Open Access. Powered by Scholars. Published by Universities.®

Digital Commons Network

Open Access. Powered by Scholars. Published by Universities.®

PDF

Series

2006

Computer Sciences

Institution
Keyword
Publication

Articles 1 - 30 of 827

Full-Text Articles in Entire DC Network

Itr/Im: Enabling The Creation And Use Of Geogrids For Next Generation Geospatial Information, Peggy Agouris, Mary-Kate Beard-Tisdale, Chaitanya Baru, Sarah Nusser Dec 2006

Itr/Im: Enabling The Creation And Use Of Geogrids For Next Generation Geospatial Information, Peggy Agouris, Mary-Kate Beard-Tisdale, Chaitanya Baru, Sarah Nusser

University of Maine Office of Research Administration: Grant Reports

The objective of this project is to advance science in information management, focusing in particular on geospatial information. It addresses the development of concepts, algorithms, and system architectures to enable users on a grid to query, analyze, and contribute to multivariate, quality-aware geospatial information. The approach consists of three complementary research areas: (1) establishing a statistical framework for assessing geospatial data quality; (2) developing uncertainty-based query processing capabilities; and (3) supporting the development of space- and accuracy-aware adaptive systems for geospatial datasets. The results of this project will support the extension of the concept of the computational grid to facilitate ...


Behavioral Subtyping Is Equivalent To Modular Reasoning For Object-Oriented Programs, Gary T. Leavens, David A. Naumann Dec 2006

Behavioral Subtyping Is Equivalent To Modular Reasoning For Object-Oriented Programs, Gary T. Leavens, David A. Naumann

Computer Science Technical Reports

Behavioral subtyping is an established idea that enables modular reasoning about behavioral properties of object-oriented programs. It requires that syntactic subtypes are behavioral refinements. It validates reasoning about a dynamically-dispatched method call, say E.m(), using the specification associated with the static type of the receiver expression E. For languages with references and mutable objects the idea of behavioral subtyping has not been rigorously formalized as such and the standard informal notion has inadequacies. This paper formalizes behavioral subtyping and introduces a new formalization of modular reasoning, called supertype abstraction. A Java-like sequential language is considered, with classes and interfaces ...


Realizing Privacy-Preserving Features In Hippocratic Databases, Yasin Laura-Silva, Walid G. Aref Dec 2006

Realizing Privacy-Preserving Features In Hippocratic Databases, Yasin Laura-Silva, Walid G. Aref

Department of Computer Science Technical Reports

No abstract provided.


Cyber Crime And Biometric Authentication – The Problem Of Privacy Versus Protection Of Business Assets, Michael G. Crowley Dec 2006

Cyber Crime And Biometric Authentication – The Problem Of Privacy Versus Protection Of Business Assets, Michael G. Crowley

Australian Information Security Management Conference

Cyber crime is now a well recognised international problem that is a major issue for anyone who runs, manages, owns, uses or accesses computer systems linked to the worldwide web. Computer systems are business assets. Personal biometric information is also an asset. Studies have shown that privacy concerns represent a key hurdle to the successful introduction of biometric authentication. In addition, terrorist activity and the resultant legislation have added an additional risk factor businesses need to take into account if they propose using biometric authentication technology. This paper explores the use of biometric authentication to protect business and individual assets ...


Managing Information Security Complexity, Murray Brand Dec 2006

Managing Information Security Complexity, Murray Brand

Australian Information Security Management Conference

This paper examines using a requirements management tool as a common thread to managing the complexity of information security systems. Requirements management provides a mechanism to trace requirements through to design, implementation, operating, monitoring, reviewing, testing, and reporting by creating links to associated, critical artefacts. This is instrumental in managing complex and dynamic systems where change can impact other subsystems and associated documentation. It helps to identify the affected artefacts through many layers. Benefits to this approach would include better project planning and management, improved risk management, superior change management, ease of reuse, enhanced quality control and more effective acceptance ...


Network Forensics And Privacy Enhancing Technologies “Living” Together In Harmony, Giannakis Antoniou, Stefanos Gritzalis Dec 2006

Network Forensics And Privacy Enhancing Technologies “Living” Together In Harmony, Giannakis Antoniou, Stefanos Gritzalis

Australian Information Security Management Conference

Privacy Enhancing Technology (PET) is the technology responsible to hide the identification of Internet users, whereas network forensics is a technology responsible to reveal the identification of Internet users who perform illegal actions through the Internet. The paper identifies the collision of these opposite-goal technologies and describes what happens in case they come across. Can a Network Forensics protocol discover the identification of an Internet user who is trying to be anonymous behind a PET? The paper also proposes a way to bridge and eliminate the gap between these two technologies.


