O estabelecimento virtual na sociedade técnica: a necessária busca de segurança jurídica nas transações comerciais

Pós-graduação em Direito - FCHS

Computer security incidents against Australian businesses : predictors of victimisation

Drawing on data from the Australian Business Assessment of Computer User Security (ABACUS) survey, this paper examines a range of factors that may influence businesses’ likelihood of being victimised by a computer security incident. It has been suggested that factors including business size, industry sector, level of outsourcing, expenditure on computer security functions and types of computer security tools and/or policies used may influence the probability of particular businesses experiencing such incidents. This paper uses probability modelling to test whether this is the case for the 4,000 businesses that responded to the ABACUS survey. It was found that the industry sector that a business belonged to, and business expenditure on computer security, were not related to businesses’ likelihood of detecting computer security incidents. Instead, the number of employees that a business has and whether computer security functions were outsourced were found to be key indicators of businesses’ likelihood of detecting incidents. Some of the implications of these findings are considered in this paper.

Elliptic curves, group law, and efficient computation

This thesis is about the derivation of the addition law on an arbitrary elliptic curve and efficiently adding points on this elliptic curve using the derived addition law. The outcomes of this research guarantee practical speedups in higher level operations which depend on point additions. In particular, the contributions immediately find applications in cryptology. Mastered by the 19th century mathematicians, the study of the theory of elliptic curves has been active for decades. Elliptic curves over finite fields made their way into public key cryptography in late 1980’s with independent proposals by Miller [Mil86] and Koblitz [Kob87]. Elliptic Curve Cryptography (ECC), following Miller’s and Koblitz’s proposals, employs the group of rational points on an elliptic curve in building discrete logarithm based public key cryptosystems. Starting from late 1990’s, the emergence of the ECC market has boosted the research in computational aspects of elliptic curves. This thesis falls into this same area of research where the main aim is to speed up the additions of rational points on an arbitrary elliptic curve (over a field of large characteristic). The outcomes of this work can be used to speed up applications which are based on elliptic curves, including cryptographic applications in ECC. The aforementioned goals of this thesis are achieved in five main steps. As the first step, this thesis brings together several algebraic tools in order to derive the unique group law of an elliptic curve. This step also includes an investigation of recent computer algebra packages relating to their capabilities. Although the group law is unique, its evaluation can be performed using abundant (in fact infinitely many) formulae. As the second step, this thesis progresses the finding of the best formulae for efficient addition of points. In the third step, the group law is stated explicitly by handling all possible summands. The fourth step presents the algorithms to be used for efficient point additions. In the fifth and final step, optimized software implementations of the proposed algorithms are presented in order to show that theoretical speedups of step four can be practically obtained. In each of the five steps, this thesis focuses on five forms of elliptic curves over finite fields of large characteristic. A list of these forms and their defining equations are given as follows: (a) Short Weierstrass form, y2 = x3 + ax + b, (b) Extended Jacobi quartic form, y2 = dx4 + 2ax2 + 1, (c) Twisted Hessian form, ax3 + y3 + 1 = dxy, (d) Twisted Edwards form, ax2 + y2 = 1 + dx2y2, (e) Twisted Jacobi intersection form, bs2 + c2 = 1, as2 + d2 = 1, These forms are the most promising candidates for efficient computations and thus considered in this work. Nevertheless, the methods employed in this thesis are capable of handling arbitrary elliptic curves. From a high level point of view, the following outcomes are achieved in this thesis. - Related literature results are brought together and further revisited. For most of the cases several missed formulae, algorithms, and efficient point representations are discovered. - Analogies are made among all studied forms. For instance, it is shown that two sets of affine addition formulae are sufficient to cover all possible affine inputs as long as the output is also an affine point in any of these forms. In the literature, many special cases, especially interactions with points at infinity were omitted from discussion. This thesis handles all of the possibilities. - Several new point doubling/addition formulae and algorithms are introduced, which are more efficient than the existing alternatives in the literature. Most notably, the speed of extended Jacobi quartic, twisted Edwards, and Jacobi intersection forms are improved. New unified addition formulae are proposed for short Weierstrass form. New coordinate systems are studied for the first time. - An optimized implementation is developed using a combination of generic x86-64 assembly instructions and the plain C language. The practical advantages of the proposed algorithms are supported by computer experiments. - All formulae, presented in the body of this thesis, are checked for correctness using computer algebra scripts together with details on register allocations.

