Automated proof for formal indistinguishability and its applications

Bana et al. proposed the relation formal indistinguishability (FIR), i.e. an equivalence between two terms built from an abstract algebra. Later Ene et al. extended it to cover active adversaries and random oracles. This notion enables a framework to verify computational indistinguishability while still offering the simplicity and formality of symbolic methods. We are in the process of making an automated tool for checking FIR between two terms. First, we extend the work by Ene et al. further, by covering ordered sorts and simplifying the way to cope with random oracles. Second, we investigate the possibility of combining algebras together, since it makes the tool scalable and able to cover a wide class of cryptographic schemes. Specially, we show that the combined algebra is still computationally sound, as long as each algebra is sound. Third, we design some proving strategies and implement the tool. Basically, the strategies allow us to find a sequence of intermediate terms, which are formally indistinguishable, between two given terms. FIR between the two given terms is then guaranteed by the transitivity of FIR. Finally, we show applications of the work, e.g. on key exchanges and encryption schemes. In the future, the tool should be extended easily to cover many schemes. This work continues previous research of ours on use of compilers to aid in automated proofs for key exchange.

Enhancing business continuity management capacities in the insurance industry : a Southeast Asian perspective

As a resilience enhancing practice, business continuity management (BCM) can play an important role in aiding preparation of the insurance industry for coping with the losses incurred by major discontinuity incidents: regardless of cause. Acknowledging the increasing frequency of unpredictable man-made disasters and natural catastrophes, the insurance industry would benefit from examining and implementing, where suitable, key elements of BCM. Such strategic decisions would assist insurers and re-insurers collectively to enhance mutual capability to respond to, and recover from, the impact of significant losses. This paper presents a comparison of opinions about BCM practitioners in both retail and re-insurance companies on the importance of generic continuity practices with actual levels of BCM practice across the two industry groups in Southeast Asia. It suggests means by which multi-lateral cooperation across Asian economies and between retail and re-insurance market segments might enhance the viability of the insurance industry in the face of increased stress from major natural and socio-technical hazards.

"I’m making it different to the book” : transmediation in young children’s print and digital texts

Young children shift meanings across multiple modes long before they have mastered formal writing skills. In a digital age, children are socialised into a wide range of new digital media conventions in the home, at school, and in community-based settings. This article draws on longitudinal classroom research with a culturally diverse cohort of eight-year old children, to advance new understandings about children’s engagement in transmediation in the context of digital media creation. The author illuminates three key principles of transmediation using multimodal snapshots of storyboard images, digital movie frames, and online comics. Insights about transmediation are developed through dialogue with the children about their thought processes and intentions for their multimedia creations.

Combating computer crime : an international perspective

Given the serious nature of computer crime, and its global nature and implications, it is clear that there is a crucial need for a common understanding of such criminal activity internationally in order to deal with it effectively. Research into the extent to which legislation, international initiatives, and policy and procedures to combat and investigate computer crime are consistent globally is therefore of enormous importance. The challenge is to study, analyse, and compare the policies and practices of combating computer crime under different jurisdictions in order to identify the extent to which they are consistent with each other and with international guidelines; and the extent of their successes and limitations. The purpose ultimately is to identify areas where improvements are needed and what those improvements should be. This thesis examines approaches used for combating computer crime, including money laundering, in Australia, the UAE, the UK and the USA, four countries which represent a spectrum of economic development and culture. It does so in the context of the guidelines of international organizations such as the Council of Europe (CoE) and the Financial Action Task Force (FATF). In the case of the UAE, we examine also the cultural influences which differentiate it from the other three countries and which has necessarily been a factor in shaping its approaches for countering money laundering in particular. The thesis concludes that because of the transnational nature of computer crime there is a need internationally for further harmonisation of approaches for combating computer crime. The specific contributions of the thesis are as follows: „h Developing a new unified comprehensive taxonomy of computer crime based upon the dual characteristics of the role of the computer and the contextual nature of the crime „h Revealing differences in computer crime legislation in Australia, the UAE, the UK and the USA, and how they correspond to the CoE Convention on Cybercrime and identifying a new framework to develop harmonised computer crime or cybercrime legislation globally „h Identifying some important issues that continue to create problems for law enforcement agencies such as insufficient resources, coping internationally with computer crime legislation that differs between countries, having comprehensive documented procedures and guidelines for combating computer crime, and reporting and recording of computer crime offences as distinct from other forms of crime „h Completing the most comprehensive study currently available regarding the extent of money laundered in four such developed or fast developing countries „h Identifying that the UK and the USA are the most advanced with regard to anti-money laundering and combating the financing of terrorism (AML/CFT) systems among the four countries based on compliance with the FATF recommendations. In addition, the thesis has identified that local factors have affected how the UAE has implemented its financial and AML/CFT systems and reveals that such local and cultural factors should be taken into account when implementing or evaluating any country¡¦s AML/CFT system.

Green IT : a matter of business and information systems engineering?

This panel discusses the impact of Green IT on information systems and how information systems can meet environmental challenges and ensure sustainability. We wish to highlight the role of green business processes, and specifically the contributions that the management of these processes can play in leveraging the transformative power of IS in order to create an environmentally sustainable society. The management of business processes has typically been thought of in terms of business improvement alongside the dimensions time, cost, quality, or flexibility – the so-called ‘devil’s quadrangle’. Contemporary organizations, however, increasingly become aware of the need to create more sustainable, IT-enabled business processes that are also successful in terms of their economic, ecological, as well as social impact. Exemplary ecological key performance indicators that increasingly find their way into the agenda of managers include carbon emissions, data center energy, or renewable energy consumption (SAP 2010). The key challenge, therefore, is to extend the devil’s quadrangle to a devil’s pentagon, including sustainability as an important fifth dimension in process change.

