934 resultados para IT security
Resumo:
INTRODUCTION Globally, one-third of food production is lost annually due to negligent authorities. India alone loses some 21 million tonnes of wheat per year even while it has 200 million food-insecure people in the nation. Disturbingly provocative as it may sound, it is amazing how national and international institutions and governments make use of human hunger for their own survival (Raghib 2013). The global food system is increasingly insecure. Challenges to long-term global food security are encapsulated by resource scarcity, environmental degradation, biodiversity loss, climate change, reductions of farm labour and a growing world population. These issues are caused and aggravated by the spread of corporatised and monopolised food systems, dietary change, and urbanisation. These factors have rapidly brought food insecurity under the umbrella of unconventional security threats (Heukelom 2011). For some, humanitarian crises associated with food insecurity, or what has been dubbed ‘the silent tsunami’, is a pending peril, notably for the world’s poorest and most vulnerable people. For others, the food production industry is an emerging market with unprecedented profits. Despite this problem of food scarcity we are witnessing extraordinary ‘food wastage’, notably in North America and Europe, on a scale that would reportedly be capable of feeding the world’s hungry six times over (Stuart 2012). As the opening quotation to this chapter suggests, governments and corporations are deeply involved in the contexts, politics, and resources associated with food related issues. As many economically developed and advanced industrial nations are reporting a rise out of recession, announcements are made by the world’s richest countries that they are to cut $US2 billion per year from food aid. The head of the World Food Aid Programme, Rosette Sheeran, warns that such cuts could result in ‘the loss of a generation’ (Walters 2011). The global food crisis has also reinvigorated debates about agricultural development and genetically modified (GM) food; as well as fuelling debates about poverty, debt and security. This chapter provides a discussion of the political economy of global food debates and explores the threats and opportunities surrounding food production and future food security.
Resumo:
This paper describes research investigating expertise and the types of knowledge used by airport security screeners. It applies a multi method approach incorporating eye tracking, concurrent verbal protocol and interviews. Results show that novice and expert security screeners primarily access perceptual knowledge and experience little difficulty during routine situations. During non-routine situations however, experience was found to be a determining factor for effective interactions and problem solving. Experts were found to use strategic knowledge and demonstrated structured use of interface functions integrated into efficient problem solving sequences. Comparatively, novices experienced more knowledge limitations and uncertainty resulting in interaction breakdowns. These breakdowns were characterised by trial and error interaction sequences. This research suggests that the quality of knowledge security screeners have access to has implications on visual and physical interface interactions and their integration into problem solving sequences. Implications and recommendations for the design of interfaces used in the airport security screening context are discussed. The motivations of recommendations are to improve the integration of interactions into problem solving sequences, encourage development of problem scheme knowledge and to support the skills and knowledge of the personnel that interact with security screening systems.
Resumo:
Vehicular Ad-hoc Networks (VANETs) can make roads safer, cleaner, and smarter. It can offer a wide range of services, which can be safety and non-safety related. Many safety-related VANETs applications are real-time and mission critical, which would require strict guarantee of security and reliability. Even non-safety related multimedia applications, which will play an important role in the future, will require security support. Lack of such security and privacy in VANETs is one of the key hindrances to the wide spread implementations of it. An insecure and unreliable VANET can be more dangerous than the system without VANET support. So it is essential to make sure that “life-critical safety” information is secure enough to rely on. Securing the VANETs along with appropriate protection of the privacy drivers or vehicle owners is a very challenging task. In this work we summarize the attacks, corresponding security requirements and challenges in VANETs. We also present the most popular generic security policies which are based on prevention as well detection methods. Many VANETs applications require system-wide security support rather than individual layer from the VANETs’ protocol stack. In this work we will review the existing works in the perspective of holistic approach of security. Finally, we will provide some possible future directions to achieve system-wide security as well as privacy-friendly security in VANETs.
Resumo:
Wireless Sensor Networks (WSNs) are employed in numerous applications in different areas including military, ecology, and health; for example, to control of important information like the personnel position in a building, as a result, WSNs need security. However, several restrictions such as low capability of computation, small memory, limited resources of energy, and the unreliable channels employ communication in using WSNs can cause difficulty in use of security and protection in WSNs. It is very essential to save WSNs from malevolent attacks in unfriendly situations. Such networks require security plan due to various limitations of resources and the prominent characteristics of a wireless sensor network which is a considerable challenge. This article is an extensive review about problems of WSNs security, which examined recently by researchers and a better understanding of future directions for WSN security.
Resumo:
The Secure Shell (SSH) protocol is widely used to provide secure remote access to servers, making it among the most important security protocols on the Internet. We show that the signed-Diffie--Hellman SSH ciphersuites of the SSH protocol are secure: each is a secure authenticated and confidential channel establishment (ACCE) protocol, the same security definition now used to describe the security of Transport Layer Security (TLS) ciphersuites. While the ACCE definition suffices to describe the security of individual ciphersuites, it does not cover the case where parties use the same long-term key with many different ciphersuites: it is common in practice for the server to use the same signing key with both finite field and elliptic curve Diffie--Hellman, for example. While TLS is vulnerable to attack in this case, we show that SSH is secure even when the same signing key is used across multiple ciphersuites. We introduce a new generic multi-ciphersuite composition framework to achieve this result in a black-box way.
