894 resultados para private security military company
Resumo:
Enterprises, both public and private, have rapidly commenced using the benefits of enterprise resource planning (ERP) combined with business analytics and “open data sets” which are often outside the control of the enterprise to gain further efficiencies, build new service operations and increase business activity. In many cases, these business activities are based around relevant software systems hosted in a “cloud computing” environment. “Garbage in, garbage out”, or “GIGO”, is a term long used to describe problems in unqualified dependency on information systems, dating from the 1960s. However, a more pertinent variation arose sometime later, namely “garbage in, gospel out” signifying that with large scale information systems, such as ERP and usage of open datasets in a cloud environment, the ability to verify the authenticity of those data sets used may be almost impossible, resulting in dependence upon questionable results. Illicit data set “impersonation” becomes a reality. At the same time the ability to audit such results may be an important requirement, particularly in the public sector. This paper discusses the need for enhancement of identity, reliability, authenticity and audit services, including naming and addressing services, in this emerging environment and analyses some current technologies that are offered and which may be appropriate. However, severe limitations to addressing these requirements have been identified and the paper proposes further research work in the area.
Resumo:
This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)
Resumo:
This thesis examines the role of conservative newspaper proprietors and editors to generate support for war against the Boers in South Africa. The thesis utilises Rune Ottosen's theoretical model concerning newspapers creating a pro-war mentality, and S.E. Finer's theory on the influences of the military on civilian Government. The pivotal supportive roles of Governor Lamington and Premiers Dickson and Philp and the oppositional role of Premier Dawson are also examined.
Resumo:
In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.
Resumo:
The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.
Resumo:
Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.
Resumo:
This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.
Resumo:
Suppose two parties, holding vectors A = (a 1,a 2,...,a n ) and B = (b 1,b 2,...,b n ) respectively, wish to know whether a i > b i for all i, without disclosing any private input. This problem is called the vector dominance problem, and is closely related to the well-studied problem for securely comparing two numbers (Yao’s millionaires problem). In this paper, we propose several protocols for this problem, which improve upon existing protocols on round complexity or communication/computation complexity.
Resumo:
Motivated by the need of private set operations in a distributed environment, we extend the two-party private matching problem proposed by Freedman, Nissim and Pinkas (FNP) at Eurocrypt’04 to the distributed setting. By using a secret sharing scheme, we provide a distributed solution of the FNP private matching called the distributed private matching. In our distributed private matching scheme, we use a polynomial to represent one party’s dataset as in FNP and then distribute the polynomial to multiple servers. We extend our solution to the distributed set intersection and the cardinality of the intersection, and further we show how to apply the distributed private matching in order to compute distributed subset relation. Our work extends the primitives of private matching and set intersection by Freedman et al. Our distributed construction might be of great value when the dataset is outsourced and its privacy is the main concern. In such cases, our distributed solutions keep the utility of those set operations while the dataset privacy is not compromised. Comparing with previous works, we achieve a more efficient solution in terms of computation. All protocols constructed in this paper are provably secure against a semi-honest adversary under the Decisional Diffie-Hellman assumption.
Resumo:
The final report for the ARC project "Airports of the Future". It contains the findings and recommendations provided by the various teams to the industry partners.
Resumo:
Since Queensland Wire Industries Pty Ltd v Broken Hill Pty Co Ltd (1989) 167 CLR 177 it has been recognised that corporations with substantial market power are subject to special responsibilities and restraints that corporations without market power are not. In NT Power Generation Pty Ltd v Power and Water Authority (2004) 219 CLR 90 McHugh A-CJ, Gummow, Callinan and Heydon JJ in their joint reasons stated (at [76]), that s 46 of the Competition and Consumer Act 2010 (Cth) (CCA) can operate not only to prevent firms with substantial market power from doing prohibited things, but also compel them positively to do things they do not want to do. Their Honours also stated (at [126]) that the proposition that a private property owner who declines to permit competitors to use the property is immune from s 46 is “intrinsically unsound”. However, the circumstances in which a firm with substantial power must accommodate competitors, and private property rights give way to the public interest are uncertain. The purpose of this Note is to consider recent developments in two areas of the CCA where the law requires private property rights to give way to the public interest. The first part of the Note considers two recent cases which clarify the circumstances in which s 46 of the CCA can be used to compel a firm with substantial market power to accommodate a competitor and allow the competitor to make use of private property rights in the public interest. Secondly, on 12 February 2014 the Minister for Small Business, the Hon Bruce Billson,released the Productivity Commission’s Final Report, on the National Access Regime in Pt IIIA of the CCA (National Access Regime, Inquiry Report No 66, Canberra). Pt IIIA provides for the processes by which third parties may obtain access to infrastructure owned by others in the public interest. The Report recommends that Pt IIIA be retained but makes a number of suggestions for its reform, some of which will be briefly considered.