Security Issues Of Ieee 802.16 (Wimax), Jamshed Hasan Dec 2006

Security Issues Of Ieee 802.16 (Wimax), Jamshed Hasan

Australian Information Security Management Conference

Worldwide Interoperability for Microwave Access (WiMAX) is going to be an emerging wireless technology for the future. With the increasing popularity of Broadband internet, wireless networking market is thriving. Wireless network is not fully secure due to rapid release of new technologies, market competition and lack of physical infrastructure. In the IEEE 802.11 technology, security was added later. Iin IEEE 802.16, security has been considered as the main issue during the design of the protocol. However, security mechanism of the IEEE 802.16 (WiMAX) still remains a question. WiMAX is relatively a new technology; not deployed widely to ...


Risks And Responsibilities In Establishing A Wireless Network For An Educational Institution, Leigh Knights, Matt Fonceca, Georgina Mack, Andrew Woodward Dec 2006

Risks And Responsibilities In Establishing A Wireless Network For An Educational Institution, Leigh Knights, Matt Fonceca, Georgina Mack, Andrew Woodward

Australian Information Security Management Conference

A wireless network solution is generally implemented when the bounds of walls of buildings and the constraints of wires need to be broken. Wireless technologies provide the potential for freedom of mobility which is undoubtedly a convenience for organisations in today’s market. The security of a wireless network is crucial for data integrity, especially when the data is not secured by the insulation of wires. While data is being transferred across a wireless network, it is vulnerable. There is no room for error, neglect or ignorance from an organisation, as a breech of data integrity can be devastating for ...


Electronic Surveillance In Hospitals: A Review, Sue Kennedy Dec 2006

Electronic Surveillance In Hospitals: A Review, Sue Kennedy

Australian Information Security Management Conference

This paper focuses on the increasing use of electronic surveillance systems in hospitals and the apparent lack of awareness of the implications of these systems for privacy of the individual. The systems are used for identification and tracking of equipment, staff and patients. There has been little public comment or analysis of these systems with regard to privacy as their implementation has been driven by security issues. The systems that gather this information include video, smart card and more recently RFID systems. The system applications include tracking of vital equipment, labelling of blood and other samples, tracking of patients, new ...


An Assessment Of Threats Of The Physical And Mac Address Layers In Wimax/802.16, Krishnun Sansurooah Dec 2006

An Assessment Of Threats Of The Physical And Mac Address Layers In Wimax/802.16, Krishnun Sansurooah

Australian Information Security Management Conference

This paper investigates the risks and vulnerabilities associated to the security of the WiMAX/802.16 broadband wireless technology. One of the other aspects of this document will be to review all the associated weaknesses to the Medium Access Control (MAC) layer and at the physical (PHY) layer. The risks and impacts are assessed according to a systematic approach. The approach or methodology is used is according to the European Telecommunication Standards Institute (ETSI). These threats are enumerated and classified accordingly to their risk levels.


A Knowledge Framework For Information Security Modeling, Shuangyan Liu, Ching-Hang Cheung, Lam-For Kwok Dec 2006

A Knowledge Framework For Information Security Modeling, Shuangyan Liu, Ching-Hang Cheung, Lam-For Kwok

Australian Information Security Management Conference

The data collection process for risk assessment highly depends on the security experience of security staffs of an organization. It is difficult to have the right information security staff, who understands both the security requirements and the current security state of an organization and at the same time possesses the skill to perform risk assessment. However, a well defined knowledge model could help to describe categories of knowledge required to guide the data collection process. In this paper, a knowledge framework is introduced, which includes a knowledge model to define the data skeleton of the risk environment of an organization ...


