Performance analysis of unified enterprise application security framework

Unified Enterprise application security is a new emerging approach for providing protection against application level attacks. Conventional application security approach that consists of embedding security into each critical application leads towards scattered security mechanism that is not only difficult to manage but also creates security loopholes. According to the CSIIFBI computer crime survey report, almost 80% of the security breaches come from authorized users. In this paper, we have worked on the concept of unified security model, which manages all security aspect from a single security window. The basic idea is to keep business functionality separate from security components of the application. Our main focus was on the designing of frame work for unified layer which supports single point of policy control, centralize logging mechanism, granular, context aware access control, and independent from any underlying authentication technology and authorization policy.

Dynamic analysis of on-board mass data to determine tampering in heavy vehicle on-board mass systems

Transport Certification Australia Limited, jointly with the National Transport Commission, has undertaken a project to investigate the feasibility of on-board mass monitoring (OBM) devices for regulatory purposes. OBM increases jurisdictional confidence in operational heavy vehicle compliance. This paper covers technical issues regarding potential use of dynamic data from OBM systems to indicate that tampering has occurred. Tamper-evidence and accuracy of current OBM systems needed to be determined before any regulatory schemes were put in place for its use. Tests performed to determine potential for, and ease of, tampering. An algorithm was developed to detect tamper events. Its results are detailed.

Thermogravimetric analysis-mass spectrometry (TG-MS) of selected Chinese kaolinites

Thermogravimetric analysis-mass spectrometry, X-ray diffraction and scanning electron microscopy (SEM) were used to characterize eight kaolinite samples from China. The results show that the thermal decomposition occurs in three main steps (a) desorption of water below 100 °C, (b) dehydration at about 225 °C, (c) well defined dehydroxylation at around 450 °C. It is also found that decarbonization took place at 710 °C due to the decomposition of calcite impurity in kaolin. The temperature of dehydroxylation of kaolinite is found to be influenced by the degree of disorder of the kaolinite structure and the gases evolved in the decomposition process can be various because of the different amount and kinds of impurities. It is evident by the mass spectra that the interlayer carbonate from impurity of calcite and organic carbon is released as CO2 around 225, 350 and 710 °C in the kaolinite samples.

Thermogravimetric analysis of selected coal-bearing strata kaolinite

Two kinds of coal-bearing kaolinite from China were analysed by X-ray diffraction (XRD), Thermogravimetric analysis-mass spectrometry (TG-MS), infrared emission spectroscopy. Thermal decomposition occurs in a series of steps attributed to (a) desorption of water at 68 °C for Datong coal bearing strata kaolinite and 56 °C for Xiaoxian with mass losses of 0.36 % and 0.51 % (b) decarbonization at 456 °C for Datong coal bearing strata kaolinite and 431 °C for Xiaoxian kaolinite, (c) dehydroxylation takes place in two steps at 589 and 633 °C for Datong coal bearing strata kaolinite and at 507 °C and 579 °C for Xiaoxian kaolinite. This mineral were further characterised by infrared emission spectroscopy (IES). Well defined hydroxyl stretching bands at around 3695, 3679, 3652 and 3625 cm-1 are observed. At 650 °C all intensity in these bands is lost in harmony with the thermal analysis results. Characteristic functional groups from coal are observed at 1918, 1724 and 1459 cm-1. The intensity of these bands decrease by thermal treatment and is lost by 700 °C.

Technical report : acoustic analysis of the natural environment

This technical report is concerned with one aspect of environmental monitoring—the detection and analysis of acoustic events in sound recordings of the environment. Sound recordings offer ecologists the potential advantages of cheaper and increased sampling. An acoustic event detection algorithm is introduced that outputs a compact rectangular marquee description of each event. It can disentangle superimposed events, which are a common occurrence during morning and evening choruses. Next, three uses to which acoustic event detection can be put are illustrated. These tasks have been selected because they illustrate quite different modes of analysis: (1) the detection of diffuse events caused by wind and rain, which are a frequent contaminant of recordings of the terrestrial environment; (2) the detection of bird calls using the spatial distribution of their component events; and (3) the preparation of acoustic maps for whole ecosystem analysis. This last task utilises the temporal distribution of events over a daily, monthly or yearly cycle.

