4,706 research outputs found

    The threat of ransomware in the food supply chain: a challenge for food defence

    Get PDF
    In the food industry, the level of awareness of the need for food defence strategies has accelerated in recent years, in particular, mitigating the threat of ransomware. During the Covid-19 pandemic there were a number of high-profile organised food defence attacks on the food industry using ransomware, leading to imperative questions over the extent of the sector’s vulnerability to cyber-attack. This paper explores food defence through the lens of contemporary ransomware attacks in order to frame the need for an effective ransomware defence strategy at organisational and industry level. Food defence strategies have historically focused on extortion and sabotage as threats, but often in terms of physical rather than cyber-related attacks. The globalisation, digitalisation and integration of food supply chains can increase the level of vulnerability to ransomware. Ransomware is an example of an organised food defence threat that can operationalise both extortion and sabotage, but the perpetrators are remote, non-visible and often anonymous. Organisations need to adopt an effective food defence strategy that reduces the risk of a ransomware attack and can enable targeted and swift action in the event an incident occurs. Further collaboration between government and the private sector is needed for the development of effective governance structures addressing the risk of ransomware attacks. The novelty of this article lies in analysing the issue of ransomware attacks from the perspective of the food sector and food defence strategy. This study is of potential interest to academics, policy makers and those working in the industry

    Configuration Management of Distributed Systems over Unreliable and Hostile Networks

    Get PDF
    Economic incentives of large criminal profits and the threat of legal consequences have pushed criminals to continuously improve their malware, especially command and control channels. This thesis applied concepts from successful malware command and control to explore the survivability and resilience of benign configuration management systems. This work expands on existing stage models of malware life cycle to contribute a new model for identifying malware concepts applicable to benign configuration management. The Hidden Master architecture is a contribution to master-agent network communication. In the Hidden Master architecture, communication between master and agent is asynchronous and can operate trough intermediate nodes. This protects the master secret key, which gives full control of all computers participating in configuration management. Multiple improvements to idempotent configuration were proposed, including the definition of the minimal base resource dependency model, simplified resource revalidation and the use of imperative general purpose language for defining idempotent configuration. Following the constructive research approach, the improvements to configuration management were designed into two prototypes. This allowed validation in laboratory testing, in two case studies and in expert interviews. In laboratory testing, the Hidden Master prototype was more resilient than leading configuration management tools in high load and low memory conditions, and against packet loss and corruption. Only the research prototype was adaptable to a network without stable topology due to the asynchronous nature of the Hidden Master architecture. The main case study used the research prototype in a complex environment to deploy a multi-room, authenticated audiovisual system for a client of an organization deploying the configuration. The case studies indicated that imperative general purpose language can be used for idempotent configuration in real life, for defining new configurations in unexpected situations using the base resources, and abstracting those using standard language features; and that such a system seems easy to learn. Potential business benefits were identified and evaluated using individual semistructured expert interviews. Respondents agreed that the models and the Hidden Master architecture could reduce costs and risks, improve developer productivity and allow faster time-to-market. Protection of master secret keys and the reduced need for incident response were seen as key drivers for improved security. Low-cost geographic scaling and leveraging file serving capabilities of commodity servers were seen to improve scaling and resiliency. Respondents identified jurisdictional legal limitations to encryption and requirements for cloud operator auditing as factors potentially limiting the full use of some concepts

    Information actors beyond modernity and coloniality in times of climate change:A comparative design ethnography on the making of monitors for sustainable futures in Curaçao and Amsterdam, between 2019-2022

    Get PDF
    In his dissertation, Mr. Goilo developed a cutting-edge theoretical framework for an Anthropology of Information. This study compares information in the context of modernity in Amsterdam and coloniality in Curaçao through the making process of monitors and develops five ways to understand how information can act towards sustainable futures. The research also discusses how the two contexts, that is modernity and coloniality, have been in informational symbiosis for centuries which is producing negative informational side effects within the age of the Anthropocene. By exploring the modernity-coloniality symbiosis of information, the author explains how scholars, policymakers, and data-analysts can act through historical and structural roots of contemporary global inequities related to the production and distribution of information. Ultimately, the five theses propose conditions towards the collective production of knowledge towards a more sustainable planet