Making Research Real: Is Action Research A Suitable Methodology For Medical Information Security Investigations?, Patricia A. Williams Dec 2006

Making Research Real: Is Action Research A Suitable Methodology For Medical Information Security Investigations?, Patricia A. Williams

Australian Information Security Management Conference

In the medical field, information security is an important yet vastly underrated issue. Research into the protection of sensitive medical data is often technically focused and does not address information systems and behavioural aspects integral to effective information security implementation. Current information security policy and guidelines are strategically oriented which, whilst relevant to large organisations, are less supportive to smaller enterprises such as primary care practices. Further, the conservative nature of the medical profession has been shown to hinder investigation into information technology use and management, making effective improvement based on research problematical. It is an environment which relies greatly ...


The Derivation Of A Conceptual Model For It Security Outsourcing, W D. Wilde, M J. Warren, W Hutchinson Dec 2006

The Derivation Of A Conceptual Model For It Security Outsourcing, W D. Wilde, M J. Warren, W Hutchinson

Australian Information Security Management Conference

IT security outsourcing is the establishment of a contractual relationship between an organization with an outside vendor which assumes responsibility for the organisation’s security functions. Outsourcing in IS has had a variable history of success and the complexity of the decision making process leads to a substantial degree of uncertainty. This is especially so in the realm of IS security since the protection of both hardware and software systems is placed in the hands of an external provider. This paper is a fuller and more comprehensive paper of a previous paper outlining the effectiveness of the decision making process ...


The Lazarus Effect: Resurrecting Killed Rfid Tags, Christopher Bolan Dec 2006

The Lazarus Effect: Resurrecting Killed Rfid Tags, Christopher Bolan

Australian Information Security Management Conference

Several RFID Standards allow RFID Tags to be ‘killed’ using a specialised command code. ‘Killed’ RFID Tags should be irrevocably deactivated. In actuality, when a valid kill command is sent to a tag four sections of the tags management data are zeroed causing the tag to enter a ‘fault state’ and thus be ignored by RFID readers. Through the reinitialisation of these four sections to valid values it was discovered that a tag could be resurrected and function normally.


Telemedicine And The Digital Door Doctor, Darren Webb, Patricia A. Williams Dec 2006

Telemedicine And The Digital Door Doctor, Darren Webb, Patricia A. Williams

Australian Information Security Management Conference

Telemedicine is changing the way medicine can be practiced, and how medical knowledge is communicated, learnt and researched in today’s technologically oriented society. The adoption of internet based communication has significantly expanded the patients’ ability to access a multitude of world class medical information. Research has shown that patients would welcome the ability to consult a doctor using the same computing tools they use to communicate with family, friends and work colleagues. This paper discusses the use of telemedicine today and how it could be used to access medical services from home. Further, it investigates the incentives and barriers ...


Does Your Wireless Lan Have Criminal Intent?, Michael Crowley, Andrew Woodward Dec 2006

Does Your Wireless Lan Have Criminal Intent?, Michael Crowley, Andrew Woodward

Australian Information Security Management Conference

All of the literature relating to wireless network security has focused on the flaws, newer alternatives and suggestions for securing the network. There is much speculation and anecdotal statements in relation to what can happen if a breach occurs, but this is mostly from a computer security perspective, and mostly expressed in terms of potential for financial loss. This paper examines the potential legal ramifications of failing to properly secure a wireless network. Several scenarios are examined within based on usage of wireless on the various category of attack. Legal opinion, backed up with case law, is provided for each ...


Outsourcing: The Security Risk Management Challenge, Carl Colwill Dec 2006

Outsourcing: The Security Risk Management Challenge, Carl Colwill

Australian Information Security Management Conference

The globalisation of business and the growth of the digital networked economy means that virtually any business process can be undertaken by someone else, somewhere in the world. To achieve business transformation within the UK Information and Communication Technology (ICT) sector, BT is taking a strategic approach to outsourcing: this has resulted in a rapid and substantial increase in the outsourcing and offshoring of ICT development, maintenance and support contracts. Each and every outsourcing decision could have major security, legal, regulatory and contractual impacts. It is generally recognised that risks are likely to be compounded when outsourcing to companies based ...


The Information Security Ownership Question In Iso/Iec 27001 – An Implementation, Lizzie Coles-Kemp, Richard E. Overill Dec 2006

The Information Security Ownership Question In Iso/Iec 27001 – An Implementation, Lizzie Coles-Kemp, Richard E. Overill

Australian Information Security Management Conference

The information security management standard ISO/IEC 27001 is built on the notion that information security is driven by risk assessment and risk treatment. Fundamental to the success of risk assessment and treatment is the decision making process that takes risk assessment output and assigns decisions to this output in terms of risk treatment actions. It is argued that the effectiveness of the management system lies in its ability to make effective, easytoimplement and measurable decisions. One of the key issues in decision making is ownership. In this paper two aspects of information security ownership are considered: ownership of the ...