Resumo:
Objectives: To assess the impact of exposure to ambient heat on urolithiasis among outdoor workers in a subtropical city of China. Methods: The 2003–2010 health check data of a shipbuilding company in Guangzhou, China were acquired. 190 cases and 760 matched controls were involved in this study. We assessed the relationship between exposure to ambient heat and urolithiasis for different occupations using conditional logistic regression. Results: Spray painters were most likely to develop urolithiasis (OR = 4.4; 95% CI: 1.7, 11.4), followed by smelter workers (OR = 4.0; 95% CI: 1.8, 9.2), welders (OR = 3.7; 95% CI: 1.9, 7.2), production security and quality inspectors (OR = 2.7; 95% CI: 1.4, 3.0), and assemblers (OR = 2.2; 95% CI: 1.1, 4.3). Overall, outdoor workers were more likely to present with urolithiasis compared with indoor employees (p b 0.05). In addition, workers with longer cumulative exposure time (OR = 1.5; 95% CI: 1.2, 1.8) and abnormal blood pressure (OR = 1.6; 95% CI: 1.0, 2.5) had higher risk for urolithiasis. Conclusions: Our findings demonstrate a significant association between exposure to ambient heat and urolithiasis among outdoor working populations. Public health intervention strategies should be developed to specifically target outdoor occupations.
Resumo:
For the past decade, at least, varieties of small, hand held networked instruments have appeared on the global scene, selling in record numbers, and being utilized by all manner of persons from the old to the young; children, women, men, the wealthy and the poor and in all countries. Their presences bespeak a radical shift in telecommunications infrastructure and the future of communications. They are particularly visible in urban areas where mobile transmission network infrastructure (3G, 4G, cellular and Wi-Fi) is more established and substantial, options more plentiful, and density of populations more dramatic. These end user products—I phones, cell phones, Blackberries, DSi, DS, IPads, Zooms, and others – of the mobile communications industry are the latest, hottest globalized commodities. At the same time, wirelessness, or the state of being wireless, and therefore capable of taking along one's networks, communicating from unlikely spaces, and navigating with GPS, is a complex social, political and economic communications phenomenon of early 21st century life. This thesis examines the specter of being wireless in cities. It lends the entire idea an experimentally envisioned, historical and planned context wherein personalization of media tools is seen both as a design development of corporate, artistic, and military imagination, as well as a profound social phenomenon enabling new forms of sharing, belonging, and urban community. In doing that it asserts the parameters of a new mobile space which, aside from clear benefits to humankind by way of mobility, has reinscribed numerous categories including gender. Moreover, it posits the recognition of other, more nuanced theoretical spaces for complex readings of gender and gendered use, including some instantiation of the notion of 'network' itself as a cyborgian and gendered social form. Additionally, cities are studied as places where technology is not only quickly popularized, but is connected to larger political interests, such as the reading of data, tracking of information, and the new security culture. In so doing the work has been undertaken as an urban spatial analysis and experimental ethnography, utilizing architectural, feminist, techno-utopian, industrial and theoretical literatures as discursive underpinnings from whence understandings and interpretations of mobile space, the mobile office, networked mobility, and personal media have come, linking the space of cities to specific, pioneering urban public art projects in which voice, texting and MMS have been utilized in expressions of ubiquitous networks and urban history. Through numerous examples of techno art, the thesis discusses the 'wireless city' as an emerging cultural, socially constructed economic and spatial entity, both conceived and formed through historic processes of urbanization.
Resumo:
Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient
