A simulation framework for smart meter security evaluation

The evolution of classic power grids to smart grids creates chances for most participants in the energy sector. Customers can save money by reducing energy consumption, energy providers can better predict energy demand and environment benefits since lower energy consumption implies lower energy production including a decrease of emissions from plants. But information and communication systems supporting smart grids can also be subject to classical or new network attacks. Attacks can result in serious damage such as harming privacy of customers, creating economical loss and even disturb the power supply/demand balance of large regions and countries. In this paper, we give an overview about the German smart measuring architecture, protocols and security. Afterwards, we present a simulation framework which enables researchers to analyze security aspects of smart measuring scenarios.

Monitoring android for collaborative anomaly detection : a first architectural draft

Our daily lives become more and more dependent upon smartphones due to their increased capabilities. Smartphones are used in various ways, e.g. for payment systems or assisting the lives of elderly or disabled people. Security threats for these devices become more and more dangerous since there is still a lack of proper security tools for protection. Android emerges as an open smartphone platform which allows modification even on operating system level and where third-party developers first time have the opportunity to develop kernel-based low-level security tools. Android quickly gained its popularity among smartphone developers and even beyond since it bases on Java on top of "open" Linux in comparison to former proprietary platforms which have very restrictive SDKs and corresponding APIs. Symbian OS, holding the greatest market share among all smartphone OSs, was even closing critical APIs to common developers and introduced application certification. This was done since this OS was the main target for smartphone malwares in the past. In fact, more than 290 malwares designed for Symbian OS appeared from July 2004 to July 2008. Android, in turn, promises to be completely open source. Together with the Linux-based smartphone OS OpenMoko, open smartphone platforms may attract malware writers for creating malicious applications endangering the critical smartphone applications and owners privacy. Since signature-based approaches mainly detect known malwares, anomaly-based approaches can be a valuable addition to these systems. They base on mathematical algorithms processing data that describe the state of a certain device. For gaining this data, a monitoring client is needed that has to extract usable information (features) from the monitored system. Our approach follows a dual system for analyzing these features. On the one hand, functionality for on-device light-weight detection is provided. But since most algorithms are resource exhaustive, remote feature analysis is provided on the other hand. Having this dual system enables event-based detection that can react to the current detection need. In our ongoing research we aim to investigates the feasibility of light-weight on-device detection for certain occasions. On other occasions, whenever significant changes are detected on the device, the system can trigger remote detection with heavy-weight algorithms for better detection results. In the absence of the server respectively as a supplementary approach, we also consider a collaborative scenario. Here, mobile devices sharing a common objective are enabled by a collaboration module to share information, such as intrusion detection data and results. This is based on an ad-hoc network mode that can be provided by a WiFi or Bluetooth adapter nearly every smartphone possesses.

Kerberos based security system for session initiation protocol

Session Initiation Protocol (SIP) is developed to provide advanced voice services over IP networks. SIP unites telephony and data world, permitting telephone calls to be transmitted over Intranets and Internet. Increase in network performance and new mechanisms for guaranteed quality of service encourage this consolidation to provide toll cost savings. Security comes up as one of the most important issues when voice communication and critical voice applications are considered. Not only the security methods provided by traditional telephony systems, but also additional methods are required to overcome security risks introduced by the public IP networks. SIP considers security problems of such a consolidation and provides a security framework. There are several security methods defined within SIP specifications and extensions. But, suggested methods can not solve all the security problems of SIP systems with various system requirements. In this thesis, a Kerberos based solution is proposed for SIP security problems, including SIP authentication and privacy. The proposed solution tries to establish flexible and scalable SIP system that will provide desired level of security for voice communications and critical telephony applications.

