William Caelli

• PhD, B.Sc. (Hons)
• Professor Emeritus at Queensland University of Technology

The auditability of telephone call records plays an essential governance role in the electricity industry in Australia as non-compliance with the Australian National Electricity Rules can lead to financial charges and results in a developing a poor reputation. The existing telephone call recording processes using manual logbook entries, or a record...

Energy market trading systems are undergoing rapid transformation due to an increasing demand for renewable energy sources to be integrated into the power grid, coupled with the dynamic and evolving needs of future energy customers. In the current energy trading system, which is based on mega power generation, energy is traded by insecure means of...

The purpose of this study is twofold. First, this study proposes a cost-effective LoRa gateway to improve bandwidth utilisation to achieve optimal network throughput for LoRa networks from a hardware design perspective. Secondly, this study creates a design for adaptive and autonomous algorithm to allocate bandwidth while meeting dynamic throughput...

Moving Trading Communication Systems (TCSs) services to the cloud may seem to be a cost-effective choice. However, operating cloud-based TCSs across the Internet does face a number of challenges including availability, quality of service (QoS), performance and security issues. This research examines the feasibility for creation of a usable model to...

Unified communications as a service (UCaaS) can be regarded as a cost-effective model for on-demand delivery of unified communications services in the cloud. However, addressing security concerns has been seen as the biggest challenge to the adoption of IT services in the cloud. This study set up a cloud system via VMware suite to emulate hosting u...

Unified Communication (UC) is the integration of two or more real time communication systems into one platform. Integrating core communication systems into one overall enterprise level system delivers more than just cost saving. These real-time interactive communication services and applications over Internet Protocol (IP) have become critical in b...

An increasing number of countries are faced with an aging population increasingly needing healthcare services. For any e-health information system, the need for increased trust by such clients with potentially little knowledge of any security scheme involved is paramount. In addition notable scalability of any system has become a critical aspect of...

While enhanced cybersecurity options, mainly based around cryptographic functions, are needed overall speed and performance of a healthcare network may take priority in many circumstances. As such the overall security metrics and performance of those cryptographic functions in their embedded context needs to be understood in detail. Understanding t...

This paper addresses the development of trust in the use of Open Data through incorporation of appropriate authentication and integrity parameters for use by end user Open Data application developers in an architecture for trustworthy Open Data Services. The advantages of this architecture scheme is that it is far more scalable, not another certifi...

Cloud Computing, based on early virtual computer concepts and technologies, is now itself a maturing technology in the marketplace and it has revolutionized the IT industry, being the powerful platform that many businesses are choosing to migrate their in-premises IT services onto. Cloud solution has the potential to reduce the capital and operatio...

Many software applications extend their functionality by dynamically loading libraries into their allocated address space. However, shared libraries are also often of unknown provenance and quality and may contain accidental bugs or, in some cases, deliberately malicious code. Most sandboxing techniques that address these issues require recompilati...

In recent years, increasing focus has been made on making good business decisions utilizing the product of data analysis. With the advent of the Big Data phenomenon, this is even more apparent than ever before. But the question is how can organizations trust decisions made on the basis of results obtained from analysis of untrusted data? Assurances...

Internet insecurity is inevitable if a high proportion of Internet users are insufficiently aware of the inherent risks involved, whilst those cognizant of those risks are denied the facilities to manage and control them. This paper highlights the first issue and discusses a potential approach to the second. © IFIP International Federation for Info...

For any discipline to be regarded as a professional undertaking by which its members may be treated as true “professionals” in a specific area, practitioners must clearly understand that discipline’s history as well as the place and significance of that history in current practice as well as its relevance to available technologies and artefacts at...

To protect the health information security, cryptography plays an important role to establish confidentiality, authentication, integrity and non-repudiation. Keys used for encryption/decryption and digital signing must be managed in a safe, secure, effective and efficient fashion. The certificate-based Public Key Infrastructure (PKI) scheme may see...

