Network security metrics and performance for healthcare systems management

While enhanced cybersecurity options, mainly based around cryptographic functions, are needed overall speed and performance of a healthcare network may take priority in many circumstances. As such the overall security and performance metrics of those cryptographic functions in their embedded context needs to be understood. Understanding those metrics has been the main aim of this research activity. This research reports on an implementation of one network security technology, Internet Protocol Security (IPSec), to assess security performance. This research simulates sensitive healthcare information being transferred over networks, and then measures data delivery times with selected security parameters for various communication scenarios on Linux-based and Windows-based systems. Based on our test results, this research has revealed a number of network security metrics that need to be considered when designing and managing network security for healthcare-specific or non-healthcare-specific systems from security, performance and manageability perspectives. This research proposes practical recommendations based on the test results for the effective selection of network security controls to achieve an appropriate balance between network security and performance

A simulation framework for smart meter security evaluation

The evolution of classic power grids to smart grids creates chances for most participants in the energy sector. Customers can save money by reducing energy consumption, energy providers can better predict energy demand and environment benefits since lower energy consumption implies lower energy production including a decrease of emissions from plants. But information and communication systems supporting smart grids can also be subject to classical or new network attacks. Attacks can result in serious damage such as harming privacy of customers, creating economical loss and even disturb the power supply/demand balance of large regions and countries. In this paper, we give an overview about the German smart measuring architecture, protocols and security. Afterwards, we present a simulation framework which enables researchers to analyze security aspects of smart measuring scenarios.

Cyber security of networked critical infrastructures [Guest Editorial]

A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.

Improving the safety and security of the pharmaceutical supply chain

This paper discusses various techniques that may be used to combat counterfeiting in the pharmaceutical supply chain. These include the use of electronic pedigrees (to ensure the integrity of the supply chain), together with mass-serialization (to provide for a unique lifecycle history of each individual package) and authentication of the product (to check for any discrepancies in the various attributes of the product and its packaging are as intended for that individual package). Management of the pedigree process and product authentication is discussed in some detail, together with various other learnings from the Drug Security Network, including identification of some remaining vulnerabilities and suggestions for tightening these loopholes. © 2008 Springer-Verlag Berlin Heidelberg.

Responding to terrorism through networks at sites of critical infrastructure : a case study of Australian airport security networks

The importance of effective multilateral security networks is widely recognised in Australia and internationally as being essential to facilitate the large-scale sharing of information required to respond to the threat of terrorism. Australian national security agencies are currently constructing networks in order to bring the diverse national and international security agencies together to achieve this. This paper examines this process of security network formation in the area of critical infrastructure protection, with particular emphasis on airport security. We address the key issues and factors shaping network formation and the dynamics involved in network practice. These include the need for the networks to extend membership beyond the strictly defined elements of national security; the integration of public and private ‘nodes’ in counter-terrorism ‘networks’; and the broader ‘responsibilisation’ of the private sector and the challenges with ‘enabling’ them in counter-terrorism networks. We argue that the need to integrate public and private agencies in counter-terrorism networks is necessary but faces considerable organisational, cultural, and legal barriers.

Security networks and occupational culture: understanding culture within and between organisations

Security networks are organisational forms involving public, private and hybrid actors or nodes that work together to pursue security-related objectives. While we know that security networks are central to the governance of security, and that security networks exist at multiple levels across the security field, we still do not know enough about how these networks form and function. Based on a detailed qualitative study of networks in the field of ‘high’ policing in Australia, this article aims to advance our knowledge of the relational properties of security networks. Following the organisational culture literature, the article uses the concept of a ‘group’ as the basis with which to analyse and understand culture. A group can apply to networks (‘network culture’), organisations (‘organisational culture’) and sections within and between organisations (‘occupational subcultures’). Using interviews with senior members of security, police and intelligence agencies, the article proceeds to analyse how cultures form and function within such groups. In developing a network perspective on occupational culture, the article challenges much of the police culture(s) literature for concentrating too heavily on police organisations as independent units of analysis. The article moves beyond debates between integrated or differentiated organisational cultures and questions concerning the extent to which culture shapes particular outcomes, to analyse the ways in which security nodes relate to one another in security networks. If there is one thing that should be clear it is that security nodes experience cultural change as they work together in and through networks.

Managing dynamic security networks: towards the strategic managing of cooperation, coordination and collaboration

Security networks are increasing in number and in importance across the security field as a means of providing inter-agency coordination. On the basis of a detailed qualitative study of networks in the field of national security in Australia, this article aims to advance our knowledge of the internal properties of security networks and conditions shaping their performance. It places ‘cooperation’, ‘coordination’ and ‘collaboration’ on a continuum, with cooperation at one end and collaboration at the other end, and aims to illustrate how each of these ‘Cs’ shape the performance of security networks. The central argument is that the performance of security networks increases as the network moves from cooperation to collaboration. Drawing on interviews with senior members of security, law enforcement and intelligence agencies, the article aims to highlight the lessons for how to strategically manage security networks in ways that promote collaboration.