Uncontrollable Privacy - The Right That Every Attacker Desires, Giannakis Antoniou, Stefanos Gritzalis Dec 2006

Uncontrollable Privacy - The Right That Every Attacker Desires, Giannakis Antoniou, Stefanos Gritzalis

Australian Information Security Management Conference

The request of the Internet users enjoying privacy during their e-activities enforces the Internet society to develop techniques which offer privacy to the Internet users, known as Privacy Enhancing Technologies (PETs). Among the Internet users, there are attackers who desire more than anything else to enjoy privacy during their malicious actions, and a PET is what they were looking for. Thus, although a PET should offer privacy to the internet users, proper techniques should also be employed in order to help the victims during the investigation procedure and unveil the identification of the attackers. The paper summarizes the current design ...


The Reality Of Risks From Consented Use Of Usb Devices, Marwan Al-Zarouni Dec 2006

The Reality Of Risks From Consented Use Of Usb Devices, Marwan Al-Zarouni

Australian Information Security Management Conference

Physical security is considered an integral part of information systems security. The idea that small devices pose a security threat for enterprises is well established. On the other hand, consented and supervised access to USB ports via USB flash drives is sometimes allowed. This paper will highlight the risk associated with this kind of access by devices such as IPods and USB flash drives. It will show a proof of concept USB device that runs automatically once connected to a personal computer and copies files and folders from the victim's computer to its storage and executes potentially harmful code ...


The Implementation Of E-Mail Content Management In A Large Corporation, Michael Hansen, Craig Valli Dec 2006

The Implementation Of E-Mail Content Management In A Large Corporation, Michael Hansen, Craig Valli

Australian Information Security Management Conference

It is a well known fact that while Email is a valuable tool to any business that it has also become the main cause in the distribution of viruses, worms and other malware. Further to this is the real threat of spyware that can affect performance on computers, phishing schemes that can cheat employees into giving up valuable information, such as passwords, using social engineering and the timeconsuming and costly effect of spam to a corporate network. This paper will analyse and show the effect of a successful implementation of Email filtering software in a large corporation, together with some ...


Information Security Management And Virtual Collaboration: A Western Australian Perspective, Rosanna Fanciulli Dec 2006

Information Security Management And Virtual Collaboration: A Western Australian Perspective, Rosanna Fanciulli

Australian Information Security Management Conference

This paper presents an ongoing case study into stakeholder perceptions regarding information security management systems in emergent organisations operating in Western Australia. It takes a socio-political perspective on the problem of how to manage simultaneously virtual collaboration and information security management. A literature review introduces the context and history of the research. In light of this, it is proposed that social and political issues need to be researched and addressed before many of the existing technological strategies for information security will succeed. The research project is then outlined and the design and preliminary results presented. The results point to a ...


Qos Issues Of Using Probabilistic Non-Repudiation Protocol In Mobile Ad Hoc Network Environment, Yi-Chi Lin, Jill Slay Dec 2006

Qos Issues Of Using Probabilistic Non-Repudiation Protocol In Mobile Ad Hoc Network Environment, Yi-Chi Lin, Jill Slay

Australian Information Security Management Conference

So as to guarantee the fairness of electronic transactions, users may require a NonRepudiation (NR) service in any type of network. However, most existing NR protocols cannot work properly in a Mobile Ad hoc Network (MANET) due to their characteristics (e.g. limited resources and lack of central authority). The design of the Probabilistic NonRepudiation Protocol (PNRP) is comparatively suitable for the nature of a MANET, but it still poses some QoS issues. This article points out the QoS issues which are caused by using PNRP in a MANET environment. These issues explain the difficult of performing PNRP in such ...


Individuals’ Perceptions Of Wireless Security In The Home Environment, Patryk Szewczyk Dec 2006

Individuals’ Perceptions Of Wireless Security In The Home Environment, Patryk Szewczyk

Australian Information Security Management Conference

Research in 802.11 wireless networking has in the past focused predominantly on corporate wireless network use, or identifying the flaws in wireless security. This study was aimed to determine the individuals’ perceptions of wireless security in the home environment. 163 volunteers completed a survey on their perceptions, knowledge, experiences and attitudes towards wireless networking. The results of the survey indicated that there is little difference in knowledge between those who had worked in the IT industry, and those who did not. The sources of information used to configure wireless networks are not improving the knowledge respondents had on wireless ...


