A dedicated retrieval and transfer service : the QUARTS project

Background The transfer and/or retrieval of a critically patient is inherently dangerous not only for the patient but for staff as well. The quality and experience of unplanned transfers can influence patient mortality and morbidity. However, international evidence suggests that dedicated transfer/retrieval teams can improve mortality and morbidity outcomes. Aims The initial aim of this paper is to describe an in-house competency-based training programme, which encompasses the STaR approach to develop members of our existing nursing team to be part of the dedicated transfer/retrieval service. The paper also presents audit data findings which examined the source of referrals, number of patients actually transferred and clinical status of those being transferred. Results Audit data illustrate that the most frequent source of referrals comes from Accident and Emergency and the Surgical Directorate with the most common presenting condition being cardio-respiratory failure or arrest. Audit data reveal that the number of patients actually transferred or retrieved is relatively small (33%) compared with the overall number of requests for assistance. However, 36% of those patients transferred had a level 2 or level 3 acuity status that necessitated the admission to a critical care area. Conclusions A number of studies have concluded that the ill-experienced and ill-equipped transfer team can place patients’ at serious risk of harm. Whether planned or unplanned, dedicated critical care transfer/retrieval teams have been shown to reduce patient mortality and morbidity.

Nurse Prescribing in Acute and Chronic Pain Management

This chapter contains sections titled: Introduction Acute pain Chronic pain Rationale for service development Evaluation use of audit and CPD Justifying the advanced nursing contribution to develop nurse prescribing in pain management Conclusions References

Security metrics for Java bytecode programs

Although there are many approaches for developing secure programs, they are not necessarily helpful for evaluating the security of a pre-existing program. Software metrics promise an easy way of comparing the relative security of two programs or assessing the security impact of modifications to an existing one. Most studies in this area focus on high level source code but this approach fails to take compiler-specific code generation into account. In this work we describe a set of object-oriented Java bytecode security metrics which are capable of assessing the security of a compiled program from the point of view of potential information flow. These metrics can be used to compare the security of programs or assess the effect of program modifications on security using a tool which we have developed to automatically measure the security of a given Java bytecode program in terms of the accessibility of distinguished ‘classified’ attributes.

New paradigms for password security

For the past several decades, cryptographers have consistently provided us with stronger and more capable primitives and protocols that have found many applications in security systems in everyday life. One of the central tenets of cryptographic design is that, whereas a system’s architecture ought to be public and open to scrutiny, the keys on which it depends — long, utterly random, unique strings of bits — will be perfectly preserved by their owner, and yet nominally inaccessible to foes.

New security notions and relations for public-key encryption

Since their introduction, the notions of indistinguishability and non-malleability have been changed and extended by different authors to support different goals. In this paper, we propose new flavors of these notions, investigate their relative strengths with respect to previous notions, and provide the full picture of relationships (i.e., implications and separations) among the security notions for public-key encryption schemes. We take into account the two general security goals of indistinguishability and non-malleability, each in the message space, key space, and hybrid message-key space to find six specific goals, a couple of them, namely complete indistinguishability and key non-malleability, are new. Then for each pair of goals, coming from the indistinguishability or non-malleability classes, we prove either an implication or a separation, completing the full picture of relationships among all these security notions. The implications and separations are respectively supported by formal proofs (i.e., reductions) in the concrete-security framework and by counterexamples.

Pre-service teachers’ epistemic perspectives about philosophy in the classroom : it is not a bunch of ‘hippie stuff’

Using epistemic perspectives as a theoretical framework, this study investigated Australian pre-service teachers’ perspectives about knowing, knowledge and children’s learning, as they engaged in a semester-long unit on philosophy in the classroom. During the field experience component of the unit, pre-service teachers were required to teach at least one philosophy lesson. Pre-service teachers completed the Personal Epistemological Beliefs Survey at the beginning and end of the unit. They were also interviewed in focus groups at the end of the semester to investigate their views about children’s learning. Paired sample t-tests were used to explore changes in epistemic beliefs over time. Significant differences were found for only some individual items on the survey. However, when interviewed, pre-service teachers indicated that field experiences helped them consider children as competent ‘thinkers’ who were capable of engaging in philosophy in the classroom. They reported predominantly student-centred perspectives of children’s learning, although a process of adjudication (exploring disagreements and evidence for responses) was lacking in these responses.

Tell me what you see : pre-service teachers' recognition of exemplary digital pedagogy

How do you identify "good" teaching practice in the complexity of a real classroom? How do you know that beginning teachers can recognise effective digital pedagogy when they see it? How can teacher educators see through their students’ eyes? The study in this paper has arisen from our interest in what pre-service teachers “see” when observing effective classroom practice and how this might reveal their own technological, pedagogical and content knowledge. We asked 104 pre-service teachers from Early Years, Primary and Secondary cohorts to watch and comment upon selected exemplary videos of teachers using ICT (information and communication technologies) in Science. The pre-service teachers recorded their observations using a simple PMI (plus, minus, interesting) matrix which were then coded using the SOLO Taxonomy to look for evidence of their familiarity with and judgements of digital pedagogies. From this, we determined that the majority of preservice teachers we surveyed were using a descriptive rather than a reflective strategy, that is, not extending beyond what was demonstrated in the teaching exemplar or differentiating between action and purpose. We also determined that this method warrants wider trialling as a means of evaluating students’ understandings of the complexity of the digital classroom.