Securing IEEE 802.11 wireless LANs

As the acceptance and popularity of wireless networking technologies has proliferated, the security of the IEEE 802.11 wireless local area network (WLAN) has advanced in leaps and bounds. From tenuous beginnings, where the only safe way to deploy a WLAN was to assume it was hostile and employ higherlayer information security controls, to the current state of the art, all manner of improvements have been conceived and many implemented. This work investigates some of the remaining issues surrounding IEEE 802.11 WLAN operation. While the inherent issues in WLAN deployments and the problems of the original Wired Equivalent Privacy (WEP) provisions are well known and widely documented, there still exist a number of unresolved security issues. These include the security of management and control frames and the data link layer protocols themselves. This research introduces a novel proposal to enhance security at the link layer of IEEE 802.11 WLANs and then conducts detailed theoretical and empirical investigation and analysis of the eects of such proposals. This thesis �rst de�nes the state of the art in WLAN technology and deployment, including an overview of the current and emerging standards, the various threats, numerous vulnerabilities and current exploits. The IEEE 802.11i MAC security enhancements are discussed in detail, along with the likely outcomes of the IEEE 802.11 Task Group W1, looking into protected management frames. The problems of the remaining unprotected management frames, the unprotected control frames and the unprotected link layer headers are reviewed and a solution is hypothesised, to encrypt the entire MAC Protocol Data Unit (MPDU), including the MAC headers, not just the MAC Service Data Unit (MSDU) commonly performed by existing protocols. The proposal is not just to encrypt a copy of the headers while still using cleartext addresses to deliver the frame, as used by some existing protocols to support the integrity and authenticity of the headers, but to pass the entire MPDU only as ciphertext to also support the con�dentiality of the frame header information. This necessitates the decryption of every received frame using every available key before a station can determine if it is the intended recipient. As such, this raises serious concerns as to the viability of any such proposal due to the likely impact on throughput and scalability. The bulk of the research investigates the impacts of such proposals on the current WLAN protocols. Some possible variations to the proposal are also provided to enhance both utility and speed. The viability this proposal with respect to the eect on network throughput is then tested using a well known and respected network simulation tool, along with a number of analysis tools developed speci�cally for the data generated here. The simulator's operation is �rst validated against recognised test outputs, before a comprehensive set of control data is established, and then the proposal is tested and and compared against the controls. This detailed analysis of the various simulations should be of bene�t to other researchers who need to validate simulation results. The analysis of these tests indicate areas of immediate improvement and so the protocols are adjusted and a further series of experiments conducted. These �nal results are again analysed in detail and �nal appraisals provided.

Reliable and energy efficient routing for ad hoc networks

In Mobile Ad hoc NETworks (MANETs), where cooperative behaviour is mandatory, there is a high probability for some nodes to become overloaded with packet forwarding operations in order to support neighbor data exchange. This altruistic behaviour leads to an unbalanced load in the network in terms of traffic and energy consumption. In such scenarios, mobile nodes can benefit from the use of energy efficient and traffic fitting routing protocol that better suits the limited battery capacity and throughput limitation of the network. This PhD work focuses on proposing energy efficient and load balanced routing protocols for ad hoc networks. Where most of the existing routing protocols simply consider the path length metric when choosing the best route between a source and a destination node, in our proposed mechanism, nodes are able to find several routes for each pair of source and destination nodes and select the best route according to energy and traffic parameters, effectively extending the lifespan of the network. Our results show that by applying this novel mechanism, current flat ad hoc routing protocols can achieve higher energy efficiency and load balancing. Also, due to the broadcast nature of the wireless channels in ad hoc networks, other technique such as Network Coding (NC) looks promising for energy efficiency. NC can reduce the number of transmissions, number of re-transmissions, and increase the data transfer rate that directly translates to energy efficiency. However, due to the need to access foreign nodes for coding and forwarding packets, NC needs a mitigation technique against unauthorized accesses and packet corruption. Therefore, we proposed different mechanisms for handling these security attacks by, in particular by serially concatenating codes to support reliability in ad hoc network. As a solution to this problem, we explored a new security framework that proposes an additional degree of protection against eavesdropping attackers based on using concatenated encoding. Therefore, malicious intermediate nodes will find it computationally intractable to decode the transitive packets. We also adopted another code that uses Luby Transform (LT) as a pre-coding code for NC. Primarily being designed for security applications, this code enables the sink nodes to recover corrupted packets even in the presence of byzantine attacks.