Monitoring and analysis of internet traffic targeting unused address spaces

Today’s evolving networks are experiencing a large number of different attacks ranging from system break-ins, infection from automatic attack tools such as worms, viruses, trojan horses and denial of service (DoS). One important aspect of such attacks is that they are often indiscriminate and target Internet addresses without regard to whether they are bona fide allocated or not. Due to the absence of any advertised host services the traffic observed on unused IP addresses is by definition unsolicited and likely to be either opportunistic or malicious. The analysis of large repositories of such traffic can be used to extract useful information about both ongoing and new attack patterns and unearth unusual attack behaviors. However, such an analysis is difficult due to the size and nature of the collected traffic on unused address spaces. In this dissertation, we present a network traffic analysis technique which uses traffic collected from unused address spaces and relies on the statistical properties of the collected traffic, in order to accurately and quickly detect new and ongoing network anomalies. Detection of network anomalies is based on the concept that an anomalous activity usually transforms the network parameters in such a way that their statistical properties no longer remain constant, resulting in abrupt changes. In this dissertation, we use sequential analysis techniques to identify changes in the behavior of network traffic targeting unused address spaces to unveil both ongoing and new attack patterns. Specifically, we have developed a dynamic sliding window based non-parametric cumulative sum change detection techniques for identification of changes in network traffic. Furthermore we have introduced dynamic thresholds to detect changes in network traffic behavior and also detect when a particular change has ended. Experimental results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach, using both synthetically generated datasets and real network traces collected from a dedicated block of unused IP addresses.

A confirmatory factor analysis of the Toronto Alexithymia Scale (TAS-20) in an alcohol-dependent sample

Confirmatory factor analyses were conducted to evaluate the factorial validity of the Toronto Alexithymia Scale in an alcohol-dependent sample. Several factor models were examined, but all models were rejected given their poor fit. A revision of the TAS-20 in alcohol-dependent populations may be needed.

Technical report : acoustic analysis of the natural environment

This technical report is concerned with one aspect of environmental monitoring—the detection and analysis of acoustic events in sound recordings of the environment. Sound recordings offer ecologists the potential advantages of cheaper and increased sampling. An acoustic event detection algorithm is introduced that outputs a compact rectangular marquee description of each event. It can disentangle superimposed events, which are a common occurrence during morning and evening choruses. Next, three uses to which acoustic event detection can be put are illustrated. These tasks have been selected because they illustrate quite different modes of analysis: (1) the detection of diffuse events caused by wind and rain, which are a frequent contaminant of recordings of the terrestrial environment; (2) the detection of bird calls using the spatial distribution of their component events; and (3) the preparation of acoustic maps for whole ecosystem analysis. This last task utilises the temporal distribution of events over a daily, monthly or yearly cycle.

An adaptive local meshfree updated Lagrangian approach for large deformation analysis of metal forming

The large deformation analysis is one of major challenges in numerical modelling and simulation of metal forming. Because no mesh is used, the meshfree methods show good potential for the large deformation analysis. In this paper, a local meshfree formulation, based on the local weak-forms and the updated Lagrangian (UL) approach, is developed for the large deformation analysis. To fully employ the advantages of meshfree methods, a simple and effective adaptive technique is proposed, and this procedure is much easier than the re-meshing in FEM. Numerical examples of large deformation analysis are presented to demonstrate the effectiveness of the newly developed nonlinear meshfree approach. It has been found that the developed meshfree technique provides a superior performance to the conventional FEM in dealing with large deformation problems for metal forming.

What's your other job : a census analysis of arts employment in Australia

This report applies CCI’s creative trident methodology with the definition of the arts as established by the Australia Council for the Arts to data sourced from Australia’s national census data (from 1996, 2001 and the most recent one in 2006). Analysis has been conducted on employment, income, gender, age and the nature of employment for artists and arts related workers within and beyond the arts industries, as well as other support workers in the arts industries.