Resumo:
At CRYPTO 2006, Halevi and Krawczyk proposed two randomized hash function modes and analyzed the security of digital signature algorithms based on these constructions. They showed that the security of signature schemes based on the two randomized hash function modes relies on properties similar to the second preimage resistance rather than on the collision resistance property of the hash functions. One of the randomized hash function modes was named the RMX hash function mode and was recommended for practical purposes. The National Institute of Standards and Technology (NIST), USA standardized a variant of the RMX hash function mode and published this standard in the Special Publication (SP) 800-106. In this article, we first discuss a generic online birthday existential forgery attack of Dang and Perlner on the RMX-hash-then-sign schemes. We show that a variant of this attack can be applied to forge the other randomize-hash-then-sign schemes. We point out practical limitations of the generic forgery attack on the RMX-hash-then-sign schemes. We then show that these limitations can be overcome for the RMX-hash-then-sign schemes if it is easy to find fixed points for the underlying compression functions, such as for the Davies-Meyer construction used in the popular hash functions such as MD5 designed by Rivest and the SHA family of hash functions designed by the National Security Agency (NSA), USA and published by NIST in the Federal Information Processing Standards (FIPS). We show an online birthday forgery attack on this class of signatures by using a variant of Dean’s method of finding fixed point expandable messages for hash functions based on the Davies-Meyer construction. This forgery attack is also applicable to signature schemes based on the variant of RMX standardized by NIST in SP 800-106. We discuss some important applications of our attacks and discuss their applicability on signature schemes based on hash functions with ‘built-in’ randomization. Finally, we compare our attacks on randomize-hash-then-sign schemes with the generic forgery attacks on the standard hash-based message authentication code (HMAC).
Resumo:
Protection of passwords used to authenticate computer systems and networks is one of the most important application of cryptographic hash functions. Due to the application of precomputed memory look up attacks such as birthday and dictionary attacks on the hash values of passwords to find passwords, it is usually recommended to apply hash function to the combination of both the salt and password, denoted salt||password, to prevent these attacks. In this paper, we present the first security analysis of salt||password hashing application. We show that when hash functions based on the compression functions with easily found fixed points are used to compute the salt||password hashes, these hashes are susceptible to precomputed offline birthday attacks. For example, this attack is applicable to the salt||password hashes computed using the standard hash functions such as MD5, SHA-1, SHA-256 and SHA-512 that are based on the popular Davies-Meyer compression function. This attack exposes a subtle property of this application that although the provision of salt prevents an attacker from finding passwords, salts prefixed to the passwords do not prevent an attacker from doing a precomputed birthday attack to forge an unknown password. In this forgery attack, we demonstrate the possibility of building multiple passwords for an unknown password for the same hash value and salt. Interestingly, password||salt (i.e. salts suffixed to the passwords) hashes computed using Davies-Meyer hash functions are not susceptible to this attack, showing the first security gap between the prefix-salt and suffix-salt methods of hashing passwords.
Resumo:
We present an approach for detecting sensor spoofing attacks on a cyber-physical system. Our approach consists of two steps. In the first step, we construct a safety envelope of the system. Under nominal conditions (that is, when there are no attacks), the system always stays inside its safety envelope. In the second step, we build an attack detector: a monitor that executes synchronously with the system and raises an alarm whenever the system state falls outside the safety envelope. We synthesize safety envelopes using a modified machine learning procedure applied on data collected from the system when it is not under attack. We present experimental results that show effectiveness of our approach, and also validate the several novel features that we introduced in our learning procedure.
Resumo:
As a relatively new piece of legislation, the Personal Property Securities Act 2009 (Cth) (PPSA) is yet to be the subject of much significant judicial consideration. Whilst the position of the Australian courts is becoming clearer in relation to domestic disputes, parties to cross-border transactions continue to encounter an alarming number of uncertainties with respect to the enforcement and maintenance of their security interests. This article considers the relevant problematic provisions of the PPSA and considers them in light of the authorities dealing with corresponding legislation in other jurisdictions. It then attempts to provide some guidance and suggestions as to the best means of protecting security interests in cross-border transactions.
Resumo:
IT consumerization is both a major opportunity and significant challenge for organizations. However, IS research has hardly discussed the implications for IT management so far. In this paper we address this topic by empirically identifying organizational themes for IT consumerization and conceptually exploring the direct and indirect effects on the business value of IT, IT capabilities, and the IT function. More specifically, based on two case studies, we identify eight organizational themes: consumer IT strategy, policy development and responsibilities, consideration of private life of employees, user involvement into IT-related processes, individualization, updated IT infrastructure, end user support, and data and system security. The contributions of this paper are: (1) the identification of organizational themes for IT consumerization; (2) the proposed effects on the business value of IT, IT capabilities and the IT function, and; (3) combining empirical insights into IT consumerization with managerial theories in the IS discipline.