    Distributed Ledger Technology (DLT) Applications in Payment, Clearing, and Settlement Systems:A Study of Blockchain-Based Payment Barriers and Potential Solutions, and DLT Application in Central Bank Payment System Functions

    Get PDF
    Payment, clearing, and settlement systems are essential components of the financial markets and exert considerable influence on the overall economy. While there have been considerable technological advancements in payment systems, the conventional systems still depend on centralized architecture, with inherent limitations and risks. The emergence of Distributed ledger technology (DLT) is being regarded as a potential solution to transform payment and settlement processes and address certain challenges posed by the centralized architecture of traditional payment systems (Bank for International Settlements, 2017). While proof-of-concept projects have demonstrated the technical feasibility of DLT, significant barriers still hinder its adoption and implementation. The overarching objective of this thesis is to contribute to the developing area of DLT application in payment, clearing and settlement systems, which is still in its initial stages of applications development and lacks a substantial body of scholarly literature and empirical research. This is achieved by identifying the socio-technical barriers to adoption and diffusion of blockchain-based payment systems and the solutions proposed to address them. Furthermore, the thesis examines and classifies various applications of DLT in central bank payment system functions, offering valuable insights into the motivations, DLT platforms used, and consensus algorithms for applicable use cases. To achieve these objectives, the methodology employed involved a systematic literature review (SLR) of academic literature on blockchain-based payment systems. Furthermore, we utilized a thematic analysis approach to examine data collected from various sources regarding the use of DLT applications in central bank payment system functions, such as central bank white papers, industry reports, and policy documents. The study's findings on blockchain-based payment systems barriers and proposed solutions; challenge the prevailing emphasis on technological and regulatory barriers in the literature and industry discourse regarding the adoption and implementation of blockchain-based payment systems. It highlights the importance of considering the broader socio-technical context and identifying barriers across all five dimensions of the social technical framework, including technological, infrastructural, user practices/market, regulatory, and cultural dimensions. Furthermore, the research identified seven DLT applications in central bank payment system functions. These are grouped into three overarching themes: central banks' operational responsibilities in payment and settlement systems, issuance of central bank digital money, and regulatory oversight/supervisory functions, along with other ancillary functions. Each of these applications has unique motivations or value proposition, which is the underlying reason for utilizing in that particular use case

    Assessing the Role and Regulatory Impact of Digital Assets in Decentralizing Finance

    Get PDF
    This project will explore the development of decentralized financial (DeFi) markets since the first introduction of digital assets created through the application of a form of distributed ledger technology (DLT), known as blockchain, in 2008. More specifically, a qualitative inquiry of the role of digital assets in relation to traditional financial markets infrastructure will be conducted in order to answer the following questions: (i) can the digital asset and decentralized financial markets examined in this thesis co-exist with traditional assets and financial markets, and, if so, (ii) are traditional or novel forms of regulation (whether financial or otherwise) needed or desirable for the digital asset and decentralized financial markets examined herein? The aim of this project will be to challenge a preliminary hypothesis that traditional and decentralized finance can be compatible; provided, that governments and other centralized authorities approach market innovations as an opportunity to improve existing monetary infrastructure and delivery of financial services (both in the public and private sector), rather than as an existential threat. Thus, this thesis seeks to establish that, through collaborating with private markets to identify the public good to which DeFi markets contribute, the public sector can foster an appropriate environment which is both promotive and protective of the public interest without unduly stifling innovation and progress

    UMSL Bulletin 2023-2024

    Get PDF
    The 2023-2024 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1088/thumbnail.jp

    The development, feasibility, and acceptability of a breakfast group intervention for stroke rehabilitation

