Identity, addressing, authenticity and audit requirements for trust in ERP, analytics and big/open data in a “Cloud” computing environment : a review and proposal

Enterprises, both public and private, have rapidly commenced using the benefits of enterprise resource planning (ERP) combined with business analytics and “open data sets” which are often outside the control of the enterprise to gain further efficiencies, build new service operations and increase business activity. In many cases, these business activities are based around relevant software systems hosted in a “cloud computing” environment. “Garbage in, garbage out”, or “GIGO”, is a term long used to describe problems in unqualified dependency on information systems, dating from the 1960s. However, a more pertinent variation arose sometime later, namely “garbage in, gospel out” signifying that with large scale information systems, such as ERP and usage of open datasets in a cloud environment, the ability to verify the authenticity of those data sets used may be almost impossible, resulting in dependence upon questionable results. Illicit data set “impersonation” becomes a reality. At the same time the ability to audit such results may be an important requirement, particularly in the public sector. This paper discusses the need for enhancement of identity, reliability, authenticity and audit services, including naming and addressing services, in this emerging environment and analyses some current technologies that are offered and which may be appropriate. However, severe limitations to addressing these requirements have been identified and the paper proposes further research work in the area.

How public owners communicate the sustainability requirements of green design-build projects

The design-build (DB) system is regarded as an effective means of delivering sustainable buildings. Specifying clear sustainability requirements to potential contractors is of great importance to project success. This research investigates the current state-of-the-practice for the definition of sustainability requirements within the public sectors of the U.S. construction market using a robust content analysis of 49 DB requests for proposals (RFPs). The results reveal that owners predominantly communicate their desired level of sustainability through the LEED certification system. The sustainability requirement has become an important dimension for the best-value evaluation of DB contractors with specific importance weightings of up to 25%. Additionally, owners of larger projects and who provide less design information in their RFPs generally allocate significantly higher importance weightings to sustainability requirements. The primary knowledge contribution of this study to the construction industry is the reveal of current trend in DB procurement for green projects. The findings also provide owners, architects, engineers, and constructors with an effective means of communicating sustainability objectives in solicitation documents.

Non-formal techniques for requirements elicitation, modeling, and early assessment for services

Designing systems for multiple stakeholders requires frequent collaboration with multiple stakeholders from the start. In many cases at least some stakeholders lack a professional habit of formal modeling. We report observations from two case studies of stakeholder-involvement in early design where non-formal techniques supported strong collaboration resulting in deep understanding of requirements and of the feasibility of solutions.

Personal injury in motor accident in NSW - procedural requirements under Motor Accidents Insurance Act 1988 (NSW)

In Hooper v Robinson [2002] QDC 080 (District Court of Queensland, D 4841 of 2001, McGill DCJ, 19.4.2002) McGill DCJ considered the application of the decision in John Pfeiffer Pty Ltd v Rogerson [2000] 203 CLR 503 to notice requirements such as in s42 of NSW Motor Accident Insurance Act 1988 and concluded such provisions are now substantive.

Systematic integration of human factors in the specification of requirements for new railway technologies

Engineering design processes are necessary to attain the requisite standards of integrity for high-assurance safety-related systems. Additionally, human factors design initiatives can provide critical insights that parameterise their development. Unfortunately, the popular perception of human factors as a “forced marriage” between engineering and psychology often provokes views where the ‘human factor’ is perceived as a threat to systems design. Some popular performance-based standards for developing safety-related systems advocate identifying and managing human factors throughout the system lifecycle. However, they also have a tendency to fall short in their guidance on the application of human factors methods and tools, let alone how the outputs generated can be integrated in to various stages of the design process. This case study describes a project that converged engineering with human factors to develop a safety argument for new low-cost railway level crossing technology for system-wide implementation in Australia. The paper enjoins the perspectives of a software engineer and cognitive psychologist and their involvement in the project over two years of collaborative work to develop a safety argument for low-cost level crossing technology. Safety and reliability requirements were informed by applying human factors analytical tools that supported the evaluation and quantification of human reliability where users interfaced with the technology. The project team was confronted with significant challenges in cross-disciplinary engagement, particularly with the complexities of dealing with incongruences in disciplinary language. They were also encouraged to think ‘outside the box’ as to how users of a system interpreted system states and ehaviour. Importantly, some of these states, while considered safe within the boundary of the constituent systems that implemented safety-related functions, could actually lead the users to engage in deviant behaviour. Psychology explained how user compliance could be eroded to levels that effectively undermined levels of risk reduction afforded by systems. Linking the engineering and psychology disciplines intuitively, overall safety performance was improved by introducing technical requirements and making design decisions that minimized the system states and behaviours that led to user deviancy. As a commentary on the utility of transdisciplinary collaboration for technical specification, the processes used to bridge the two disciplines are conceptualised in a graphical model.

New sale and leasing requirements for owners of swimming pools and their application to strata schemes

This article considers the changes to the Swimming Pools Act 1992 (NSW)(Act) which established a State-wide online register of all private swimming pools in NSW requiring pool owners to register their pools by 19 November 2013. Amendments to the Act introduced changes to the conveyancing and residential tenancy regulations to require vendors and landlords to have a valid Compliance Certificate issued for their swimming pool before offering the property for sale or lease. This article provides a brief overview of the new sale and leasing requirements effective from 29 April 2014, focusing on its application to lot owners within strata and community title schemes and other owners of water front properties with pools on Crown Land Reserves.

