Cyber security and protection of ICS systems: An australian example

Many aspects of our modern society now have either a direct or implicit dependence upon information technology. As such, a compromise of the availability or integrity in relation to these systems (which may encompass such diverse domains as banking, government, health care, and law enforcement) could have dramatic consequences from a societal perspective. These key systems are often referred to as critical infrastructure. Critical infrastructure can consist of corporate information systems or systems that control key industrial processes; these specific systems are referred to as ICS (Industry Control Systems) systems. ICS systems have devolved since the 1960s from standalone systems to networked architectures that communicate across large distances, utilise wireless network and can be controlled via the Internet. ICS systems form part of many countries’ key critical infrastructure, including Australia. They are used to remotely monitor and control the delivery of essential services and products, such as electricity, gas, water, waste treatment and transport systems. The need for security measures within these systems was not anticipated in the early development stages as they were designed to be closed systems and not open systems to be accessible via the Internet. We are also seeing these ICS and their supporting systems being integrated into organisational corporate systems.

The future of the area of freedom, security and justice. Addressing mobility, protection and effectiveness in the long run. EPC Discussion Paper, 23 January 2014

With the Stockholm Programme coming to an end in 2014, the “Brussels Community” is increasing agitated with a recurring question: what will replace the Stockholm Programme? Paradoxically, this uncertainty is fuelled by the existence of a new and clear Treaty provision – Article 68 TFEU – which states “The European Council shall define the strategic guidelines for legislative and operational planning within the area of freedom, security and justice”. Clear in its wording, this provision may lead to different understandings and unclear implications in practice. In order to provide more clarity, the European Policy Centre (EPC) set up a Task Force to reflect on the impact of this provision and more generally the future of the area of freedom, security and justice after 2014. Results of this process are reflected in this discussion paper which addresses the process and content regarding the definition of future strategic guidelines.

Commodity reserves. Hearings before a sub-committee of the Committee on Agriculture and Forestry, U.S. Senate, Ninetieth Congress, second session on S.2233, S.2617, and S.2743; bills to provide for the establishment and maintenance of reserve stocks of agricultural commodities by producers and the Commodity Credit Corporation for National security, public protection, meeting international commitments, and for other purposes.

Hearings held Jan. 30-31, 1968.

“Who decides?” Security and privacy in the wild

Even though web security protocols are designed to make computer communication secure, it is widely known that there is potential for security breakdowns at the human-machine interface. This paper examines findings from a qualitative study investigating the identification of security decisions used on the web. The study was designed to uncover how security is perceived in an individual user's context. Study participants were tertiary qualified individuals, with a focus on HCI designers, security professionals and the general population. The study identifies that security frameworks for the web are inadequate from an interaction perspective, with even tertiary qualified users having a poor or partial understanding of security, of which they themselves are acutely aware. The result is that individuals feel they must protect themselves on the web. The findings contribute a significant mapping of the ways in which individuals reason and act to protect themselves on the web. We use these findings to highlight the need to design for trust at three levels, and the need to ensure that HCI design does not impact on the users' main identified protection mechanism: separation.

Security and Privacy in Vehicular Ad-Hoc Networks : Survey and the Road Ahead

Vehicular Ad-hoc Networks (VANETs) can make roads safer, cleaner, and smarter. It can offer a wide range of services, which can be safety and non-safety related. Many safety-related VANETs applications are real-time and mission critical, which would require strict guarantee of security and reliability. Even non-safety related multimedia applications, which will play an important role in the future, will require security support. Lack of such security and privacy in VANETs is one of the key hindrances to the wide spread implementations of it. An insecure and unreliable VANET can be more dangerous than the system without VANET support. So it is essential to make sure that “life-critical safety” information is secure enough to rely on. Securing the VANETs along with appropriate protection of the privacy drivers or vehicle owners is a very challenging task. In this work we summarize the attacks, corresponding security requirements and challenges in VANETs. We also present the most popular generic security policies which are based on prevention as well detection methods. Many VANETs applications require system-wide security support rather than individual layer from the VANETs’ protocol stack. In this work we will review the existing works in the perspective of holistic approach of security. Finally, we will provide some possible future directions to achieve system-wide security as well as privacy-friendly security in VANETs.

Security in wireless sensor networks : issues and challenges

Wireless Sensor Networks (WSNs) are employed in numerous applications in different areas including military, ecology, and health; for example, to control of important information like the personnel position in a building, as a result, WSNs need security. However, several restrictions such as low capability of computation, small memory, limited resources of energy, and the unreliable channels employ communication in using WSNs can cause difficulty in use of security and protection in WSNs. It is very essential to save WSNs from malevolent attacks in unfriendly situations. Such networks require security plan due to various limitations of resources and the prominent characteristics of a wireless sensor network which is a considerable challenge. This article is an extensive review about problems of WSNs security, which examined recently by researchers and a better understanding of future directions for WSN security.

Regulating the Ocean: Piracy and Protection along the East African Coast

From 2008-2012, a dramatic upsurge in incidents of maritime piracy in the Western Indian Ocean led to renewed global attention to this region: including the deployment of multi national naval patrols, attempts to prosecute suspected pirates, and the development of financial interdiction systems to track and stop the flow of piracy ransoms. Largely seen as the maritime ripple effect of anarchy on land, piracy has been slotted into narratives of state failure and problems of governance and criminality in this region.

This view fails to account for a number of factors that were crucial in making possible the unprecedented rise of Somali piracy and its contemporary transformation. Instead of an emphasis on failed states and crises of governance, my dissertation approaches maritime piracy within a historical and regional configuration of actors and relationships that precede this round of piracy and will outlive it. The story I tell in this work begins before the contemporary upsurge of piracy and closes with a foretaste of the itineraries beyond piracy that are being crafted along the East African coast.

