Auditable data structures: theory and applications

Every digital process needs to consume some data in order to work properly. It is very common for applications to use some external data in their processes, getting them by sources such as external APIs. Therefore, trusting the received data becomes crucial in such scenarios, considering that if the data are not self-produced by the consumer, the trust in the external data source, or in the data that the source produces, can not always be taken for granted. The most used approach to generate trust in the external source is based on authenticated data structures, that are able to authenticate the source when queried through the generation of proofs. Such proofs are useful to assess authenticity or integrity, however, an external user could also be interested in verifying the data history and its consistency. This problem seems to be unaddressed by current literature, which proposes some approaches aimed at executing audits by internal actors with prior knowledge about the data structures. In this paper, we address the scenario of an external auditor with no data knowledge that wants to verify the data history consistency. We analyze the terminology and the current state of the art of the auditable data structures, then we will propose a general framework to support external audits from both internal and external users

Fine-Grained Static Detection of Obfuscation Transforms Using Ensemble-Learning and Semantic Reasoning

International audienceThe ability to efficiently detect the software protections used is at a prime to facilitate the selection and application of adequate deob-fuscation techniques. We present a novel approach that combines semantic reasoning techniques with ensemble learning classification for the purpose of providing a static detection framework for obfuscation transformations. By contrast to existing work, we provide a methodology that can detect multiple layers of obfuscation, without depending on knowledge of the underlying functionality of the training-set used. We also extend our work to detect constructions of obfuscation transformations, thus providing a fine-grained methodology. To that end, we provide several studies for the best practices of the use of machine learning techniques for a scalable and efficient model. According to our experimental results and evaluations on obfuscators such as Tigress and OLLVM, our models have up to 91% accuracy on state-of-the-art obfuscation transformations. Our overall accuracies for their constructions are up to 100%

Digital steganalysis: Computational intelligence approach

In this paper, we present a consolidated view of digital media steganalysis from the perspective of computational intelligence.In our analysis the digital media steganalysis is divided into three domains which are image steganalysis, audio steganalysis, and video steganalysis.Three major computational intelligence methods have also been identified in the steganalysis domains which are bayesian, neural network, and genetic algorithm.Each of these methods has its own pros and cons

Improving Authenticated Dynamic Dictionaries, with Applications to Cryptocurrencies

We improve the design and implementation of two-party and three-party authenticated dynamic dictionaries and apply these dictionaries to cryptocurrency ledgers. A public ledger (blockchain) in a cryptocurrency needs to be easily verifiable. However, maintaining a data structure of all account balances, in order to verify whether a transaction is valid, can be quite burdensome: a verifier who does not have the large amount of RAM required for the data structure will perform slowly because of the need to continually access secondary storage. We demonstrate experimentally that authenticated dynamic dictionaries can considerably reduce verifier load. On the other hand, per-transaction proofs generated by authenticated dictionaries increase the size of the blockchain, which motivates us to find a solution with most compact proofs. Our improvements to the design of authenticated dictionaries reduce proof size and speed up verification by 1.4-2.5 times, making them better suited for the cryptocurrency application. We further show that proofs for multiple transactions in a single block can compressed together, reducing their total length by approximately an additional factor of 2. We simulate blockchain verification, and show that our verifier can be about 20 times faster than a disk-bound verifier under a realistic transaction load

Culture and Information Security Awareness: Examining the Role of Organisational and Security Culture

This item is only available electronically.The relationship between security culture and ISA has received preliminary support; however, its interplay with organisational culture is yet to be empirically explored. Therefore, this study examined the relationship between ISA, organisational culture, and security culture. A total of 508 working Australians completed an online questionnaire. ISA was measured using the Human Aspects of Information Security Questionnaire (HAIS-Q); organisational culture was measured using the Denison Organisational Culture Survey (DOCS); and security culture was assessed through the Organisational Security Culture Measure. Our results showed that while organisational culture and security culture were correlated with ISA, security culture mediated the relationship between organisational culture and ISA. This finding has important applied implications. Organisations can improve ISA by focussing on security culture rather than organisational culture, saving them time and resources. Future research could further extend current findings by also considering national culture.Thesis (M.Psych(Organisational & Human Factors)) -- University of Adelaide, School of Psychology, 201