Secure Transmission Of Shared Electronic Health Records: A Review, Rachel J. Mahncke, Patricia A. Williams Dec 2006

Secure Transmission Of Shared Electronic Health Records: A Review, Rachel J. Mahncke, Patricia A. Williams

Australian Information Security Management Conference

Paperbased health records together with electronic Patient Management Systems remain the norm for hospitals and primary care practices to manage patient health information in Australia. Although the benefits of recording patient health information into an electronic format known as an electronic health record (EHR) are well documented, the use of these systems has not yet been fully realised. The next advancement for EHRs is the ability to share health records for the primary purpose of improved patient care. This may for example enable a primary care physician, with the patient’s consent, to electronically share pertinent health information with a ...


Social Engineering And Its Impact Via The Internet, Matthew J. Warren, Shona Leitch Dec 2006

Social Engineering And Its Impact Via The Internet, Matthew J. Warren, Shona Leitch

Australian Information Security Management Conference

Historically social engineering attacks were limited upon a single organisation or single individual at a time. The impact of the Internet and growth of E-Business has allowed social engineering techniques to be applied at a global level. The paper will discuss how new social engineering techniques are being applied and puts forward a conceptual model to allow an understanding of how social engineering attacks are planned and implemented against E-Business activities.


Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks Dec 2006

Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks

Australian Information Warfare and Security Conference

The security industry comprises of diverse and multidisciplined practitioners, originating from many disciplines. It has been suggested that the industry has an undefined knowledge structure, although security experts contain a rich knowledge structure. There has also been limited research mapping security expert knowledge structure, reducing the ability of tertiary educators to provide industry focused teaching and learning. The study utilized multidimensional scaling (MDS) and expert interviews to map the consensual knowledge structure of security experts in their understanding of security risk. Security risk concepts were extracted and critiqued from West Australian university courses. Linguistic analysis categorised the more utilized security ...


Compressed Text Indexing And Range Searching, Yu-Feng Chien, Wing-Kai Hon, Rahul Shah, Jeffrey S. Vitter Dec 2006

Compressed Text Indexing And Range Searching, Yu-Feng Chien, Wing-Kai Hon, Rahul Shah, Jeffrey S. Vitter

Department of Computer Science Technical Reports

No abstract provided.


Branching Pushdown Tree Automata, Rajeev Alur, Swarat Chaudhuri Dec 2006

Branching Pushdown Tree Automata, Rajeev Alur, Swarat Chaudhuri

Departmental Papers (CIS)

We observe that pushdown tree automata (PTAs) known in the literature cannot express combinations of branching and pushdown properties. This is because a PTA processes the children of a tree node in possibly different control states but with identical stacks. We propose branching pushdown tree automata (BPTAs) as a solution. In a BPTA, a push-move views its matching pops as an unbounded, unordered set of successor moves and can assert existential and universal requirements on them, just the way finite automata on unranked, unordered trees pass requirements to the children of a tree node. We show that BPTAs can express ...


Framework For Waveband Switching In Multigranular Optical Networks: Part I-Multigranular Cross-Connect Architectures, Xiaojun Cao, Vishal Anand, Chunming Qiao Dec 2006

Framework For Waveband Switching In Multigranular Optical Networks: Part I-Multigranular Cross-Connect Architectures, Xiaojun Cao, Vishal Anand, Chunming Qiao

Computer Science Faculty Publications

Optical networks using wavelength-division multiplexing (WDM) are the foremost solution to the ever-increasing traffic in the Internet backbone. Rapid advances in WDM technology will enable each fiber to carry hundreds or even a thousand wavelengths (using dense-WDM, or DWDM, and ultra-DWDM) of traffic. This, coupled with worldwide fiber deployment, will bring about a tremendous increase in the size of the optical cross-connects, i.e., the number of ports of the wavelength switching elements. Waveband switching (WBS), wherein wavelengths are grouped into bands and switched as a single entity, can reduce the cost and control complexity of switching nodes by minimizing ...