Modern applications comprise multiple components, such as browser plug-ins, often of unknown provenance and quality. Statistics show that failure of such components accounts for a high percentage of software faults. Enabling isolation of such fine-grained components is therefore necessary to increase the robustness and resilience of security-critic...

Current research in secure messaging for Vehicular Ad hoc Networks VANETs focuses on employing a digital certificate-based Public Key Cryptosystem PKC to support security. However, the security overhead of such a scheme creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes a n...

Security for e-commerce is a vital topic due to the relentless drive to more business and commerce to the internet. Consumers are being strongly encouraged by the profit-oriented, cost-minimisation nature of commercial enterprises to shop on-line. Consumers themselves, though, have limited confidence about the security of their personal information...

A set of relevant quotes could ‘set the scene’ for research into and discussion of the policy and law aspects of DoS/DDoS against global, national and defence information infrastructures (GII, NII, DII), national critical infrastructure (CNI) and the nation state itself (Information Warfare, Cyber-warfare, Electronic Warfare).

The major purpose of Vehicular Ad Hoc Networks (VANETs) is to provide safety-related message access for motorists to react or make a life-critical decision for road safety enhancement. Accessing safety-related information through the use of VANET communications, therefore, must be protected, as motorists may make critical decisions in response to e...

Increasingly, national and international governments have a strong mandate to develop national ehealth systems to enable delivery of much-needed healthcare services. Research is, therefore, needed into appropriate security and reliance structures for the development of health information systems which must be compliant with governmental and alike o...

The level of economic and social cost arising from large scale disasters has become apparent in recent years. One of the conclusions that can be drawn from recent experiences is that both corporations and regulators have difficulty in predicting both the post disaster scenario, and the results of management actions in these scenarios. This paper di...

Comprehensive BCM plan testing for complex information systems is difficult and expensive, if not infeasible. This paper suggests that a simulator could be employed to ameliorate these problems. A general model for such a BCM simulator is presented, and the implementation of a prototype simulator is described. The simulator reacts to system disturb...

The term “cloud computing” has emerged as a major ICT trend and has been acknowledged by respected industry survey organizations as a key technology and market development theme for the industry and ICT users in 2010. However, one of the major challenges that faces the cloud computing concept and its global acceptance is how to secure and protect t...

Critical, or national, information infrastructure protection, referred to as either CIIP or NIIP, has been highlighted as a critical factor in overall national security by the United States, the United Kingdom, India and the European Community. As nations move inexorably towards so-called ‘digital economies’, critical infrastructure depends on info...

At the 50th anniversary of the formation of the International Federation for Information Processing the simple fact that national economies and international commerce alike have become totally dependent upon the reliable and secure operation of national and global information infrastructures has been accepted. Moreover, the realization that societi...

This paper proposes a security architecture for the basic cross indexing systems emerging as foundational structures in current health information systems. In these systems unique identifiers are issued to healthcare providers and consumers. In most cases, such numbering schemes are national in scope and must therefore necessarily be used via an in...

E-health systems must be capable of adhering to clearly defined security policies based upon legal requirements, regulations and ethical standards while catering for dynamic healthcare and professional needs. Further, such security policies, incorporating enterprise level principles of privacy, integrity and availability, coupled with appropriate a...

The traditional means for isolating applications from each other is via the use of operating system provided "process" abstraction facilities. However, as applications now consist of multiple fine-grained, independent and separately acquired components, the traditional process abstraction model is proving to be insufficient in ensuring this isolati...

Information and Communications Technologies globally are moving towards Service Oriented Architectures and Web Services. The healthcare environment is rapidly moving to the use of Service Oriented Architecture/Web Services systems interconnected via this global open Internet. Such moves present major challenges where these structures are not based...

The Open and Trusted Health Information Systems (OTHIS) Research Group has formed in response to the health sector’s privacy and security requirements for contemporary Health Information Systems (HIS). Due to recent research developments in trusted computing concepts, it is now both timely and desirable to move electronic HIS towards privacy-aware...