An efficient public key management system : an application in vehicular ad hoc networks

The major purpose of Vehicular Ad Hoc Networks (VANETs) is to provide safety-related message access for motorists to react or make a life-critical decision for road safety enhancement. Accessing safety-related information through the use of VANET communications, therefore, must be protected, as motorists may make critical decisions in response to emergency situations in VANETs. If introducing security services into VANETs causes considerable transmission latency or processing delays, this would defeat the purpose of using VANETs to improve road safety. Current research in secure messaging for VANETs appears to focus on employing certificate-based Public Key Cryptosystem (PKC) to support security. The security overhead of such a scheme, however, creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes an efficient public key management system for VANETs: the Public Key Registry (PKR) system. Not only does this paper demonstrate that the proposed PKR system can maintain security, but it also asserts that it can improve overall performance and scalability at a lower cost, compared to the certificate-based PKC scheme. It is believed that the proposed PKR system will create a new dimension to the key management and verification services for VANETs.

From national integrity systems to global integrity systems

The primary focus of corruption studies and anti-corruption activism has been corruption within sovereign states. However, over the last twenty years ‘globalization’, the flow of money, goods, people and ideas across borders, has threatened to overwhelm the system of sovereign states. Much activity has moved outside the control of nation states at the same time as nation states have ‘deregulated’ and in so doing have transferred power from those exercising governmental power at the nominal behest of the majority of its citizens to those with greater wealth and/or greater knowledge in markets in which knowledge is typically asymmetric. It is now recognized that many governance problems have arisen because of globalisation and can only be addressed by global solutions. It must also be recognized that governance problems at the national level contribute to governance problems and the global level and vice versa. Nevertheless, many of the lessons learned in combating corruption at the national level are relevant to a globalized world – in particular, the need for ethics and leadership in addition to legal and institutional reform; the need to integrate these measures into integrity systems; and the awareness of corruption systems. These are applied to areas of concern within sustainable globalisation raised by the conference – including peace and security, extractive industries, climate change and sustainable banking.

Super-orbital re-entry in Australia : laboratory measurement, simulation and flight observation

There are large uncertainties in the aerothermodynamic modelling of super-orbital re-entry which impact the design of spacecraft thermal protection systems (TPS). Aspects of the thermal environment of super-orbital re-entry flows can be simulated in the laboratory using arc- and plasma jet facilities and these devices are regularly used for TPS certification work [5]. Another laboratory device which is capable of simulating certain critical features of both the aero and thermal environment of super-orbital re-entry is the expansion tube, and three such facilities have been operating at the University of Queensland in recent years[10]. Despite some success, wind tunnel tests do not achieve full simulation, however, a virtually complete physical simulation of particular re-entry conditions can be obtained from dedicated flight testing, and the Apollo era FIRE II flight experiment [2] is the premier example which still forms an important benchmark for modern simulations. Dedicated super-orbital flight testing is generally considered too expensive today, and there is a reluctance to incorporate substantial instrumentation for aerothermal diagnostics into existing missions since it may compromise primary mission objectives. An alternative approach to on-board flight measurements, with demonstrated success particularly in the ‘Stardust’ sample return mission, is remote observation of spectral emissions from the capsule and shock layer [8]. JAXA’s ‘Hayabusa’ sample return capsule provides a recent super-orbital reentry example through which we illustrate contributions in three areas: (1) physical simulation of super-orbital re-entry conditions in the laboratory; (2) computational simulation of such flows; and (3) remote acquisition of optical emissions from a super-orbital re entry event.

Wide baseline correspondence extraction beyond local features

Robust, affine covariant, feature extractors provide a means to extract correspondences between images captured by widely separated cameras. Advances in wide baseline correspondence extraction require looking beyond the robust feature extraction and matching approach. This study examines new techniques of extracting correspondences that take advantage of information contained in affine feature matches. Methods of improving the accuracy of a set of putative matches, eliminating incorrect matches and extracting large numbers of additional correspondences are explored. It is assumed that knowledge of the camera geometry is not available and not immediately recoverable. The new techniques are evaluated by means of an epipolar geometry estimation task. It is shown that these methods enable the computation of camera geometry in many cases where existing feature extractors cannot produce sufficient numbers of accurate correspondences.

A learning-based approach to reactive security

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst-case assumptions about the attacker: we grant the attacker complete knowledge of the defender’s strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker’s incentives and knowledge.

Open problems in the security of learning

Machine learning has become a valuable tool for detecting and preventing malicious activity. However, as more applications employ machine learning techniques in adversarial decision-making situations, increasingly powerful attacks become possible against machine learning systems. In this paper, we present three broad research directions towards the end of developing truly secure learning. First, we suggest that finding bounds on adversarial influence is important to understand the limits of what an attacker can and cannot do to a learning system. Second, we investigate the value of adversarial capabilities-the success of an attack depends largely on what types of information and influence the attacker has. Finally, we propose directions in technologies for secure learning and suggest lines of investigation into secure techniques for learning in adversarial environments. We intend this paper to foster discussion about the security of machine learning, and we believe that the research directions we propose represent the most important directions to pursue in the quest for secure learning.