1851 International Sanitary Conference and the construction of an international sphere of public health

Focusing on the 1851 International Sanitary Conference, this dissertation analyses an important episode in the international regulation of health, trade, passengers, and cargo in a period of epidemic crisis. It argues that a group of diplomats and physicians appointed to represent 12 European nations instituted a new international forum that extended – and occasionally rivalled – national and local agencies for epidemic governance. Together, delegates endeavoured to establish a common sanitary policy in Europe and in the Orient. By creating shared surveillance and judicial mechanisms – while standardising definitions and practices – delegates aimed to engineer the flow of people, vessels, cargo, and diseases in the Mediterranean region. As a transnational forum, the Conference was a platform where doctors and diplomats reinterpreted models of public health and sanitary administration while creating institutions that challenged conventional concepts of borders, national policy, and state sovereignty. As a multinational event, the Conference marked the unprecedented transition from local, national and, bilateral public health policies into a coherent transnational project for the governance of epidemics. The dissertation is based on extensive research conducted in hitherto largely unexplored medical, diplomatic, and national collections in Britain, France, Italy, Portugal, Spain, and the United States of America. Sources ranging from diplomatic correspondence to medical publications and personal diaries, tie together multiple national and professional perspectives while untangling a diversity of personal and state agendas that fundamentally shaped the foundation of international public health mechanisms and contributed towards the crystallisation of medical concepts. Chapter one demonstrates how economic and political concerns about the impact of quarantine on international trade led to calls for international regulation and the standardization of quarantine practices in the Mediterranean region. Drawing on medical reports, pamphlets and diplomatic correspondence, the chapter exposes the multitude of quarantine practices in the Mediterranean region and a growing international demand for prophylactic reform. These exchanges, it is shown, culminated with the organization of the 1851 International Sanitary Conference in Paris. Chapter two argues that the Conference challenged previous diplomatic and medical protocols by including two professional groups in the process of regulating international public health. The lack of precedent allowed diplomatic and medical delegates to establish new rules for the conduct of the conference, which gave them a relatively high level of autonomy from the states they represented. Chapter three focuses on the problems of constructing a shared aetiological classification and regulating quarantine practices. It shows that, although doctors gained progressive control over the Conference, ultimately diplomatic agendas shaped the final outcome. In addition, it demonstrates that, rather than defending the elimination of quarantines, liberal states supported the continuation of quarantine practice in the Mediterranean; albeit that they managed to severely limit its operation in practice. Finally, chapter four examines how European and Oriental sanitary institutions were uniformly redesigned and new international judicial mechanisms created. These measures variously affected the sovereignty of the participating states by limiting their independent capacity to set national epidemic policies. However, the chapter argues that these negotiations took the shape of sovereignty bargains: by loosening control over specific elements of their sovereignty, states managed to advance their political, economic and sanitary agendas. By looking at the International Sanitary Conference of 1851, this dissertation shows how the foundations of international public health had consequences not only for the control of epidemic diseases and the circulation of goods and people in the Mediterranean region, but also for the authority and status of the nation states. By doing so, it reveals that international public health governance resulted from the amalgamation of a particular configuration of expert and diplomatic struggles and compromises. Moreover, the dissertation shifts the traditional local and national focus in the history of medicine to a wider and international context where local and national traditions struggled to produce coherent discourses and practices

Management: A bibliography for NASA managers

This bibliography lists 731 reports, articles and other documents introduced into the NASA Scientific and Technical Information System in 1990. Items are selected and grouped according to their usefulness to the manager as manager. Citations are grouped into ten subject categories: human factors and personnel issues; management theory and techniques; industrial management and manufacturing; robotics and expert systems; computers and information management; research and development; economics, costs and markets; logistics and operations management; reliability and quality control; and legality, legislation, and policy