Everything you do : young adult fiction and surveillance in an age of security

Espionage, surveillance and clandestine operations by secret agencies and governments were something of an East–West obsession in the second half of the twentieth century, a fact reflected in literature and film. In the twenty-first century, concerns of the Cold War and the threat of Communism have been rearticulated in the wake of 9/11. Under the rubric of ‘terror’ attacks, the discourses of security and surveillance are now framed within an increasingly global context. As this article illustrates, surveillance fiction written for young people engages with the cultural and political tropes that reflect a new social order that is different from the Cold War era, with its emphasis on spies, counter espionage, brainwashing and psychological warfare. While these tropes are still evident in much recent literature, advances in technology have transformed the means of tracking, profiling and accumulating data on individuals’ daily activities. Little Brother, The Hunger Games and Article 5 reflect the complex relationship between the real and the imaginary in the world of surveillance and, as this paper discusses, raise moral and ethical issues that are important questions for young people in our age of security.

Q-FE: QPASTT's Whole of Organisation Client Feedback Framework

This report describes the development of a whole of organization framework for obtaining client feedback for the Queensland Program of Assistance to Survivors of Torture and Trauma (QPASTT)

Developing a framework for subcontractor appraisal using a balanced scorecard

Subcontractors contribute significantly to construction projects and their performance can seriously affect over-all project success. It is crucial, therefore, to appraise the performance of subcontractors to ensure they satisfy the client's expectations and project requirements. To increase the transparency and accuracy of subcontractor appraisal, the baseline and target performance levels should be set at the outset so that the appraisers and those being appraised realize exactly what standards are to be achieved. The balanced scorecard, being a powerful tool for performance appraisal, offers a potentially good approach for modeling the subcontractor appraisal process. In this paper, an approach to developing a balanced scorecard subcontractor appraisal model is proposed and demonstrated through a questionnaire survey administered in Hong Kong and from which the baseline and target performance levels for large-scale skilled subcontractors are identified. A case example is used to illustrate the operation of the model. Finally, a means by which the model may be validated is demonstrated through the use of field experts. The results demonstrate the feasibility of developing a balanced scorecard model that can help improve the transparency of subcontractor appraisal despite the baseline and target performance levels changing according to the project characteristics, subcontractor categories and size.

A participatory framework for researching and evaluating communication for development and social change

The growing dominance of project planning cycles and results-based management in development over the past 20 years has significant implications for the effective evaluation of communication for development and social change and the sustainability of these processes. These approaches to development and evaluation usually give priority to the linear, logical framework (or log frame) approach promoted by many development institutions. This tends to emphasize upward accountability approaches to development and its evaluation, so that development is driven by exogenous rather than endogenous models of development and social change. Such approaches are underpinned by ideas of preplanning, and predetermination of what successful out -comes look like. In this way, outcomes of complex interventions tend to be reduced to simple, cause-effect processes and the categorization of things, including people (Chambers and Pettit 2004; Eyben 2011). This runs counter to communication for development approaches, which prioritize engagement, relationships, empowerment and dialogue as important components for positive social change.

Sustaining social innovation enterprises through a design led innovation framework

Constant changes in the global economic environment require companies to revisit traditional assumptions about how businesses create and capture value (Teece, 2010). In recent years, management practice literature has focused largely on better understanding business models and business model innovation (Amit, Zott and Massa, 2010; Johnson, Christensen and Kagermann, 2008). Much has been written on the benefits of linking design and design thinking to organisational strategies and business transformation. However, very little has been researched and reported on regarding the impact of design led approaches to triple bottom-line opportunities such as, social innovation enterprise. In the context of this paper Design Led Innovation is defined as the tools and approaches which enable design thinking to be embedded as an element of cultural transformation within a business. Being Design Led requires a company to have a vision for top line growth founded on deep customer insights and expanded through customer and stakeholder engagements. The outcomes of this are then mapped to all aspects of the business, enabling the vision to be successfully implemented and achieved. It is the latter part of this definition where we believe Design Led Innovation has the greatest value in transforming social innovation enterprise into a sustainable business venture. However, we also acknowledge that enabling these firms to think strategically about their business model is difficult given the unique operational and funding challenges that often characterize many social enterprises. The purpose of this paper, therefore, is to pose the question, do sustainable innovation enterprise innovate their business model? And if so, how? It is the authors’ opinion that such enterprises only innovate at the product or system level without a complete understanding of the business model structure, which underpins the long term viability. However, in this paper we challenge this notion and explore if such firms can overcome their size and operational constraints to become sustainable enterprises using a design led approach. This is achieved through contextualizing business model innovation, briefly defining social innovation enterprise and profiling a new and emerging industry in Australia – Clean Technology. Future research challenges and opportunities are also presented.