Generic one round group key exchange in the standard model

Minimizing complexity of group key exchange (GKE) protocols is an important milestone towards their practical deployment. An interesting approach to achieve this goal is to simplify the design of GKE protocols by using generic building blocks. In this paper we investigate the possibility of founding GKE protocols based on a primitive called multi key encapsulation mechanism (mKEM) and describe advantages and limitations of this approach. In particular, we show how to design a one-round GKE protocol which satisfies the classical requirement of authenticated key exchange (AKE) security, yet without forward secrecy. As a result, we obtain the first one-round GKE protocol secure in the standard model. We also conduct our analysis using recent formal models that take into account both outsider and insider attacks as well as the notion of key compromise impersonation resilience (KCIR). In contrast to previous models we show how to model both outsider and insider KCIR within the definition of mutual authentication. Our analysis additionally implies that the insider security compiler by Katz and Shin from ACM CCS 2005 can be used to achieve more than what is shown in the original work, namely both outsider and insider KCIR.

Algebraic analysis of small scale LEX-BES

This paper examines the algebraic cryptanalysis of small scale variants of the LEX-BES. LEX-BES is a stream cipher based on the Advanced Encryption Standard (AES) block cipher. LEX is a generic method proposed for constructing a stream cipher from a block cipher, initially introduced by Biryukov at eSTREAM, the ECRYPT Stream Cipher project in 2005. The Big Encryption System (BES) is a block cipher introduced at CRYPTO 2002 which facilitates the algebraic analysis of the AES block cipher. In this paper, experiments were conducted to find solution of the equation system describing small scale LEX-BES using Gröbner Basis computations. This follows a similar approach to the work by Cid, Murphy and Robshaw at FSE 2005 that investigated algebraic cryptanalysis on small scale variants of the BES. The difference between LEX-BES and BES is that due to the way the keystream is extracted, the number of unknowns in LEX-BES equations is fewer than the number in BES. As far as the author knows, this attempt is the first at creating solvable equation systems for stream ciphers based on the LEX method using Gröbner Basis computations.

Service identification through value chain analysis and prioritization

In a resource constrained business world, strategic choices must be made on process improvement and service delivery. There are calls for more agile forms of enterprises and much effort is being directed at moving organizations from a complex landscape of disparate application systems to that of an integrated and flexible enterprise accessing complex systems landscapes through service oriented architecture (SOA). This paper describes the deconstruction of an enterprise into business services using value chain analysis as each element in the value chain can be rendered as a business service in the SOA. These business services are explicitly linked to the attainment of specific organizational strategies and their contribution to the attainment of strategy is assessed and recorded. This contribution is then used to provide a rank order of business service to strategy. This information facilitates executive decision making on which business service to develop into the SOA. The paper describes an application of this Critical Service Identification Methodology (CSIM) to a case study.

Synthesis and thermal analysis of Indium based hydrotalcites of formula Mg6In2(CO3)(OH)16•4H2O

Insight into the unique structure of layered double hydroxides has been obtained using a combination of X-ray diffraction and thermal analysis. Indium containing hydrotalcites of formula Mg4In2(CO3)(OH)12•4H2O (2:1 In-LDH) through to Mg8In2(CO3)(OH)18•4H2O (4:1 In-LDH) with variation in the Mg:In ratio have been successfully synthesised. The d(003) spacing varied from 7.83 Å for the 2:1 LDH to 8.15 Å for the 3:1 indium containing layered double hydroxide. Distinct mass loss steps attributed to dehydration, dehydroxylation and decarbonation are observed for the indium containing hydrotalcite. Dehydration occurs over the temperature range ambient to 205 °C. Dehydroxylation takes place in a series of steps over the 238 to 277 °C temperature range. Decarbonation occurs between 763 and 795 °C. The dehydroxylation and decarbonation steps depend upon the Mg:In ratio. The formation of indium containing hydrotalcites and their thermal activation provides a method for the synthesis of indium oxide based catalysts.