Safe Design Project : Review of occupational health and safety legal requirements for designers, manufacturers, suppliers, importers and other relevant obligation bearers

In seeking to achieve Australian workplaces free from injury and disease NOHSC works to lead and coordinate national efforts to prevent workplace death, injury and disease. We seek to achieve our mission through the quality and relevance of information we provide and to influence the activities of all parties with roles in improving Australia’s OHS performance. NOHSC has five strategic objectives: • improving national data systems and analysis, • improving national access to OHS information, • improving national components of the OHS and related regulatory framework, • facilitating and coordinating national OHS research efforts, • monitoring progress against the National OHS Improvement Framework. This publication is a contribution to achieving those objectives

Side Channel Analysis of Some Hash Based MACs: A Response to SHA-3 Requirements

The forthcoming NIST’s Advanced Hash Standard (AHS) competition to select SHA-3 hash function requires that each candidate hash function submission must have at least one construction to support FIPS 198 HMAC application. As part of its evaluation, NIST is aiming to select either a candidate hash function which is more resistant to known side channel attacks (SCA) when plugged into HMAC, or that has an alternative MAC mode which is more resistant to known SCA than the other submitted alternatives. In response to this, we perform differential power analysis (DPA) on the possible smart card implementations of some of the recently proposed MAC alternatives to NMAC (a fully analyzed variant of HMAC) and HMAC algorithms and NMAC/HMAC versions of some recently proposed hash and compression function modes. We show that the recently proposed BNMAC and KMDP MAC schemes are even weaker than NMAC/HMAC against the DPA attacks, whereas multi-lane NMAC, EMD MAC and the keyed wide-pipe hash have similar security to NMAC against the DPA attacks. Our DPA attacks do not work on the NMAC setting of MDC-2, Grindahl and MAME compression functions.

Normative requirements for regulatory compliance: An abstract formal framework

By definition, regulatory rules (in legal context called norms) intend to achieve specific behaviour from business processes, and might be relevant to the whole or part of a business process. They can impose conditions on different aspects of process models, e.g., control-flow, data and resources etc. Based on the rules sets, norms can be classified into various classes and sub-classes according to their effects. This paper presents an abstract framework consisting of a list of norms and a generic compliance checking approach on the idea of (possible) execution of processes. The proposed framework is independent of any existing formalism, and provides a conceptually rich and exhaustive ontology and semantics of norms needed for business process compliance checking. The possible uses of the proposed framework include to compare different compliance management frameworks (CMFs).

New paradigm, new educational requirements? Australian viewpoints on education for digital libraries

The rise in popularity of the digital library has lead to studies addressing digital library education and curricula development to emanate from the United States and Europe. However, to date very little research has been conducted with an Australian focus. Additionally, very few studies worldwide have sought the opinions of practitioners and the influence that these opinions may have on developing appropriate digital library curricula. The current paper is drawn from a larger study which sought to determine the skills and knowledge required of library and information professionals to work in a digital library environment. Data were collected via an online questionnaire from two target groups: practitioners working in academic libraries and Library and Information Science (LIS) educators across Australia. This paper examines in depth the findings from the survey specifically relating to the following topics. Firstly, whether or not there is a need for an educational programme to be targeted solely at the digital library environment. Secondly, the preferred delivery options for such a programme, and preferred models of digital library education. In addition, a determination on the elements which should be included in the curricula of a digital library education programme are discussed. Findings are compared and discussed with reference to the literature which informed the study. Finally, implications for the sustainability of library education programmes in Australia are identified and directions for further research highlighted.

Investigation of structural requirements of anticancer activity at the paclitaxel/tubulin binding site using CoMFA and CoMSIA

CoMFA and CoMSIA analysis were utilized in this investigation to define the important interacting regions in paclitaxel/tubulin binding site and to develop selective paclitaxel-like active compounds. The starting geometry of paclitaxel analogs was taken from the crystal structure of docetaxel. A total of 28 derivatives of paclitaxel were divided into two groups—a training set comprising of 19 compounds and a test set comprising of nine compounds. They were constructed and geometrically optimized using SYBYL v6.6. CoMFA studies provided a good predictability (q2 = 0.699, r2 = 0.991, PC = 6, S.E.E. = 0.343 and F = 185.910). They showed the steric and electrostatic properties as the major interacting forces whilst the lipophilic property contribution was a minor factor for recognition forces of the binding site. These results were in agreement with the experimental data of the binding activities of these compounds. Five fields in CoMSIA analysis (steric, electrostatic, hydrophobic, hydrogen-bond acceptor and donor properties) were considered contributors in the ligand–receptor interactions. The results obtained from the CoMSIA studies were: q2 = 0.535, r2 = 0.983, PC = 5, S.E.E. = 0.452 and F = 127.884. The data obtained from both CoMFA and CoMSIA studies were interpreted with respect to the paclitaxel/tubulin binding site. This intuitively suggested where the most significant anchoring points for binding affinity are located. This information could be used for the development of new compounds having paclitaxel-like activity with new chemical entities to overcome the existing pharmaceutical barriers and the economical problem associated with the synthesis of the paclitaxel analogs. These will boost the wide use of this useful class of compounds, i.e. in brain tumors as the most of the present active compounds have poor blood–brain barrier crossing ratios and also, various tubulin isotypes has shown resistance to taxanes and other antimitotic agents.