Managing Trust in Online Social Networks

In recent years, there is a dramatic growth in number and popularity of online social networks. There are many networks available with more than 100 million registered users such as Facebook, MySpace, QZone, Windows Live Spaces etc. People may connect, discover and share by using these online social networks. The exponential growth of online communities in the area of social networks attracts the attention of the researchers about the importance of managing trust in online environment. Users of the online social networks may share their experiences and opinions within the networks about an item which may be a product or service. The user faces the problem of evaluating trust in a service or service provider before making a choice. Recommendations may be received through a chain of friends network, so the problem for the user is to be able to evaluate various types of trust opinions and recommendations. This opinion or recommendation has a great influence to choose to use or enjoy the item by the other user of the community. Collaborative filtering system is the most popular method in recommender system. The task in collaborative filtering is to predict the utility of items to a particular user based on a database of user rates from a sample or population of other users. Because of the different taste of different people, they rate differently according to their subjective taste. If two people rate a set of items similarly, they share similar tastes. In the recommender system, this information is used to recommend items that one participant likes, to other persons in the same cluster. But the collaborative filtering system performs poor when there is insufficient previous common rating available between users; commonly known as cost start problem. To overcome the cold start problem and with the dramatic growth of online social networks, trust based approach to recommendation has emerged. This approach assumes a trust network among users and makes recommendations based on the ratings of the users that are directly or indirectly trusted by the target user.

Trust and reputation management in web-based social network

know personally. They also communicate with other members of the network who are the friends of their friends and may be friends of their friend’s network. They share their experiences and opinions within the social network about an item which may be a product or service. The user faces the problem of evaluating trust in a service or service provider before making a choice. Opinions, reputations and ecommendations will influence users' choice and usage of online resources. Recommendations may be received through a chain of friends of friends, so the problem for the user is to be able to evaluate various types of trust recommendations and reputations. This opinion or ecommendation has a great influence to choose to use or enjoy the item by the other user of the community. Users share information on the level of trust they explicitly assign to other users. This trust can be used to determine while taking decision based on any recommendation. In case of the absence of direct connection of the recommender user, propagated trust could be useful.

Identity management : strengthening one-time password authentication through usability

Usability in HCI (Human-Computer Interaction) is normally understood as the simplicity and clarity with which the interaction with a computer program or a web site is designed. Identity management systems need to provide adequate usability and should have a simple and intuitive interface. The system should not only be designed to satisfy service provider requirements but it has to consider user requirements, otherwise it will lead to inconvenience and poor usability for users when managing their identities. With poor usability and a poor user interface with regard to security, it is highly likely that the system will have poor security. The rapid growth in the number of online services leads to an increasing number of different digital identities each user needs to manage. As a result, many people feel overloaded with credentials, which in turn negatively impacts their ability to manage them securely. Passwords are perhaps the most common type of credential used today. To avoid the tedious task of remembering difficult passwords, users often behave less securely by using low entropy and weak passwords. Weak passwords and bad password habits represent security threats to online services. Some solutions have been developed to eliminate the need for users to create and manage passwords. A typical solution is based on generating one-time passwords, i.e. passwords for single session or transaction usage. Unfortunately, most of these solutions do not satisfy scalability and/or usability requirements, or they are simply insecure. In this thesis, the security and usability aspects of contemporary methods for authentication based on one-time passwords (OTP) are examined and analyzed. In addition, more scalable solutions that provide a good user experience while at the same time preserving strong security are proposed.

A rights management approach to protection of privacy in a cloud of electronic health records

A patient-centric DRM approach is proposed for protecting privacy of health records stored in a cloud storage based on the patient's preferences and without the need to trust the service provider. Contrary to the current server-side access control solutions, this approach protects the privacy of records from the service provider, and also controls the usage of data after it is released to an authorized user.

iiNet’s Hollywood ending : what does its court victory mean for copyright law?

In what is being billed as iiNet versus Hollywood, the Australian internet service provider has come out an apparent winner after the High Court dismissed a copyright infringement case brought by industry movie studios. The case was a final appeal by the industry in its attempts to crack down on internet users infringing copyright by using BitTorrent to download movies.

Modeling and analyzing the carbon footprint of business processes

Many corporations and individuals realize that environmental sustainability is an urgent problem to address. In this chapter, we contribute to the emerging academic discussion by proposing two innovative approaches for engaging in the development of environmentally sustainable business processes. Specifically, we describe an extended process modeling approach for capturing and documenting the dioxide emissions produced during the execution of a business process. For illustration, we apply this approach to the case of a government Shared Service provider. Second, we then introduce an analysis method for measuring the carbon dioxide emissions produced during the execution of a business process. To illustrate this approach, we apply it in the real-life case of a European airport and show how this information can be leveraged in the re-design of "green" business processes.