Designing an information accountability framework for eHealth

Information privacy is a crucial aspect of eHealth. Appropriate privacy management measures are therefore essential for its success. However, traditional measures for privacy preservation such as rigid access controls (i.e., preventive measures) are not suitable to eHealth because of the specialised and information - intensive nature of healthcare itself, and the nature of the information. Healthcare professionals (HCP) require easy, unrestricted access to as much information as possible towards making well - informed decisions. On the other end of the scale however, consumers (i.e., patients) demand control over their health information and raise concerns for privacy arising from internal activities (i.e., information use by HCPs). A proper balance of these competing concerns is vital for the implementation of successful eHealth systems. Towards reaching this balance, we propose an information accountability framework (IAF) for eHealth systems.

Submission to National Inquiry into Children in Immigration Detention from The Australian Psychological Society

Executive Summary The Australian Psychological Society categorically condemns the practice of detaining child asylum seekers and their families, on the grounds that it is not commensurate with psychological best practice concerning children’s development and mental health and wellbeing. Detention of children in this fashion is also arguably a violation of the UN Convention on the Rights of the Child. A thorough review of relevant psychological theory and available research findings from international research has led the Australian Psychological Society to conclude that: • Detention is a negative socialisation experience. • Detention is accentuates developmental risks. • Detention threatens the bonds between children and significant caregivers. • Detention limits educational opportunities. • Detention has traumatic impacts on children of asylum seekers. • Detention reduces children’s potential to recover from trauma. • Detention exacerbates the impacts of other traumas. • Detention of children from these families in many respects is worse for them than being imprisoned. In the absence of any indication from the Australian Government that it intends in the near future to alter the practice of holding children in immigration detention, the Australian Psychological Society’s intermediate position is that the facilitation of short-term and long-term psychological development and wellbeing of children is the basic tenet upon which detention centres should be audited and judged. Based on that position, the Society has identified a series of questions and concerns that arise directly from the various psychological perspectives that have been brought to bear on estimating the effects of detention on child asylum seekers. The Society argues that, because these questions and concerns relate specifically to improvement and maintenance of child detainees’ educational, social and psychological wellbeing, they are legitimate matters for the Inquiry to consider and investigate. • What steps are currently being taken to monitor the psyc hological welfare of the children in detention? In particular, what steps are being taken to monitor the psychological wellbeing of children arriving from war-torn countries? • What qualifications and training do staff who care for children and their families in detention centres have? What knowledge do they have of psychological issues faced by people who have been subjected to traumatic experiences and are suffering high degrees of anxiety, stress and uncertainty? • What provisions have been made for psycho-educational assessment of children’s specific learning needs prior to their attending formal educational programmes? • who are suffering chronic and/or vicarious trauma as a result of witnessing threatening behaviour whilst in detention? • What provisions have been made for families who have been seriously affected by displacement to participate in family therapy? • What critical incident debriefing procedures are in place for children who have witnessed their parents, other family members, or social acquaintances engaging in acts of self-harm or being harmed while in detention? What psychotherapeutic support is in place for children who themselves have been harmed or have engaged in self- harmful acts while in detention? • What provisions are in place for parenting programmes that provide support for parents of children under extremely difficult psychological and physical circumstances? • What efforts are being made to provide parents with the opportunity to model traditional family roles for children, such as working to earn an income, meal preparation, other household duties, etc.? • What opportunities are in place for the assessment of safety issues such as bullying, and sexual or physical abuse of children or their mothers in detention centres? • How are resources distributed to children and families in detention centres? • What socialization opportunities are available either within detention centres or in the wider community for children to develop skills and independence, engage in social activities, participate in cultural traditions, and communicate and interaction with same-age peers and adults from similar ethnic and religious backgrounds? • What access do children and families have to videos, music and entertainment from their cultures of origin? • What provisions are in place to ensure the maintenance of privacy in a manner commensurate with usual cultural practice? • What is the Government’s rationale for continuing to implement a policy of mandatory detention of child asylum seekers that on the face of it is likely to have a pernicious impact on these children’s mental health? • In view of the evidence on the potential long-term impact of mandatory detention on children, what processes may be followed by Government to avoid such a practice and, more importantly, to develop policies and practices that will have a positive impact on these children’s psychological development and mental health?