It is postulated that the advantage of automated information security compliance auditing can extend beyond a mere reduction in the cost of IS governance conformance to the establishment of a regime enhancing organizational information security. The lack of standardization of organizational security documentation was identified as a major hurdle in...

The potential for development and deployment of trusted health information systems (HIS) based upon intrinsically more secure computer system architectures than those in general use, as commodity level systems, in today's marketplace is investigated in this paper. A proposal is made for a viable, trusted architecture for HIS, entitled the “Open Tru...

It is well recognised that adoption of information communication and technology (ICT) in healthcare can transform healthcare services. Numerous countries are seeking to establish national e-health development and implementation. To collect, store and process individual health information in an electronic system, healthcare providers need to comply...

By its definition discretionary access control or DAC was not designed or intended for use in the untrusted environment of current globally connected information systems. In addition, DAC assumed control and responsibility for all programs vested in the user; a situation now largely obsolete with the rapid development of the software industry itsel...

The Security services within applications have received recent attention. It has been suggested that this may be the only way to increase overall information system assurance in an era where ICT governance and compliance have taken on new force and the use of commodity level ICT products for critical information systems continues. While it has been...

Ongoing concerns have been raised over the effectiveness of information technology products and systems in maintaining privacy protection for sensitive data. The aim is to ensure that sensitive health information can be adequately protected yet still be accessible only to those that "need-to-know". To achieve this and ensure sustainability over the...

The main contribution of this paper is to investigate issues in using Mandatory Access Controls (MACs), namely those provided by SELinux, to secure application-level data. Particular emphasis is placed on health-care records located on the grid. The paper disccuses the importance of a trusted computing base in providing application security. It de-...

This paper proposes a viable IT-based solution for ensuring the privacy and security of sensitive information in contemporary Health Information Systems (HIS).

The Self-Defending Object (SDO) concept extends the current object-oriented programming paradigm to specifically target the peculiar requirements of Security Aware Application (SAA) development. This paper discusses the SDO Distribution Architecture (SDODA) that enables the use of the SDO concept in development of distributed SAAs. Specifically the...

Commercial Key Escrow (CKE), and an earlier Software Key Escrow (SKE) scheme, have been proposed by Trusted Information Systems Inc. (TIS) in the USA as a possible compromise scheme to meet the demands of commerce and industry for new levels of information security, particularly transaction and message confidentiality in an international and nation...

The goal of the Computer Architecture for Secure Systems (CASS) project [1] is to develop an architecture and tools to ensure the security and integrity of software in distributed systems. CASS makes use of various cryptographic techniques at the operating system kernel level to authenticate software integrity. The CASS shell, the work described in...

There are now more than 7 million internet banking users in Australia. Despite this substantial uptake in Australia, Australian banks continue to concentrate their respective security efforts upon internal mechanisms. Education of bank customers has not for the most part solved the fundamental flaws existent in internet banking. It is widely accept...

Robust technological enforcement of DRM licenses assumes that the prevention of direct access to the raw bit representation of decrypted digital content and the license enforcement mechanisms themselves is possible. This is difficult to achieve on an open computing platform such as a PC. Recent trusted computing initiatives namely, the Trusted Comp...

The self defending object (SDO) approach to the development of security aware applications represents a change in the object oriented paradigm, whereby the software objects that encapsulate sensitive data or provide security sensitive functionality are responsible for its protection. Such an approach aims at de ning and testing new concepts related...

The increasing use of general-purpose computer systems for critical infrastructure control, rather than the traditional dedicated system, raises significant security concerns. These concerns are further compounded by the integration of these control systems with general-purpose networks and the use of wireless technologies within these networks. Co...

One of the primary flaws with current digital signature technology is that a digital signature does not "feel" or resemble a traditional seal or personal signature to the human observer; lacking a sense of visualisation and changing each time it is applied. This paper reviews the historical value of seals in Eastern and Western cultures to provide...