Security analysis of Australian and E.U. e-passport implementation

This paper makes a formal security analysis of the current Australian e-passport implementation using model checking tools CASPER/CSP/FDR. We highlight security issues in the current implementation and identify new threats when an e-passport system is integrated with an automated processing system like SmartGate. The paper also provides a security analysis of the European Union (EU) proposal for Extended Access Control (EAC) that is intended to provide improved security in protecting biometric information of the e-passport bearer. The current e-passport specification fails to provide a list of adequate security goals that could be used for security evaluation. We fill this gap; we present a collection of security goals for evaluation of e-passport protocols. Our analysis confirms existing security weaknesses that were previously identified and shows that both the Australian e-passport implementation and the EU proposal fail to address many security and privacy aspects that are paramount in implementing a secure border control mechanism. ACM Classification C.2.2 (Communication/Networking and Information Technology – Network Protocols – Model Checking), D.2.4 (Software Engineering – Software/Program Verification – Formal Methods), D.4.6 (Operating Systems – Security and Privacy Protection – Authentication)

On the (in)security of IDEA in various hashing modes

In this article, we study the security of the IDEA block cipher when it is used in various simple-length or double-length hashing modes. Even though this cipher is still considered as secure, we show that one should avoid its use as internal primitive for block cipher based hashing. In particular, we are able to generate instantaneously free-start collisions for most modes, and even semi-free-start collisions, pseudo-preimages or hash collisions in practical complexity. This work shows a practical example of the gap that exists between secret-key and known or chosen-key security for block ciphers. Moreover, we also settle the 20-year-old standing open question concerning the security of the Abreast-DM and Tandem-DM double-length compression functions, originally invented to be instantiated with IDEA. Our attacks have been verified experimentally and work even for strengthened versions of IDEA with any number of rounds.

Privacy enhancements for hardware-based security modules

The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.

On the security of PAS (predicate-based authentication service)

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

On cloud computing service considerations for the small and medium enterprises

The concept of cloud computing services is appealing to the small and medium enterprises (SMEs), with the opportunity to acquire modern information technology resources as a utility and avoid costly capital investments in technology resources. However, the adoption of the cloud computing services presents significant challenges to the SMEs. The SMEs need to determine a path to adopting the cloud computing services that would ensure their sustainable presence in the cloud computing environment. Information about approaches to adopting the cloud computing services by the SMEs is fragmented. Through an interpretive design, we suggest that the SMEs need to have a strategic and incremental intent, understand their organizational structure, understand the external factors, consider the human resource capacity, and understand the value expectations from the cloud computing services to forge a successful path to adopting the cloud computing services. These factors would contribute to a model of cloud services for SMEs.

Supramolecular selection in molecular and framework co-crystals

An ongoing challenge in chemistry and crystal engineering is the synthesis of functional materials with predictable structures and customisable properties. This may be achieved by crystallising mixtures of different compounds. Co-crystals formed through this method have predictable structures and their properties may be tuned by varying the ratio of the compounds in the crystallising solution. This thesis examines single crystals formed by the co-crystallisation of metal complexes that have similar structures but different physical or chemical properties. A variety of new compounds with interesting properties were prepared, characterised and their significance in the context of crystal engineering was explored.

The Performance Nexus - A framework for improving energy efficiency in existing commercial buildings by considering a whole-of-building approach

Efforts to reduce carbon emissions in the buildings sector have been focused on encouraging green design, construction and building operation; however, the business case is not very compelling if considering the energy cost savings alone. In recent years green building has been driven by a sense that it will improve the productivity of occupants,i something with much greater economic returns than energy savings. Reducing energy demand in green commercial buildings in a way that encourages greater productivity is not yet well understood as it involves a set of complex and interdependent factors. This paper outlines an investigation into these factors and focuses on better understanding the performance of and interaction between: design elements, internal environmental quality, occupant experience, tenant/leasing agreements, and building regulation and management. In doing so the paper presents a framework for improving energy efficiency in existing commercial buildings by considering a range of interconnected and synergistic elements.

Formal security analysis of Australian e-passport implementation

This paper provides a detailed description of the current Australian e-passport implementation and makes a formal verification using model checking tools CASPER/CSP/FDR. We highlight security issues present in the current e-passport implementation and identify new threats when an e-passport system is integrated with an automated processing systems like SmartGate. Because the current e-passport specification does not provide adequate security goals, to perform a rational security analysis we identify and describe a set of security goals for evaluation of e-passport protocols. Our analysis confirms existing security issues that were previously informally identified and presents weaknesses that exists in the current e-passport implementation.

Reframe : QUT's evaluation framework survey business rules

Reframe is changing our approach to the evaluation of courses, units, teaching and student experience at QUT. We are moving away from a single survey tool to a richer, more holistic and customisable approach. This approach will help our academics design and deliver high-quality learning experiences, and review the impact of their teaching practice on student learning. Through it, we will also be able to provide more timely access to specialised support and meet external reporting requirements.

Protocols : Reframe : QUT's evaluation framework

Reframe is changing our approach to the evaluation of courses, units, teaching and student experience at QUT. We are moving away from a single survey tool to a richer, more holistic and customisable approach. These protocols allows academic staff and administrators access to the ways in which the policy is enacted through process.