    Get PDF
    Background: There are 1.2 million stroke survivors in the UK and the number is projected to increase significantly over the next decade. Research suggests that between 50% and 80% of hospitalised stroke survivors experience difficulties with eating and drinking. Presently, rehabilitation approaches to address these difficulties involve individual rehabilitation sessions led by uni-professionals. Recent national stroke guidance recommends that stroke survivors receive three hours of daily rehabilitation and emphasises the importance of addressing the psychosocial aspects of recovery. Implementing these recommendations presents a challenge to healthcare professionals, who must explore innovative methods to provide the necessary rehabilitation intensity. This study aimed to address these challenges by codesigning a multi-disciplinary breakfast group intervention and implementation toolkit to improve psychosocial outcomes. Methods: The Hawkins 3-step framework for intervention design was used to develop a multidisciplinary breakfast group intervention and to understand if it was acceptable and feasible for patients and healthcare professionals in an acute stroke ward. The Hawkins 3- steps were 1) evidence review and consultations 2) coproduction 3) prototyping. In collaboration with fifteen stakeholders, a prototype breakfast group intervention and implementation toolkit were codesigned over four months. Experience-based Codesign was used to engage stakeholders. Results: The literature review is the first to investigate the psychosocial impact of eating and drinking difficulties post stroke. The key finding was the presence of psychological and social impacts which included, the experience of loss, fear, embarrassment shame and humiliation as well as social isolation. Stroke survivors were striving to get back to normality and this included the desire to socially dine with others. Two prototype iterations of the intervention were tested with 16 stroke survivors across three hospital sites. The multidisciplinary breakfast group intervention was designed to offer intensive rehabilitation in a social group context. The codesigned implementation toolkit guided a personalised and tailored approach. A perceived benefit of the intervention was the opportunity to address the psychosocial aspects of eating and drinking rehabilitation as well as providing physical rehabilitation. Stroke survivors highly value the opportunity to socialise and receive support from their peers. The intervention was acceptable to both patients and healthcare professionals, and the workforce model proved practical and feasible to deliver using a collaborative approach in the context of resource-limited healthcare. Conclusions: The breakfast group interventions, developed through codesign, were positively received by patients and staff and feasible to deliver. They introduce an innovative and novel approach to stroke rehabilitation, personalised to each individual's needs, and offer a comprehensive intervention which addresses both physical and psychosocial aspects which target challenges related to eating and drinking. Unique contributions of this study include a theoretical model for breakfast group interventions, a programme theory and practical tool kit for clinicians to support the translation of research findings and implement breakfast groups in clinical practice

    UMSL Bulletin 2022-2023

    Get PDF
    The 2022-2023 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1087/thumbnail.jp

    Cloud Forensic: Issues, Challenges and Solution Models

    Full text link
    Cloud computing is a web-based utility model that is becoming popular every day with the emergence of 4th Industrial Revolution, therefore, cybercrimes that affect web-based systems are also relevant to cloud computing. In order to conduct a forensic investigation into a cyber-attack, it is necessary to identify and locate the source of the attack as soon as possible. Although significant study has been done in this domain on obstacles and its solutions, research on approaches and strategies is still in its development stage. There are barriers at every stage of cloud forensics, therefore, before we can come up with a comprehensive way to deal with these problems, we must first comprehend the cloud technology and its forensics environment. Although there are articles that are linked to cloud forensics, there is not yet a paper that accumulated the contemporary concerns and solutions related to cloud forensic. Throughout this chapter, we have looked at the cloud environment, as well as the threats and attacks that it may be subjected to. We have also looked at the approaches that cloud forensics may take, as well as the various frameworks and the practical challenges and limitations they may face when dealing with cloud forensic investigations.Comment: 23 pages; 6 figures; 4 tables. Book chapter of the book titled "A Practical Guide on Security and Privacy in Cyber Physical Systems Foundations, Applications and Limitations", World Scientific Series in Digital Forensics and Cybersecurit
    • …
    corecore