The self defending object (SDO) approach to the development of security aware applications represents a change in the object oriented paradigm, whereby the software objects that encapsulate sensitive data or provide security sensitive functionality are responsible for its protection. Such an approach aims at defining and testing new concepts relate...

"It's not the Net, it's the Nodes" is a clear statement of fact. Security concerns in an Internet / Web connected information systems environment can largely be attributed to problems in basic computer security rather than related problems in the formats, protocols, technology and artefacts that comprise the associated data communications networks....

It is appropriate to pause and reflect on the state of computer and associated data network security at the start of the new millennium. This is particularly appropriate in a country that itself pioneered the use of encryption some thousands of years ago. This paper proposes that the role of government in relation to its community care responsibili...

This paper describes the design and specification of a roles and rights mark-up language (R2ML) that provides a role based access control policy for applications executing in a distributed e-commerce environment. The R2ML language was written using XML and a test trading application (AUTONET) was developed using the Java enterprise environment (J2E...

This workshop paper describes the design and specification of a Roles and Rights Mark-up Language (R2ML)that provides a Role Based Access Control policy for applications executing in a distributed e-commerce environment. The R2ML language was written using XML and a test trading application (AUTONET)was developed using the Java Enterprise Environme...

This paper proposes that an urgent re-evaluation is needed to assess whether or not X.509 certificate based structures are the best technology to implement security schemes for business-to-business (B2B) electronic commerce operations. In particular it proposes that alternative structures based around simplified directory schemes and “trading partn...

This paper proposes that an urgent re-evaluation is needed to assess whether or not X.509 certificate based structures are the best technology to implement security schemes for business-to-business (B2B) electronic commerce operations. In particular it proposes that alternative structures based around simplified directory schemes and "trading partn...

Global electronic commerce (E-comm) necessitates a high degree of trust in its operation for widespread acceptance at government, enterprise and individual levels. In order to achieve this cryptographic systems must play a major part in the overall ‘trust-building’ cycle and, within the cryptography realm, public key cryptography has emerged over t...

There is growing move to rely upon penetration detection / analysis schemes and add-on software processes and network security products to combat attacks on information systems used for the operation of global electronic business / commerce systems. These sub-systems and management procedures have taken the place of the development and deployment o...

Although dominant literature exists that strongly suggests that RBAC is at the point of maturity and will be become predominant technology, there are limitations that currently restrict RBAC from evolving and reaching its full potential. While current RBAC models successfully allow organizations to model security from an enterprise perspective, the...

Developing smart card applications to work in massively distributed environments requires consistency to ensure reliable functionality. A likely point of error occurs at the boundaries of interlinked applications or transactions. Every individual access to a service maybe represented as a transaction between the partners of the information system....

As the computing world progresses towards open systems the potential of Information Systems is expanding rapidly. This and the process of open standardisation makes it imperative that security is built in to the these systems. There has also been substantial publicity concerning the `information superhighway' and the privacy of the information flow...

A large number of electronic cash schemes have been proposed in the literature and several commercial ventures have started which claim to provide an anonymous payment protocol. These schemes have been designed to provide certain security properties. Not all the schemes have proven to be practical and the precise security properties of the differen...

Without Abstract

This note describes the design of a trusted clock on a secure device such as a card accepting unit of the type used for financial transactions. The system is resistant to attacks by fraudulent messages and to replays of previous messages. A recommendation on the message formats is made.

Designers and users of encryption algorithms used in cipher systems need a systematic approach in examining their ciphers prior to use, to ensure that they are safe from cryptanalytic attack. This paper describes a computer package used for assessing the security of newly-developed encryption algorithms.

Distributed computing systems impose new requirements on the security of the operating systems and hardware structures of the computers participating in a distributed data network environment. It is proposed that multiple level (greater than two) security hardware, with associated full support for that hardware at the operating system level, is req...

