Misunderstanding or Misdirection?: Whistleblower Protection in Queensland

In his report into corruption in Queensland, Fitzgerald listed whistleblower protection as a necessary part of a strong governance regime. "What is required is an accessible, independent body to which disclosures can be made, confidentially (at least in the first instance) and in any event free from fear of reprisals." It was one of the reforms studied by the Electoral and Administrative Review Committee, the report of which resulted in the Whistleblowers Protection Act 1994 (WPA). The need for whistleblower protection was supported by all sides of Parliament. The Premier, Wayne Goss, in his Second Reading Speech on the Public Sector Ethics Bill , said that that Act and the WPA would form a package with the former outlining required behaviour and the WPA encouraging staff to report wrongdoing. The WPA was subsequently passed and has remained virtually unamended for over a decade. Such consistency is either an indication of skilled drafting and effectiveness or the fact that the Act has been neglected. It is the hypothesis of this paper that the latter is the case. This hypothesis will be tested by examining the sincerity and diligence with which the Act has been treated during, and following, its passage.

A large-scale computing infrastructure for design education

Most departmental computing infrastructure reflects the state of networking technology and available funds at the time of construction, which converge in a preconceived notion of homogeneity of network architecture and usage patterns. The DMAN (Digital Media Access Network) project, a large-scale server and network foundation for the Hong Kong Polytechnic University's School of Design was created as a platform that would support a highly complex academic environment while giving maximum freedom to students, faculty and researchers through simplicity and ease of use. As a centralized multi-user computation backbone, DMAN faces an extremely hetrogeneous user and application profile, exceeding implementation and maintenance challenges of typical enterprise, and even most academic server set-ups. This paper sumarizes the specification, implementation and application of the system while describing its significance for design education in a computational context.

Ubiquitous infrastructure : urban infrastructure planning and management experience of Korea

Urban infrastructure development in Korea has recently shifted from an old paradigm of conventional infrastructure planning to a new paradigm of intelligent infrastructure provision. This new paradigm, so called ubiquitous infrastructure, is based on a combination of urban infrastructure, information and communication technologies and digital networks. Ubiquitous infrastructure basically refers to an urban infrastructure where any citizen could access any infrastructure and services via any electronic device regardless of time and location. This paper introduces this new paradigm of intellectual infrastructure planning and its design schemes. The paper also examines the ubiquitous infrastructure development in Korea and discusses the positive effects of ubiquitous infrastructure on sustainable urban development.

The MESH book : landscape / infrastructure

Resulting from a series of student-run 'Edge' conferences that have been held in Australia and New Zealand (beginning at RMIT in 1983), The Mesh Book is a collection of essays grouped into themes of Invisible Infrastructures (systems of belief), Immanent Infrastructures (natural systems) and Present Infrastructures (roads and services). Ranging from esoteric discussions to analytical case studies, the book assembles a broad spectrum of ideas on the landscape within the context of Australia and a contemporary study of place.

Protocol engineering for protection against denial-of-service attacks

Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.

Consumer protection in the banking sector : reviewing the Code of Banking Practice

This article explains the relevance of the Code and its place in the regulatory framework, discusses some of the key issues arising in the recent review (as identified by consumer advocates1), and explains the relationship between the Code and the Financial Ombudsman Service.

Electronic workplace surveillance and employee privacy : a comparative analysis of privacy protection in Australia and the United States

More than a century ago in their definitive work “The Right to Privacy” Samuel D. Warren and Louis D. Brandeis highlighted the challenges posed to individual privacy by advancing technology. Today’s workplace is characterised by its reliance on computer technology, particularly the use of email and the Internet to perform critical business functions. Increasingly these and other workplace activities are the focus of monitoring by employers. There is little formal regulation of electronic monitoring in Australian or United States workplaces. Without reasonable limits or controls, this has the potential to adversely affect employees’ privacy rights. Australia has a history of legislating to protect privacy rights, whereas the United States has relied on a combination of constitutional guarantees, federal and state statutes, and the common law. This thesis examines a number of existing and proposed statutory and other workplace privacy laws in Australia and the United States. The analysis demonstrates that existing measures fail to adequately regulate monitoring or provide employees with suitable remedies where unjustifiable intrusions occur. The thesis ultimately supports the view that enacting uniform legislation at the national level provides a more effective and comprehensive solution for both employers and employees. Chapter One provides a general introduction and briefly discusses issues relevant to electronic monitoring in the workplace. Chapter Two contains an overview of privacy law as it relates to electronic monitoring in Australian and United States workplaces. In Chapter Three there is an examination of the complaint process and remedies available to a hypothetical employee (Mary) who is concerned about protecting her privacy rights at work. Chapter Four provides an analysis of the major themes emerging from the research, and also discusses the draft national uniform legislation. Chapter Five details the proposed legislation in the form of the Workplace Surveillance and Monitoring Act, and Chapter Six contains the conclusion.

Investment decision framework for infrastructure asset management: a probability-based approach

Australia’s civil infrastructure assets of roads, bridges, railways, buildings and other structures are worth billions of dollars. Road assets alone are valued at around A$ 140 billion. As the condition of assets deteriorate over time, close to A$10 billion is spent annually in asset maintenance on Australia's roads, or the equivalent of A$27 million per day. To effectively manage road infrastructures, firstly, road agencies need to optimise the expenditure for asset data collection, but at the same time, not jeopardise the reliability in using the optimised data to predict maintenance and rehabilitation costs. Secondly, road agencies need to accurately predict the deterioration rates of infrastructures to reflect local conditions so that the budget estimates could be accurately estimated. And finally, the prediction of budgets for maintenance and rehabilitation must provide a certain degree of reliability. A procedure for assessing investment decision for road asset management has been developed. The procedure includes: • A methodology for optimising asset data collection; • A methodology for calibrating deterioration prediction models; • A methodology for assessing risk-adjusted estimates for life-cycle cost estimates. • A decision framework in the form of risk map

Review on Australian and international practices for asset management in building infrastructure

Both in developed and developing economies, major public funding is invested in civil infrastructure assets. Efficiency and comfort level of expected and demanded living standards are largely dependant on the management strategies of these assets. Buildings are one of the major & vital assets, which need to be maintained primarily to ensure its functionality by effective & efficient delivery of services and to optimize economic benefits. Not withstanding, public building infrastructure is not considered in Infrastructure report card published by Australian Infrastructure Report Card Alliance Partners (2001). The reason appears to be not having enough data to rate public building infrastructure. American Infrastructure Report Card (2001) gave “School Buildings” ‘d-’ rating, which is below ‘poor’. For effective asset management of building infrastructure, a need emerged to optimise the budget for managing assets, to cope up with increased user expectations, to response effectively to possible asset failures, to deal with ageing of assets and aging populations and to treat other scenarios including technology advancement and non-asset solutions. John (Asset Management, 2001) suggests that in the area of asset management worldwide, UK, Australia and New Zealand are leading.