937 resultados para information security and public key infrastructure
Resumo:
The text addresses the issue of information security as exemplified by clandestine collaboration and the influence exerted by the Internal Security Agency officers upon journalists. The texts analyzes the de lege lata regulations as well as the de lege ferenda ones. As for the former, the penal provisions of the Act, that is Articles 153b–153d (Chapter 10a) are applicable, whereas as for the latter, the applicable regulations are the 2013 Bill Articles numbered 197-199 (Chapter 10). In both the 2002 Act on the Internal Security Agency and Foreign Intelligence Agency as well as in the 2013 draft Bill of the Internal Security Agency, the legislator penalizes the employment by the officers of the information acquired while fulfilling or in connection with official duties for the purpose of affecting the operation of public authority bodies, entrepreneurs or broadcasters, editors-in-chief, journalists and persons conducting publishing activity. Also, the text analyzes regulations concerned with the penalization of clandestine collaboration engaged in by ABW officers with a broadcaster, editor-in-chief, a journalist and a person conducting publishing activity.
Resumo:
This thesis develops a framework of key influences that must be considered in order to enable development of an information security culture in Australian small and medium enterprises. The study argues that, by ensuring that key influences are in place, an effective information security culture will evolve.
Resumo:
An effective information security culture is vital to the success of information systems governance, risk management and compliance. Small and medium size enterprises (SMEs) face special challenges developing an information security culture as they may lack the information security knowledge, skills and behaviours of large organisations. This paper reports the main findings from an interpretive study of key influences enabling an effective information security culture for Australian SMEs. The paper provides a framework depicting external and internal influences on SME information security culture and a set of key challenges in the Australian context. The findings highlight that SME owner attitudes and behaviour – in turn influenced by government involvement - strongly influence information security culture for Australian SMEs. A surprising finding is the potential influence of the Australian culture. Practical and theoretical implications are discussed.
Resumo:
Social media platforms such as Twitter pose new challenges for decision-makers in an international crisis. We examine Twitter’s role during Iran’s 2009 election crisis using a comparative analysis of Twitter investors, US State Department diplomats, citizen activists and Iranian protestors and paramilitary forces. We code for key events during the election’s aftermath from 12 June to 5 August 2009, and evaluate Twitter. Foreign policy, international political economy and historical sociology frameworks provide a deeper context of how Twitter was used by different users for defensive information operations and public diplomacy. Those who believe Twitter and other social network technologies will enable ordinary people to seize power from repressive regimes should consider the fate of Iran’s protestors, some of whom paid for their enthusiastic adoption of Twitter with their lives.
Resumo:
In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.
Resumo:
Certificateless public key encryption can be classified into two types, namely, CLE and CLE † , both of which were introduced by Al-Riyami and Paterson in Asiacrypt 2003. Most works about certificateless public key encryption belong to CLE, where the partial secret key is uniquely determined by an entity’s identity. In CLE † , an entity’s partial secret key is not only determined by the identity information but also by his/her (partial) public key. Such techniques can enhance the resilience of certificateless public key encryption against a cheating KGC. In this paper, we first formalize the security definitions of CLE † . After that, we demonstrate the gap between the security model of CLE † and CLE, by showing the insecurity of a CLE † scheme proposed by Lai and Kou in PKC 2007. We give an attack that can successfully break the indistinguishability of their CLE † scheme, although their scheme can be proved secure in the security model of CLE. Therefore, it does not suffice to consider the security of CLE † in the security model of CLE. Finally, we show how to secure Lai-Kou’s scheme by providing a new scheme with the security proof in the model of CLE †
Resumo:
Many aspects of our modern society now have either a direct or implicit dependence upon information technology. As such, a compromise of the availability or integrity in relation to these systems (which may encompass such diverse domains as banking, government, health care, and law enforcement) could have dramatic consequences from a societal perspective. These key systems are often referred to as critical infrastructure. Critical infrastructure can consist of corporate information systems or systems that control key industrial processes; these specific systems are referred to as ICS (Industry Control Systems) systems. ICS systems have devolved since the 1960s from standalone systems to networked architectures that communicate across large distances, utilise wireless network and can be controlled via the Internet. ICS systems form part of many countries’ key critical infrastructure, including Australia. They are used to remotely monitor and control the delivery of essential services and products, such as electricity, gas, water, waste treatment and transport systems. The need for security measures within these systems was not anticipated in the early development stages as they were designed to be closed systems and not open systems to be accessible via the Internet. We are also seeing these ICS and their supporting systems being integrated into organisational corporate systems.
Resumo:
Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.
Resumo:
We propose a public key cryptosystem based on block upper triangular matrices. This system is a variant of the Discrete Logarithm Problem with elements in a finite group, capable of increasing the difficulty of the problem while maintaining the key size. We also propose a key exchange protocol that guarantees that both parties share a secret element of this group and a digital signature scheme that provides data authenticity and integrity.
Resumo:
Mode of access: Internet.
Resumo:
"Serial no. 107-182."
Resumo:
Eleven commercial nuclear reactors used to generate electricity are currently operating at six sites in Illinois; no other state has as many nuclear reactors. In addition, there are two major research facilities in Illinois operated by the US Department of Energy (Argonne National Laboratory and FermiLab), uranium processing facilities at Metropolis and in nearby Paducah, Kentucky, several manufacturers of radiopharmaceuticals and other radioactive materials, thousands of radiation-producing machines used in medicine and industry, and a network of major arterial highways and rail lines over which radioactive material shipments move on a regular basis. Protecting the health and safety of Illinois citizens and the environment from the potentially harmful effects of ionizing radiation is a key function of IEMA'S Division of Nuclear Safety (DNS). That role is fulfilled through programs that monitor nuclear facilities around the clock, ensure the proper operation of radiation-producing equipment and the use of radioactive materials, and measure radioactivity in the environment to ensure no threats to public health exist.
Resumo:
Mode of access: Internet.
Resumo:
"Author's autography copy, no. 50."
Resumo:
"B-223830"--p.[1]