Information Security Management consists of various facets, such as Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery; these are all interrelated in some way, often causing uncertainty and confusion among top management. This paper proposes a model for Information Security Management, called an...

Information Security Management consists of various facets, such as Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery; these are all interrelated in some way, often causing uncertainty and confusion among top management. This paper proposes a model for Information Security Management, called an...

Information Security Management consists of various facets, for example Information Security Policy, Risk Analysis, Risk Management, Contingency Planning and Disaster Recovery which are all interrelated in some way. These interrelationships often cause uncertainty and confusion among top management. Proposes a model for Information Security Managem...

Abstract mechanisms and services form a basic part of the security features of computer and data network systems. Application and system/sub-system programs alike require access to these mechanisms, including encryption and key management functions, in a controlled, guaranteed and reliable form. Such cryptographic sub-systems may be components of s...

This paper describes an evaluation of the effectiveness of two versions of Hewlett Packard's UNIX operating system, HP-UX, to protect a sensitive database set up under the ORACLE Data Base Management System, using Version 1.0 of the European Information Technology Security Evaluation Criteria (ITSEC) as the basis for the evaluation. An outline of t...

The advances made by malicious hackers and some current and future means of prevention are examined. The various strains of computer viruses are described. Among these are new types such as stealth and polymorphic viruses, which are difficult to detect. ...

Cryptanalysis of files encrypted with the locked document option of the word processing package WordPerfect V5.0, is shown to be remarkably simple. The encryption key and the plaintext are easily recovered in a ciphertext only attack. File security is thus compromised and is not in accord with the claim by the manufacturer that: “If you forget the...

In this volume, originally published in 1990, are included papers presented at two meetings; one a workshop on Number Theory and Cryptography, and the other, the annual meeting of the Australian Mathematical Society. Questions in number theory are of military and commercial importance for the security of communication, as they are related to codes...

Several DES replacement block ciphers have been published. In this paper a report will be given on the development of a package for analysis and comparison of block ciphers. Experimental results are presented on applying this package to DES, FEAL-N, and Madryga ciphers.

Part 1: security policy and organizational structure personnel and responsibilities access control and cryptographic controls information flow control security of stored data monitoring and audit trails military and commercial security. Part 2: risk analysis and management conventional computer security risk analysis and management Courtney Techniq...

The differential cross section for the 36Ar(α, γ0)40Ca reaction was measured at 90° to the beam direction in 125 keV, 50 keV and 50 keV intervals over the bombarding energy ranges 6–17 MeV, 6.54–8.81 MeV and 11.67–13.65 MeV, respectively. Gamma-ray angular distributions were measured at eighteen bombarding energies. The results indicate that the re...

The reactions 9Be(3He,gammagamma), 10B(d,p), 10B(d,alpha), and 10B(d,gammagamma) have been used to search for the lowest T=2 state of 12C. A possible candidate for the state has been observed in 9Be (3He,gammagamma) at Ex=27.585+/-0.005 MeV. For the other three reactions, no resonances were observed and upper limits have been set on partial widths.

Excitation functions for the reaction 11B( 3He, γ 0) 14N have been measured, at 0° and 90° in 25 keV steps for 3He energies between 0.9 and 2.6 MeV. The γ-ray detector used was a 23.8 × 25.4 cm NaI(Tl) crystal. When the yield from the reaction is divided by the barrier penetration factor a broad resonance is seen at both angles, which peaks at a 3H...

The essence of Role-Based Access Control (RBAC) is that system permissions are assigned to defined "roles" rather than to individual users. Users acquire these permissions by virtue of being authorised to act in a categorised manner known as a "role". The driving motivation for RBAC is to simplify security policy administration while facilitating t...

This paper sets out the proposition that mandatory security functionality, with its associated enforcement and evaluation criteria, are required in computer and data network systems to meet emerging national and international laws and guidelines for information systems security. The OECD 1992 Guidelines for Information Systems Security are used as...