The role of human factors when evaluating information accountability for eHealth systems

The availability of health information is rapidly increasing; its expansion and proliferation is inevitable. At the same time, breeding of health information silos is an unstoppable and relentless exercise. Information security and privacy concerns are therefore major barriers in the eHealth socio-eco system. We proposed Information Accountability as a measurable human factor that should eliminate and mitigate security concerns. Information accountability measures would be practicable and feasible if legislative requirements are also embedded. In this context, information accountability constitutes a key component for the development of effective information technology requirements for health information system. Our conceptual approach to measuring human factors related to information accountability in eHealth is presented in this paper with some limitations.

Complexity of increasing the secure connectivity in wireless ad hoc networks

We consider the problem of maximizing the secure connectivity in wireless ad hoc networks, and analyze complexity of the post-deployment key establishment process constrained by physical layer properties such as connectivity, energy consumption and interference. Two approaches, based on graph augmentation problems with nonlinear edge costs, are formulated. The first one is based on establishing a secret key using only the links that are already secured by shared keys. This problem is in NP-hard and does not accept polynomial time approximation scheme PTAS since minimum cutsets to be augmented do not admit constant costs. The second one extends the first problem by increasing the power level between a pair of nodes that has a secret key to enable them physically connect. This problem can be formulated as the optimal key establishment problem with interference constraints with bi-objectives: (i) maximizing the concurrent key establishment flow, (ii) minimizing the cost. We prove that both problems are NP-hard and MAX-SNP with a reduction to MAX3SAT problem.

Predicate encryption with various properties

Predicate encryption (PE) is a new primitive which supports exible control over access to encrypted data. In PE schemes, users' decryption keys are associated with predicates f and ciphertexts encode attributes a that are specified during the encryption procedure. A user can successfully decrypt if and only if f(a) = 1. In this thesis, we will investigate several properties that are crucial to PE. We focus on expressiveness of PE, Revocable PE and Hierarchical PE (HPE) with forward security. For all proposed systems, we provide a security model and analysis using the widely accepted computational complexity approach. Our first contribution is to explore the expressiveness of PE. Existing PE supports a wide class of predicates such as conjunctions of equality, comparison and subset queries, disjunctions of equality queries, and more generally, arbitrary combinations of conjunctive and disjunctive equality queries. We advance PE to evaluate more expressive predicates, e.g., disjunctive comparison or disjunctive subset queries. Such expressiveness is achieved at the cost of computational and space overhead. To improve the performance, we appropriately revise the PE to reduce the computational and space cost. Furthermore, we propose a heuristic method to reduce disjunctions in the predicates. Our schemes are proved in the standard model. We then introduce the concept of Revocable Predicate Encryption (RPE), which extends the previous PE setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We propose two RPE schemes. Our first scheme, termed Attribute- Hiding RPE (AH-RPE), offers attribute-hiding, which is the standard PE property. Our second scheme, termed Full-Hiding RPE (FH-RPE), offers even stronger privacy guarantees, i.e., apart from possessing the Attribute-Hiding property, the scheme also ensures that no information about revoked users is leaked from a given ciphertext. The proposed schemes are also proved to be secure under well established assumptions in the standard model. Secrecy of decryption keys is an important pre-requisite for security of (H)PE and compromised private keys must be immediately replaced. The notion of Forward Security (FS) reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. We present the first Forward-Secure Hierarchical Predicate Encryption (FS-HPE) that is proved secure in the standard model. Our FS-HPE scheme offers some desirable properties: time-independent delegation of predicates (to support dynamic behavior for delegation of decrypting rights to new users), local update for users' private keys (i.e., no master authority needs to be contacted), forward security, and the scheme's encryption process does not require knowledge of predicates at any level including when those predicates join the hierarchy.