Can water security be achieved in the urban environment through the implementation of the Neo Institutional theory government regulation and legislation?

The research seeks to address the current global water crisis and the built environments effect on the increasing demand for sustainability and water security. The fundamental question in determining the correct approach for water security in the built environment is whether government regulation and legislation could provide the framework for sustainable development and the conscious shift providing that change is the only perceivable option, there is no alternative. This article will attempt to analyse the value of the neo institutional theory as a method for directing individuals and companies to conform to water saving techniques. As is highlighted throughout the article, it will be investigated whether an incentive verse punishment approach to government legislations and regulations would provide the framework required to ensure water security within the built environment. Individuals and companies make certain choices or perform certain actions not because they fear punishment or attempt to conform; neither do they do so because an action is appropriate or feels some sort of social obligation. Instead, the cognitive element of neo institutionalism suggests that individuals make certain choices because they can conceive no alternative. The research seeks to identify whether sustainability and water security can become integrated into all aspects of design and architecture through the perception that 'there is no alternative.' This report seeks to address the omission of water security in the built environment by reporting on a series of investigations, interviews, literature reviews, exemplars and statistics relating to the built environment and the potential for increased water security. The results and analysis support the conclusions that through the support of government and local council, sustainability in the built environment could be achieved and become common practice for developments. Highlighted is the approach required for water management systems integration into the built environment and how these can be developed and maintained effectively between cities, states, countries and cultures.

Labour Law and Labour Market Regulation

The traditional boundaries of labour law are becoming outmoded in a modern world in which active labour market participants vastly outnumber “employees”, and the world of work extends way beyond the workplace gate. There is convergence with labour market regulation. The contract of employment remains central but is no longer the sole object of study.Labour Law and Labour Market Regulation reflects the dramatically different industrial, social, political and legislative contexts in which the law now operates and the intellectual revolution this is generating. Individual chapters contain studies of regulation within prescriptive government schemes, contract networks, specialist labour markets, the intersection between work and family, enterprise policies and practices, and the courts and tribunals. The book provides insights into areas that are, as arbitration declines, becoming increasingly important to their clients' interests. The most recent legislation and jurisprudence is discussed in many chapters including discrimination, dismissals, health and safety, immigration, social security, franchise, volunteer and contract law.

Lecturing for non-law background students: Assessing the cognitive load of case and legislation-based lecturing approaches

Lecturing is a traditional method for teaching in discipline-based teaching environments and its success in legal discipline depends upon its alignment with learner backgrounds, learning objectives and the lecturing approaches utilised in the classes. In a situation where students do not have any prior knowledge of the given discipline that requires a particular lecturing approach, a mismatch in such an alignment would place learner knowledge acquisition into a challenging situation. From this perspective, this study tests the suitability of two dominant lecturing approaches—the case and the law-based lecturing approaches. It finds that a lecturer should put more emphasis on the case-based approach while lecturing to non-law background business students at the postgraduate level, provided that such an emphasis should be relative to the cognitive ability of the students and their motivation for learning law units.

The Organization for Security and Co-operation in Europe and European Security Law

Odello, Marco, The Organization for Security and Co-operation in Europe and European Security Law, In: European Security Law, Oxford University Press, pp. 295-328, 2007. RAE2008

EU Social and Labour Rights and EU Internal Market Law: Study for the EMPL Committee