Revising the scope of the copyright "Safe Harbour Scheme"

Submission to the Australian Government Attorney General’s Department consultation paper on Revising the Scope of the Copyright ‘Safe Harbour Scheme’

Ageing of people with an intellectual disability: Effective training for frontline workers

While the attainment of late life represents a significant achievement for people with an intellectual disability, increased life expectancy has resulted in growing concerns about the extent to which disability service providers are ready to meet the changing needs of increasing numbers of older people and facilitate their ongoing social inclusion. Training of frontline disability staff is widely accepted as an effective strategy for increasing organisational capacity to contribute to improved quality of life for people with an intellectual disability. The study identifies training needs analyses and 'ready-to-deliver' training programs for frontline disability services staff working with adults with an intellectual disability who are ageing, assesses whether the training programs contribute to improved quality of life outcomes for service users, and makes recommendations for future research and development of training for disability services staff who work with older people with intellectual disability.

Working with refugee survivors of torture and trauma : an opportunity for vicarious posttraumatic growth

Clinical work with people who have survived trauma carries a risk of vicarious traumatisation for the service provider, but also the potential for vicarious posttraumatic growth. Despite growing interest in this area, the effects of working with survivors of refugee-related trauma have remained relatively unexplored. The aim of the current study was to examine the lived experiences of people working on a daily basis with survivors of torture and trauma who had sought refuge in Australia. Seventeen clinical, administrative, and managerial staff from a not-for-profit organisation participated in a semi-structured interview that was later analysed using interpretive phenomenological analysis. Analysis of the data demonstrated that the entire sample reported symptoms of vicarious trauma (e.g., strong emotional reactions, intrusive images, shattering of existing beliefs) as well as vicarious posttraumatic growth (e.g., forming new relationships, increased self-understanding, greater appreciation of life). Moreover, effortful meaning making processes appeared to facilitate such positive changes. Reduction in the risks associated with this work, enhancement of clinician well-being, and improvement of therapeutic outcomes is a shared responsibility of the organisation and clinician. Without negating the distress of trauma work, clinicians are encouraged to more deeply consider the unique positive outcomes that supporting survivors can provide.

Collaborating to develop research data management services and collections

The Queensland University of Technology (QUT) Library, like many other academic and research institution libraries in Australia, has been collaborating with a range of academic and service provider partners to develop a range of research data management services and collections. Three main strategies are being employed and an overview of process, infrastructure, usage and benefits is provided of each of these service aspects. The development of processes and infrastructure to facilitate the strategic identification and management of QUT developed datasets has been a major focus. A number of Australian National Data Service (ANDS) sponsored projects - including Seeding the Commons; Metadata Hub / Store; Data Capture and Gold Standard Record Exemplars have / will provide QUT with a data registry system, linkages to storage, processes for identifying and describing datasets, and a degree of academic awareness. QUT supports open access and has established a culture for making its research outputs available via the QUT ePrints institutional repository. Incorporating open access research datasets into the library collections is an equally important aspect of facilitating the adoption of data-centric eresearch methods. Some datasets are available commercially, and the library has collaborated with QUT researchers, in the QUT Business School especially strongly, to identify and procure a rapidly growing range of financial datasets to support research. The library undertakes licensing and uses the Library Resource Allocation to pay for the subscriptions. It is a new area of collection development for with much to be learned. The final strategy discussed is the library acting as “data broker”. QUT Library has been working with researchers to identify these datasets and undertake the licensing, payment and access as a centrally supported service on behalf of researchers.

Cryptographic techniques for managing computational effort

Availability has become a primary goal of information security and is as significant as other goals, in particular, confidentiality and integrity. Maintaining availability of essential services on the public Internet is an increasingly difficult task in the presence of sophisticated attackers. Attackers may abuse limited computational resources of a service provider and thus managing computational costs is a key strategy for achieving the goal of availability. In this thesis we focus on cryptographic approaches for managing computational costs, in particular computational effort. We focus on two cryptographic techniques: computational puzzles in cryptographic protocols and secure outsourcing of cryptographic computations. This thesis contributes to the area of cryptographic protocols in the following ways. First we propose the most efficient puzzle scheme based on modular exponentiations which, unlike previous schemes of the same type, involves only a few modular multiplications for solution verification; our scheme is provably secure. We then introduce a new efficient gradual authentication protocol by integrating a puzzle into a specific signature scheme. Our software implementation results for the new authentication protocol show that our approach is more efficient and effective than the traditional RSA signature-based one and improves the DoSresilience of Secure Socket Layer (SSL) protocol, the most widely used security protocol on the Internet. Our next contributions are related to capturing a specific property that enables secure outsourcing of cryptographic tasks in partial-decryption. We formally define the property of (non-trivial) public verifiability for general encryption schemes, key encapsulation mechanisms (KEMs), and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption avors. We show that some generic transformations and concrete constructions enjoy this property and then present a new public-key encryption (PKE) scheme having this property and proof of security under the standard assumptions. Finally, we combine puzzles with PKE schemes for enabling delayed decryption in applications such as e-auctions and e-voting. For this we first introduce the notion of effort-release PKE (ER-PKE), encompassing the well-known timedrelease encryption and encapsulated key escrow techniques. We then present a security model for ER-PKE and a generic construction of ER-PKE complying with our security notion.