Reframing Conceptions of Contemporary Literacy Capabilities in Pre-Service Primary Teacher Education

This chapter describes the challenges of integrating new technologies with literacy education in pre-service primary teacher education in Australia. The authors describe the policy context and regulatory mechanisms controlling pre-service education, including a national set of professional standards for graduate teachers, a new national curriculum for school students, the introduction of high stakes national assessment for school students, and the looming threat of decontextualized back-to-the-basics professional entry tests for aspiring teachers. The chapter includes three case studies of the authors’ pedagogical practices that attempt to reframe conceptions of the literacy capabilities of pre-service teachers to reflect the complex and sophisticated requirements of teachers in contemporary schooling. The authors conclude the chapter with a discussion of the implications of these case studies as they illustrate the ways that pre-service teachers can be scaffolded and supported to develop creative capacity and critical awareness of the kinds of literacies required in the digital age despite restrictive regimes.

Cyber security of networked critical infrastructures [Guest Editorial]

A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.

Cultural drivers of high performing knowledge-intensive service organisations

Organisational culture is considered an important influence on performance, particularly for service firms that rely on values-driven social controls to enhance human interactions (O’Reilly & Chatman, 1996). Using a qualitative approach, we show how the modified Organisational Culture Profile developed by Sarros, Gray, Densten, and Cooper (2005) to assess Australian organisations provides a framework for exploring the cultural drivers of high performing knowledge-intensive service firms in New Zealand. Our study provides rich insights into how six key cultural dimensions–competitiveness, innovation, performance orientation, emphasis on rewards, supportiveness and social responsibility–are translated into strategic human resource management practices.

Does counting still count? Revisiting the security of counting based user authentication protocols against statistical attacks

At NDSS 2012, Yan et al. analyzed the security of several challenge-response type user authentication protocols against passive observers, and proposed a generic counting based statistical attack to recover the secret of some counting based protocols given a number of observed authentication sessions. Roughly speaking, the attack is based on the fact that secret (pass) objects appear in challenges with a different probability from non-secret (decoy) objects when the responses are taken into account. Although they mentioned that a protocol susceptible to this attack should minimize this difference, they did not give details as to how this can be achieved barring a few suggestions. In this paper, we attempt to fill this gap by generalizing the attack with a much more comprehensive theoretical analysis. Our treatment is more quantitative which enables us to describe a method to theoretically estimate a lower bound on the number of sessions a protocol can be safely used against the attack. Our results include 1) two proposed fixes to make counting protocols practically safe against the attack at the cost of usability, 2) the observation that the attack can be used on non-counting based protocols too as long as challenge generation is contrived, 3) and two main design principles for user authentication protocols which can be considered as extensions of the principles from Yan et al. This detailed theoretical treatment can be used as a guideline during the design of counting based protocols to determine their susceptibility to this attack. The Foxtail protocol, one of the protocols analyzed by Yan et al., is used as a representative to illustrate our theoretical and experimental results.

Security evaluation of Rakaposhi Stream Cipher

Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs. Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87. If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 2 54.

Active security in multiparty computation over black-box groups

Most previous work on unconditionally secure multiparty computation has focused on computing over a finite field (or ring). Multiparty computation over other algebraic structures has not received much attention, but is an interesting topic whose study may provide new and improved tools for certain applications. At CRYPTO 2007, Desmedt et al introduced a construction for a passive-secure multiparty multiplication protocol for black-box groups, reducing it to a certain graph coloring problem, leaving as an open problem to achieve security against active attacks. We present the first n-party protocol for unconditionally secure multiparty computation over a black-box group which is secure under an active attack model, tolerating any adversary structure Δ satisfying the Q 3 property (in which no union of three subsets from Δ covers the whole player set), which is known to be necessary for achieving security in the active setting. Our protocol uses Maurer’s Verifiable Secret Sharing (VSS) but preserves the essential simplicity of the graph-based approach of Desmedt et al, which avoids each shareholder having to rerun the full VSS protocol after each local computation. A corollary of our result is a new active-secure protocol for general multiparty computation of an arbitrary Boolean circuit.

NTRUCCA : how to strengthen NTRUEncrypt to chosen-ciphertext security in the standard model

NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA, that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE, which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k − 1)-of-k-correlated input distributions.

Everything you do : young adult fiction and surveillance in an age of security

Espionage, surveillance and clandestine operations by secret agencies and governments were something of an East–West obsession in the second half of the twentieth century, a fact reflected in literature and film. In the twenty-first century, concerns of the Cold War and the threat of Communism have been rearticulated in the wake of 9/11. Under the rubric of ‘terror’ attacks, the discourses of security and surveillance are now framed within an increasingly global context. As this article illustrates, surveillance fiction written for young people engages with the cultural and political tropes that reflect a new social order that is different from the Cold War era, with its emphasis on spies, counter espionage, brainwashing and psychological warfare. While these tropes are still evident in much recent literature, advances in technology have transformed the means of tracking, profiling and accumulating data on individuals’ daily activities. Little Brother, The Hunger Games and Article 5 reflect the complex relationship between the real and the imaginary in the world of surveillance and, as this paper discusses, raise moral and ethical issues that are important questions for young people in our age of security.