EU Social and Labour Rights have developed incrementally, originally through a set of legislative initiatives creating selective employment rights, followed by a non-binding Charter of Social Rights. Only in 2009, social and labour rights became legally binding through the Charter of Fundamental Rights for the European Union (CFREU). By contrast, the EU Internal Market - an area without frontiers where goods, persons, services and capital can circulate freely – has been enshrined in legally enforceable Treaty provisions from 1958. These comprise the economic freedoms guaranteeing said free circulation and a system ensuring that competition is not distorted within the Internal Market (Protocol 27 to the Treaty of Lisbon). Tensions between Internal Market law and social and labour rights have been observed in analyses of EU case law and legislation. This study explores responses by socio-economic and political actors at national and EU levels to such tensions, focusing on collective labour rights, rights to fair working conditions and rights to social security and social assistance (Articles 12, 28, 31, 34 Charter of Fundamental Rights for the European Union). On the basis of the current Treaties and the CFREU, the constitutionally conditioned Internal Market emerges as a way to overcome the perception that social and labour rights limit Internal Market law, or vice versa. On this basis, alternative responses to perceived tensions are proposed, focused on posting of workers, furthering fair employment conditions through public procurement and enabling effective collective bargaining and industrial action in the Internal Market.

An Alternative Approach To Computer System Security Monitoring And Enhancement Through System Call Sequence Analysis

Modern computer systems are plagued with stability and security problems: applications lose data, web servers are hacked, and systems crash under heavy load. Many of these problems or anomalies arise from rare program behavior caused by attacks or errors. A substantial percentage of the web-based attacks are due to buffer overflows. Many methods have been devised to detect and prevent anomalous situations that arise from buffer overflows. The current state-of-art of anomaly detection systems is relatively primitive and mainly depend on static code checking to take care of buffer overflow attacks. For protection, Stack Guards and I-leap Guards are also used in wide varieties.This dissertation proposes an anomaly detection system, based on frequencies of system calls in the system call trace. System call traces represented as frequency sequences are profiled using sequence sets. A sequence set is identified by the starting sequence and frequencies of specific system calls. The deviations of the current input sequence from the corresponding normal profile in the frequency pattern of system calls is computed and expressed as an anomaly score. A simple Bayesian model is used for an accurate detection.Experimental results are reported which show that frequency of system calls represented using sequence sets, captures the normal behavior of programs under normal conditions of usage. This captured behavior allows the system to detect anomalies with a low rate of false positives. Data are presented which show that Bayesian Network on frequency variations responds effectively to induced buffer overflows. It can also help administrators to detect deviations in program flow introduced due to errors.

INFO2009 Group 21 - A Poster and set of Resources on Computer Security

This contains a poster advertising the resources. The resource is a profile folder on five topics, as well as a website, a quiz, and an interactive game.

Not for Designers: On the Inadequacies of EU Design Law and How to Fix It

Design rights represent an interesting example of how the EU legislature has successfully regulated an otherwise heterogeneous field of law. Yet this type of protection is not for all. The tools created by EU intervention have been drafted paying much more attention to the industry sector rather than to designers themselves. In particular, modern, digitally based, individual or small-sized, 3D printing, open designers and their needs are largely neglected by such legislation. There is obviously nothing wrong in drafting legal tools around the needs of an industrial sector with an important role in the EU economy, on the contrary, this is a legitimate and good decision of industrial policy. However, good legislation should be fair, balanced, and (technologically) neutral in order to offer suitable solutions to all the players in the market, and all the citizens in the society, without discriminating the smallest or the newest: the cost would be to stifle innovation. The use of printing machinery to manufacture physical objects created digitally thanks to computer programs such as Computer-Aided Design (CAD) software has been in place for quite a few years, and it is actually the standard in many industrial fields, from aeronautics to home furniture. The change in recent years that has the potential to be a paradigm-shifting factor is a combination between the opularization of such technologies (price, size, usability, quality) and the diffusion of a culture based on access to and reuse of knowledge. We will call this blend Open Design. It is probably still too early, however, to say whether 3D printing will be used in the future to refer to a major event in human history, or instead will be relegated to a lonely Wikipedia entry similarly to ³Betamax² (copyright scholars are familiar with it for other reasons). It is not too early, however, to develop a legal analysis that will hopefully contribute to clarifying the major issues found in current EU design law structure, why many modern open designers will probably find better protection in copyright, and whether they can successfully rely on open licenses to achieve their goals. With regard to the latter point, we will use Creative Commons (CC) licenses to test our hypothesis due to their unique characteristic to be modular, i.e. to have different license elements (clauses) that licensors can choose in order to adapt the license to their own needs.”