Cost effectiveness of patient education for the prevention of falls in hospital : economic evaluation from a randomized controlled trial

Background Falls are one of the most frequently occurring adverse events that impact upon the recovery of older hospital inpatients. Falls can threaten both immediate and longer-term health and independence. There is need to identify cost-effective means for preventing falls in hospitals. Hospital-based falls prevention interventions tested in randomized trials have not yet been subjected to economic evaluation. Methods Incremental cost-effectiveness analysis was undertaken from the health service provider perspective, over the period of hospitalization (time horizon) using the Australian Dollar (A$) at 2008 values. Analyses were based on data from a randomized trial among n = 1,206 acute and rehabilitation inpatients. Decision tree modeling with three-way sensitivity analyses were conducted using burden of disease estimates developed from trial data and previous research. The intervention was a multimedia patient education program provided with trained health professional follow-up shown to reduce falls among cognitively intact hospital patients. Results The short-term cost to a health service of one cognitively intact patient being a faller could be as high as A$14,591 (2008). The education program cost A$526 (2008) to prevent one cognitively intact patient becoming a faller and A$294 (2008) to prevent one fall based on primary trial data. These estimates were unstable due to high variability in the hospital costs accrued by individual patients involved in the trial. There was a 52% probability the complete program was both more effective and less costly (from the health service perspective) than providing usual care alone. Decision tree modeling sensitivity analyses identified that when provided in real life contexts, the program would be both more effective in preventing falls among cognitively intact inpatients and cost saving where the proportion of these patients who would otherwise fall under usual care conditions is at least 4.0%. Conclusions This economic evaluation was designed to assist health care providers decide in what circumstances this intervention should be provided. If the proportion of cognitively intact patients falling on a ward under usual care conditions is 4% or greater, then provision of the complete program in addition to usual care will likely both prevent falls and reduce costs for a health service.

Spreading peak demand for urban rail transit through differential fare policy : a review of empirical evidence

More evenly spread demand for public transport throughout a day can reduce transit service provider‟s total asset and labour costs. A plausible peak spreading strategy is to increase peak fare and/or to reduce off-peak fare. This paper reviews relevant empirical studies for urban rail systems, as rail transit plays a key role in Australian urban passenger transport and experiences severe peak loading variability. The literature is categorised into four groups: a) passenger opinions on willingness to change time for travel, b) valuations of displacement time using stated preference technique, c) simulations of peak spreading based on trip scheduling models, and: d) real-world cases of peak spreading using differential fare. Policy prescription is advised to take into account impacts of traveller‟s time flexibility and joint effects of mode shifting and peak spreading. Although focusing on urban rail, arguments in this paper are relevant to public transport in general with values to researchers and practitioners.

Cloud computing : what upstream oil and gas can learn from other industries

The topic of “the cloud” has attracted significant attention throughout the past few years (Cherry 2009; Sterling and Stark 2009) and, as a result, academics and trade journals have created several competing definitions of “cloud computing” (e.g., Motahari-Nezhad et al. 2009). Underpinning this article is the definition put forward by the US National Institute of Standards and Technology, which describes cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction” (Garfinkel 2011, p. 3). Despite the lack of consensus about definitions, however, there is broad agreement on the growing demand for cloud computing. Some estimates suggest that spending on cloudrelated technologies and services in the next few years may climb as high as USD 42 billion/year (Buyya et al. 2009).

Prevention of Alcohol-Related Crime and Trauma (PACT) : brief interventions in routine care pathway – a study protocol

Background Globally, alcohol-related injuries cause millions of deaths and huge economic loss each year . The incidence of facial (jawbone) fractures in the Northern Territory of Australia is second only to Greenland, due to a strong involvement of alcohol in its aetiology, and high levels of alcohol consumption. The highest incidences of alcohol-related trauma in the Territory are observed amongst patients in the Maxillofacial Surgery Unit of the Royal Darwin Hospital. Accordingly, this project aims to introduce screening and brief interventions into this unit, with the aims of changing health service provider practice, improving access to care, and improving patient outcomes. Methods Establishment of Project Governance: The project governance team includes a project manager, project leader, an Indigenous Reference Group (IRG) and an Expert Reference Group (ERG). Development of a best practice pathway: PACT project researchers collaborate with clinical staff to develop a best practice pathway suited to the setting of the surgical unit. The pathway provides clear guidelines for screening, assessment, intervention and referral. Implementation: The developed pathway is introduced to the unit through staff training workshops and associate resources and adapted in response to staff feedback. Evaluation: File audits, post workshop questionnaires and semi-structured interviews are administered. Discussion This project allows direct transfer of research findings into clinical practice and can inform future hospital-based injury prevention strategies.