Resumo:
"It could easily provide the back-drop for a James Bond movie. Deep inside a mountain near the North Pole, down a fortified tunnel, and behind airlocked doors in a vault frozen to -18 degrees Celsius, scientists are squirreling away millions of seed samples. The samples constitute the very foundation of agriculture, the biological diversity needed so the world's major food crops can adapt to the next pest or disease, or to climate change. It's little wonder that the Svalbard Global Seed Vault has captured the public's imagination more than almost any agricultural topic in recent years. Popular press reports about the ‘Doomsday Vault,’ however, typically mask the complexity of the endeavor and, if anything, underestimate its practical utility." Cary Fowler This chapter considers the use of seed banks to address concerns about intellectual property, climate change and food security. It has a number of themes. First of all, it is interested in the use of ‘Big Science’ projects to address pressing global scientific concerns and Millennium Development Goals. Second, it highlights the increasing use of banks as a means of managing both property and intellectual property across a wide range of fields of agriculture and biotechnology. Third, it considers the linkage of intellectual property, access to genetic resources and benefit sharing. There are a variety of positions in this debate. Some see requirements in respect of access to genetic resources and benefit sharing as an inconvenient burden for science and commerce. Others defend access to genetic resources and benefit sharing as meaningful and productive. Those inclined to somewhat more conspiratorial views suggest that access to genetic resources and benefit sharing are a ruse to facilitate biopiracy. This chapter has a number of components. Section I focuses upon the Consultative Group on International Agricultural Research (CGIAR) network – often raised as a model for Climate Innovation Centres. Section II considers the Svalbard Global Seed Vault – the so-called Doomsday Vault. After a consideration of the World Summit on Food Security in 2009, it is concluded in this chapter that any future international agreement on climate change needs to address intellectual property, plant genetic resources and food security.
Resumo:
In light of larger public policy debates over intellectual property and climate change, this article considers patent practice, law, and policy in respect of biofuels. This debate has significant implications for public policy discussions in respect of energy independence, food security, and climate change. The first section of the paper provides a network analysis of patents in respect of biofuels across the three generations. It provides empirical research in respect of patent subject matter, ownership, and strategy in respect of biofuels. The second section provides a case study of significant patent litigation over biofuels. There is an examination of the biofuels patent litigation between the Danish company Novozymes, and Danisco and DuPont. The third section examines flexibilities in respect of patent law and clean technologies in the context of the case study of biofuels. In particular, it explores the debate over substantive doctrinal matters in respect of biofuels – such as patentable subject matter, technology transfer, patent pools, compulsory licensing, and disclosure requirements. The conclusion explores the relevance of the debate over patent law and biofuels to the larger public policy discussions over energy independence, food security, and climate change.
Resumo:
This paper offers one explanation for the institutional basis of food insecurity in Australia, and argues that while alternative food networks and the food sovereignty movement perform a valuable function in building forms of social solidarity between urban consumers and rural producers, they currently make only a minor contribution to Australia’s food and nutrition security. The paper begins by identifying two key drivers of food security: household incomes (on the demand side) and nutrition-sensitive, ‘fair food’ agriculture (on the supply side). We focus on this second driver and argue that healthy populations require an agricultural sector that delivers dietary diversity via a fair and sustainable food system. In order to understand why nutrition-sensitive, fair food agriculture is not flourishing in Australia we introduce the development economics theory of urban bias. According to this theory, governments support capital intensive rather than labour intensive agriculture in order to deliver cheap food alongside the transfer of public revenues gained from rural agriculture to urban infrastructure, where the majority of the voting public resides. We chart the unfolding of the Urban Bias across the twentieth century and its consolidation through neo-liberal orthodoxy, and argue that agricultural policies do little to sustain, let alone revitalize, rural and regional Australia. We conclude that by observing food system dynamics through a re-spatialized lens, Urban Bias Theory is valuable in highlighting rural–urban socio-economic and political economy tensions, particularly regarding food system sustainability. It also sheds light on the cultural economy tensions for alternative food networks as they move beyond niche markets to simultaneously support urban food security and sustainable rural livelihoods.
Resumo:
This paper addresses the gap in economic theory underlying the multidimensional concept of food security and observed data by deriving a composite food security index using the latent class model. The link between poverty and food security is then examined using the new food security index and the robustness of the link is compared with two unidimensional measures often used in the literature. Using Vietnam as a case study, it was found that a weak link exists for the rural but not for the urban composite food security index. The unidimensional measures on the other hand show a strong link in both the rural and urban regions. The results on the link are also different and mixed when two poverty types given by persistent and transient poverty are considered. These findings have important policy implications for a targeted approach to addressing food security.
Resumo:
For a hundred years, since Federation, Australian consumers have suffered the indignity and the tragedy of price discrimination. From the time of imperial publishing networks, Australia has been suffered from cultural colonialism. In respect of pricing of copyright works, Australian consumers have been gouged; ripped-off; and exploited. Digital technologies have not necessarily brought an end to such price discrimination. Australian consumers have been locked out by technological protection measures; subject to surveillance, privacy intrusions and security breaches; locked into walled gardens by digital rights management systems; and geo-blocked.
