable with, and able to accommodate to, the equipment.

Modeling and Verification of Privacy Enhancing Protocols

Privacy enhancing protocols (PEPs) are a family of protocols that allow secure exchange and management of sensitive user information. They are important in preserving users’ privacy in today’s open environment. Proof of the correctness of PEPs is necessary before they can be deployed. However, the traditional provable security approach, though well established for verifying cryptographic primitives, is not applicable to PEPs. We apply the formal method of Coloured Petri Nets (CPNs) to construct an executable specification of a representative PEP, namely the Private Information Escrow Bound to Multiple Conditions Protocol (PIEMCP). Formal semantics of the CPN specification allow us to reason about various security properties of PIEMCP using state space analysis techniques. This investigation provides us with preliminary insights for modeling and verification of PEPs in general, demonstrating the benefit of applying the CPN-based formal approach to proving the correctness of PEPs.

Information interventions for orienting patients and their carers to cancer care facilities (Protocol)

To assess the effects of information interventions which orient patients and their carers/family to a cancer care facility and the services available in the facility.

Multi-factor password-authenticated key exchange

We consider a new form of authenticated key exchange which we call multi-factor password-authenticated key exchange, where session establishment depends on successful authentication of multiple short secrets that are complementary in nature, such as a long-term password and a one-time response, allowing the client and server to be mutually assured of each other's identity without directly disclosing private information to the other party. Multi-factor authentication can provide an enhanced level of assurance in higher-security scenarios such as online banking, virtual private network access, and physical access because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised. We introduce a security model for multi-factor password-authenticated key exchange protocols, propose an efficient and secure protocol called MFPAK, and provide a security argument to show that our protocol is secure in this model. Our security model is an extension of the Bellare-Pointcheval-Rogaway security model for password-authenticated key exchange and accommodates an arbitrary number of symmetric and asymmetric authentication factors.

Synopolies: The use of cryptographic technologies to impede competition in multiple jurisdictions

Many jurisdictions have developed mature infrastructures, both administratively and legislatively, to promote competition. Substantial funds have been expended to monitor activities that are anticompetitive and many jurisdictions also have adopted a form of "Cartel Leniency Program", first developed by the US Federal Trade Commission, to assist in cartel detection. Further, some jurisdictions are now criminalizing cartel behaviour so that cartel participants can be held criminally liable with substantial custodial penalties imposed. Notwithstanding these multijurisdictional approaches, a new form of possibly anticompetitive behaviour is looming. Synergistic monopolies („synopolies‟) involve not competitors within a horizontal market but complimentors within separate vertical markets. Where two complimentary corporations are monopolists in their own market they can, through various technologies, assist each other to expand their respective monopolies thus creating a barrier to new entrants and/or blocking existing participants from further participation in that market. The nature of the technologies involved means that it is easy for this potentially anti-competitive activity to enter and affect the global marketplace. Competition regulators need to be aware of this potential for abuse and ensure that their respective competition frameworks appropriately address this activity. This paper discusses how new technologies can be used to create a synopoly.