Brazil's Emerging Roadmap for Internet Governance

Thesis (Master's)--University of Washington, 2014

La gouvernance nodale de la sécurité locale

Le présent travail de recherche se propose d’analyser les dispositifs de gouvernance nodale de la sécurité locale en France, alors que le paradigme a vu le jour et s’est développé dans les pays anglo-saxons fortement décentralisés. C’est qu’en France les dispositifs de gouvernance nodale s’apparentent bien plus à un dialogue entre central et local qu’entre secteur public et privé. La recherche identifie ainsi les caractéristiques de la gouvernance nodale au cœur des dispositifs partenariaux de la sécurité locale, supportés par le Contrat Local de Sécurité (CLS), le Conseil Local de Sécurité et de Prévention de la Délinquance (CLSPD) ou encore le Groupe Local de Traitement de la Délinquance (GLTD). La recherche identifie ainsi les stratégies de décentrage de l’État et de transfert de la production de sécurité vers une diversité d’acteurs locaux, dont les maires et les services municipaux. Une diversité de politiques publiques locales de sécurité de pertinences différentes voit alors le jour. Le premier enseignement de cette recherche est l’importance du rôle joué par le node super-structurel, que nous appelons super-node et qui regroupe le maire ou l’élu local à la sécurité, le responsable de la police d’État, celui de la police municipale et le représentant de l’État. Il apparaît que dans le dispositif de gouvernance nodale, ce groupe informel génère la dynamique collective qui permet de regrouper, tant les producteurs que les consommateurs de sécurité locale gravitant au sein du réseau local de sécurité. La quarantaine d’entrevues qualitatives permet également d’identifier que la Justice, productrice de sécurité comme peut l’être aussi la sécurité privée ou la médiation sociale, apparaît plus distante que ce que pouvait laisser penser l’étude des textes réglementaires organisant le partenariat. Les bailleurs sociaux, les transporteurs et l’Éducation nationale apparaissent clairement comme des acteurs importants, mais périphériques de sécurité, en intégrant cette « famille élargie » de la sécurité locale. Le deuxième enseignement est relatif au fonctionnement même du dispositif nodal ainsi que du super-node, la recherche permettant d’identifier les ressources mutualisées par l’ensemble des nodes. Cela permet également d’identifier les mécanismes de répartition des tâches entre les différents acteurs et plus particulièrement entre les deux organisations policières d’État et municipale, travaillant autant en compétition, qu’en complémentarité. Cette recherche explore également le rôle joué par l’information dans le fonctionnement du super-node ainsi que l’importance de la confiance dans les relations interpersonnelles des représentants des nodes au sein du super-node. Enfin, l’étude permet également de mettre en perspective les limites du dispositif actuel de gouvernance nodale : le défaut avéré d’outils performants permettant d’informer convenablement le super-node quant aux phénomènes de violence ainsi que d’évaluer l’efficience du dispositif. Cela permet également de questionner l’autonomie des dispositifs de gouvernance nodale, la confiance pouvant ouvrir à la déviance et la collégialité au défaut de la traçabilité de la responsabilité. La fracture avec la société civile apparaît clairement et ne facilite pas le contrôle sur un mode de production de sécurité qui se développe en parallèle des dispositifs traditionnels de démocratie locale.

La política exterior energética China y sus implicaciones geopolíticas en Asia Central (2000 - 2010)

El interés de la presente monografía es evaluar las implicaciones geopolíticas que ha tenido la política exterior energética China dentro la región de Asia Central. De esta manera, se analiza el papel de los recursos energéticos en las dinámicas geopolíticas que se están dando en la región centroasiática, al igual que la influencia de grandes potencias en esta zona. Así, teniendo en cuenta la teoría geopolítica de Saúl Bernard Cohen se sostiene que el acercamiento de China, a través de su política exterior energética, ha ayudado a transformar a Asia Central en un shatterbelt debido a su intención de ejercer influencia y control sobre los recursos de la región.

Why it is hard to fight against cyber criminals?

We are witnessing numerous cyber attacks every day, however, we do not see many cyber criminals are brought to justice. One reason is that it is technically hard to identify and trace cyber criminals. One reason for this passive situation is our limited or even inappropriate understanding of the cyber space. In this paper, we survey the challenges and opportunities in this research field for interested readers. We also list promising tools and directions based on our understanding.

An approach for profiling phishing activities

Phishing attacks continue unabated to plague Internet users and trick them into providing personal and confidential information to phishers. In this paper, an approach for email-born phishing detection based on profiling and clustering techniques is proposed. We formulate the profiling problem as a clustering problem using various features present in the phishing emails as feature vectors and generate profiles based on clustering predictions. These predictions are further utilized to generate complete profiles of the emails. We carried out extensive experimental analysis of the proposed approach in order to evaluate its effectiveness to various factors such as sensitivity to the type of data, number of data sizes and cluster sizes. We compared the performance of the proposed approach against the Modified Global Kmeans (MGKmeans) approach. The results show that the proposed approach is efficient as compared to the baseline approach. © 2014 Elsevier Ltd. All rights reserved.