Public diplomacy: meeting new challenges. Report of Wilton Park Conference 902

What is the role of public diplomacy in the delivery of international objectives? Is there scope for more intergovernmental collaboration? Do governments understand their audiences and how best to reach them? In what ways can practitioners take advantage of new technology? What can be learnt from non-governmental actors? How to ensure sharing of best practice

The true cost of unusable password policies: password use in the wild

HCI research published 10 years ago pointed out that many users cannot cope with the number and complexity of passwords, and resort to insecure workarounds as a consequence. We present a study which re-examined password policies and password practice in the workplace today. 32 staff members in two organisations kept a password diary for 1 week, which produced a sample of 196 passwords. The diary was followed by an interview which covered details of each password, in its context of use. We find that users are in general concerned to maintain security, but that existing security policies are too inflexible to match their capabilities, and the tasks and contexts in which they operate. As a result, these password policies can place demands on users which impact negatively on their productivity and, ultimately, that of the organisation. We conclude that, rather than focussing password policies on maximizing password strength and enforcing frequency alone, policies should be designed using HCI principles to help the user to set an appropriately strong password in a specific context of use

A new Definition and Classification of Physical Unclonable Functions

A new definition of "Physical Unclonable Functions" (PUFs), the first one that fully captures its intuitive idea among experts, is presented. A PUF is an information-storage system with a security mechanism that is 1. meant to impede the duplication of a precisely described storage-functionality in another, separate system and 2. remains effective against an attacker with temporary access to the whole original system. A novel classification scheme of the security objectives and mechanisms of PUFs is proposed and its usefulness to aid future research and security evaluation is demonstrated. One class of PUF security mechanisms that prevents an attacker to apply all addresses at which secrets are stored in the information-storage system, is shown to be closely analogous to cryptographic encryption. Its development marks the dawn of a new fundamental primitive of hardware-security engineering: cryptostorage. These results firmly establish PUFs as a fundamental concept of hardware security.Comment: 6 pages, 3 figures; Proceedings "CS2 '15 Proceedings of the Second Workshop on Cryptography and Security in Computing Systems", Amsterdam, 2015, ACM Digital Librar

Urban encounters: juxtapositions of difference and the communicative interface of global cities

This article explores the communicative interface of global cities, especially as it is shaped in the juxtapositions of difference in culturally diverse urban neighbourhoods. These urban zones present powerful examples, where different groups live cheek by jowl, in close proximity and in intimate interaction — desired or unavoidable. In these urban locations, the need to manage difference is synonymous to making them liveable and one's own. In seeking (and sometimes finding) a location in the city and a location in the world, urban dwellers shape their communication practices as forms of everyday, mundane and bottom-up tactics for the management of diversity. The article looks at three particular areas where cultural diversity and urban communication practices come together into meaningful political and cultural relations for a sustainable cosmopolitan life: citizenship, imagination and identity

The Law Commission presumption concerning the dependability of computer evidence

We consider the condition set out in section 69(1)(b) of the Police and Criminal Evidence Act 1984 (PACE 1984) that reliance on computer evidence should be subject to proof of its correctness, and compare it to the 1997 Law Commission recommendation that acommon law presumption be used that a computer operated correctly unless there is explicit evidence to the contrary (LC Presumption). We understand the LC Presumption prevails in current legal proceedings. We demonstrate that neither section 69(1)(b) of PACE 1984 nor the LC presumption reflects the reality of general software-based system behaviour

Wanted: Trained Security Specialists\u27

This paper looks at security concerns within the IT industry and how to increase student interest in this field of study. One specific activity is presented as a way to expose students to security concerns they are likely to encounter as a system administrator

Quality assessment technique for ubiquitous software and middleware

The new paradigm of computing or information systems is ubiquitous computing systems. The technology-oriented issues of ubiquitous computing systems have made researchers pay much attention to the feasibility study of the technologies rather than building quality assurance indices or guidelines. In this context, measuring quality is the key to developing high-quality ubiquitous computing products. For this reason, various quality models have been defined, adopted and enhanced over the years, for example, the need for one recognised standard quality model (ISO/IEC 9126) is the result of a consensus for a software quality model on three levels: characteristics, sub-characteristics, and metrics. However, it is very much unlikely that this scheme will be directly applicable to ubiquitous computing environments which are considerably different to conventional software, trailing a big concern which is being given to reformulate existing methods, and especially to elaborate new assessment techniques for ubiquitous computing environments. This paper selects appropriate quality characteristics for the ubiquitous computing environment, which can be used as the quality target for both ubiquitous computing product evaluation processes ad development processes. Further, each of the quality characteristics has been expanded with evaluation questions and metrics, in some cases with measures. In addition, this quality model has been applied to the industrial setting of the ubiquitous computing environment. These have revealed that while the approach was sound, there are some parts to be more developed in the future

Beyond Boundaries: A Promising New Model for Security and Global Development

In 2007, a team of international security experts and researchers at the Henry L. Stimson Center launched an initiative to build an effective model for sustainable nonproliferation of biological, chemical, and nuclear weapons. The project represented an exciting and innovative way of thinking about security: a "dual-use" approach that operated at the nexus of the security and development communities. The team's ingenuity paid off. After less than six years, the Stimson Center is phasing out its involvement in the successful program, which will now be government funded. This paper shows how a novel idea, supported with modest grants from Carnegie Corporation, went on to secure millions in support from international sources, achieving real-world policy wins