Re-strengthening Brisbane City Hall

The restoration of Brisbane City Hall is an indication of a society that acknowledges the significance of cultural heritage. Preserving this historical icon required significant funding support, so the rehabilitation process must be thoroughly analysed and validated.

Digital storytelling as everyday activism : Queer identity, voice and networked publics

This thesis investigates the role of personal Digital Stories shared in public spaces as catalysts for social change. By analysing the influence of workshop facilitators, organisations, digital platforms and networked publics on voice and self-representation, it sheds light on shifting meanings of publicness and privacy, both face to face and online. This thesis argues that, despite numerous obstacles, the cumulative influence of diverse voices dispersed among networked publics shape new cultural norms, thereby contributing to gradual social change.

Designing an information accountability framework for eHealth

This tutorial is primarily based on the IEEE eHealth technical committee Newsletter published in March 2013. Its main focus is on information privacy management in eHealth through information accountability. The tutorial consists of three main aspects of a proposed information accountability framework for eHealth, namely, social aspects, technical aspects and legal aspects. Following a brief introduction of the problem domain and context, we present the tutorial in these three main components. The length of the tutorial is intended to be half a day.

Proceedings of the Fourth Australasian Workshop on Health Informatics and Knowledge Management [Volume 120]

We are pleased to present the papers from the Australasian Health Informatics and Knowledge Management (HIKM) conference stream held on 20 January 2011 in Perth as a session of the Australasian Computer Science Week (ASCW) 2011. Formerly HIKM was named Health Data and Knowledge Management, however the inclusion of the health informatics term is timely given the current health reform. The submissions to HIKM 2011 demonstrated that Australasian researchers lead with many research and development innovations coming to fruition. Some of these innovations can be seen here, and we believe further recognition will accomplish by continuation to HIKM in the future. The HIKM conference is a review of health informatics related research, development and education opportunities. The conference papers were written to communicate with other researchers and share research findings, capturing each and every aspect of the health informatics field. They are namely: conceptual models and architectures, privacy and quality of health data, health workflow management patient journey analysis, health information retrieval, analysis and visualisation, data integration/linking, systems for integrated or coordinated care, electronic health records (EHRs) and personally controlled electronic health records (PCEHRs), health data ontologies, and standardisation in health data and clinical applications.

Informed use of patients' records on trusted health care services

Health care is an information-intensive business. Sharing information in health care processes is a smart use of data enabling informed decision-making whilst ensuring. the privacy and security of patient information. To achieve this, we propose data encryption techniques embedded Information Accountability Framework (IAF) that establishes transitions of the technological concept, thus enabling understanding of shared responsibility, accessibility, and efficient cost effective informed decisions between health care professionals and patients. The IAF results reveal possibilities of efficient informed medical decision making and minimisation of medical errors. Of achieving this will require significant cultural changes and research synergies to ensure the sustainability, acceptability and durability of the IAF

Information accountability and usability : are there any connections?

Availability of health information is rapidly increasing and the expansion and proliferation of health information is inevitable. The Electronic Healthcare Record, Electronic Medical Record and Personal Health Record are at the core of this trend and are required for appropriate and practicable exchange and sharing of health information. However, it is becoming increasingly recognized that it is essential to preserve patient privacy and information security when utilising sensitive information for clinical, management and administrative processes. Furthermore, the usability of emerging healthcare applications is also becoming a growing concern. This paper proposes a novel approach for integrating consideration of information accountability with a perspective from usability engineering that can be applied when developing healthcare information technology applications. A social networking user case in the healthcare information exchange will be presented in the context of our approach.

Practical issues when designing an information accountability framework for eHealth systems

This thesis is the result of an investigation into information privacy management in eHealth. It explores the applicability of accountability measures as a means of protection of eHealth consumer privacy. The thesis presented a new concept of Accountable eHealth Systems for achieving a balance between the information privacy concerns of eHealth consumers and the information access requirements of healthcare professionals and explored the social, technological and implementation aspects involved in such a system.