Beginning in the world of port cities in the long nineteenth century, my dissertation locates piracy and the relationship between trade, plunder, and state formation within worlds of exchange, including European incursions into this oceanic space. Scholars of long distance trade have emphasized the sociality engendered through commerce and the centrality of idioms of trust and kinship in structuring mercantile relationships across oceanic divides. To complement this scholarship, my work brings into view the idiom of protection: as a claim to surety, a form of tax, and a moral claim to authority in trans-regional commerce.

To build this theory of protection, my work combines archival sources with a sustained ethnographic engagement in coastal East Africa, including the pirate ports of Northern Somalia, and focuses on the interaction between land-based pastoral economies and maritime trade. This connection between land and sea calls attention to two distinct visions of the ocean: one built around trade and mobility and the other built on the ocean as a space of extraction and sovereignty. Moving between historical encounters over trade and piracy and the development of a national maritime economy during the height of the Somali state, I link the contemporary upsurge of maritime piracy to the confluence of these two conceptualizations of the ocean and the ideas of capture, exchange, and redistribution embedded within them.

The second section of my dissertation reframes piracy as an economy of protection and a form of labor implicated within other legal and illegal economies in the Indian Ocean. Based on extensive field research, including interviews with self-identified pirates, I emphasize the forms of labor, value, and risk that characterize piracy as an economy of protection. The final section of my dissertation focuses on the diverse international, regional, and local responses to maritime piracy. This section locates the response to piracy within a post-Cold War and post-9/11 global order and longer attempts to regulate and assuage the risks of maritime trade. Through an ethnographic focus on maritime insurance markets, navies, and private security contractors, I analyze the centrality of protection as a calculation of risk and profit in the contemporary economy of counter-piracy.

Through this focus on longer histories of trade, empire, and regulation my dissertation reframes maritime piracy as an economy of protection straddling boundaries of land and sea, legality and illegality, law and economy, and history and anthropology.

Right to Food, Food Security and Food Aid Under International Law, or the Limits of a right-based approach

The right to food has become a pillar of international humanitarian and human rights law. The increasing number of food-related emergencies and the evolution of the international order brought the more precise notion of food security and made a potential right to receive food aid emerge. Despite this apparent centrality, recent statistics show that a life free from hunger is for many people all over the world still a utopian idea. The paper will explore nature and content of the right to food, food security and food aid under international law in order to understand the reasons behind the substantial failure of this right-centred approach, emphasising the lack of legal effects of many food-related provisions because of excessive moral connotations of the right to be free from hunger. Bearing in mind the three-dimensional nature of food security, the paper will also suggest that all attention has been focused on the availability of food, while real difficulties arise in terms of accessibility and adequacy. Emergency situations provide an excellent example of this unbalance, as the emerging right to receive food aid focus itself on the availability of food, without improving local production and adequacy. Looking at other evolving sectors of international law, such as the protection of the environment, and particularly the safeguard of biological diversity, alternative solutions will be envisaged in order to “feed” the right to food.

INFO2009 2012-13 Resource Group 12 Security and Privacy

This is an educational resource that covers a number of realistic attacks on privacy from a technical perspective along with the legal issues you might face if you don't take adequate precautions with data. The format is engaging and entertaining, framing real-world issues in a familiar medium - namely that of a trailer for a blockbuster film.

The Court of Justice of the European Union as a fundamental rights tribunal: challenges for the effective delivery of fundamental rights in the area of freedom, security and justice. CEPS Paper in Liberty and Security in Europe No. 49, 29 August 2012

This paper reflects on the challenges facing the effective implementation of the new EU fundamental rights architecture that emerged from the Lisbon Treaty. Particular attention is paid to the role of the Court of Justice of the European Union (CJEU) and its ability to function as a ‘fundamental rights tribunal’. The paper first analyses the praxis of the European Court of Human Rights in Strasbourg and its long-standing experience in overseeing the practical implementation of the European Convention for the Protection of Human Rights and Fundamental Freedoms. Against this analysis, it then examines the readiness of the CJEU to live up to its consolidated and strengthened mandate on fundamental rights as one of the prime guarantors of the effective implementation of the EU Charter of Fundamental Rights. We specifically review the role of ‘third-party interventions’ by non-governmental organisations, international and regional human rights actors as well as ‘interim relief measures’ when ensuring effective judicial protection of vulnerable individuals in cases of alleged violations of fundamental human rights. To flesh out our arguments, we rely on examples within the scope of the relatively new and complex domain of EU legislation, the Area of Freedom, Security and Justice (AFSJ), and its immigration, external border and asylum policies. In view of the fundamental rights-sensitive nature of these domains, which often encounter shifts of accountability and responsibility in their practical application, and the Lisbon Treaty’s expansion of the jurisdiction of the CJEU to interpret and review EU AFSJ legislation, this area can be seen as an excellent test case for the analyses at hand. The final section puts forth a set of policy suggestions that can assist the CJEU in the process of adjusting itself to the new fundamental rights context in a post-Lisbon Treaty setting.

An analysis of security and privacy issues relating to RFID enabled ePassports

The European Union sees the introduction of the ePassport as a step towards rendering passports more secure against forgery while facilitating more reliable border controls. In this paper we take an interdisciplinary approach to the key security and privacy issues arising from the use of ePassports. We further anallyse how European data protection legislation must be respected and what additional security measures must be integrated in order to safeguard the privacy of the EU ePassport holder.