Enabling the Internet White Pages Service -- the Directory Guardian

The Internet White Pages Service (IWPS) has been slow to materialise for many reasons. One of them is the security concerns that organisations have, over allowing the public to gain access to either their Intranet or their directory database. The Directory Guardian is a firewall application proxy for X.500 and LDAP protocols that is designed to alleviate these fears. Sitting in the firewall system, it filters directory protocol messages passing into and out of the Intranet, allowing security administrators to carefully control the amount of directory information that is released to the outside world. This paper describes the design of our Guardian system, and shows how relatively easy it is to configure its filtering capabilities. Finally the paper describes the working demonstration of the Guardian that was built for the 1997 World Electronic Messaging Association directory challenge. This linked the WEMA directory to the NameFLOWParadise Internet directory, and demonstrated some of the powerful filtering capabilities of the Guardian

Are we really ready to implement large-scale storage?

As COP 21 approaches and with CCS perhaps gaining a new momentum, a question often posed is: are we really ready to implement large-scale storage? In other words do we have sufficient hands-on experience from current storage projects, together with theoretical understanding of subsurface processes, to confidently proceed with full industrial-scale storage rollout? So what is the state of play? Over the past twenty years or so three medium-scale storage projects (injecting around one million tons (Mt) of CO2 per year) and number of much smaller pilot injection tests have been developed across the world. The latter have helped to confirm and refine detailed understanding of subsurface fluid interactions and our ability to monitor these, but it is the operations at Sleipner, Snøhvit and In Salah that provide the key pointers to what lies ahead. These projects have together injected over 20 Mt of CO2 and, in many respects, have performed according to expectation

Coping with Poorly Understood Domains: the Example of Internet Trust

The notion of trust, as required for secure operations over the Internet, is important for ascertaining the source of received messages. How can we measure the degree of trust in authenticating the source? Knowledge in the domain is not established, so knowledge engineering becomes knowledge generation rather than mere acquisition. Special techniques are required, and special features of KBS software become more important than in conventional domains. This paper generalizes from experience with Internet trust to discuss some techniques and software features that are important for poorly understood domains

Providing secure remote access to legacy applications

While the widespread adoption of Internet and Intranet technology has been one of the exciting developments of recent years, many hospitals are finding that their data and legacy applications do not naturally fit into the new methods of dissemination. Existing applications often rely on isolation or trusted networks for their access control or security, whereas untrusted wide area networks pay little attention to the authenticity, integrity or confidentiality of the data they transport. Many hospitals do not have the resources to develop new ''network-ready'' versions of existing centralised applications. In this paper, we examine the issues that must be considered when providing network access to an existing health care application, and we describe how we have implemented the proposed solution in one healthcare application namely the diabetic register at Hope Hospital. We describe the architecture that allows remote access to the legacy application, providing it with encrypted communications and strongly authenticated access control but without requiring any modifications to the underlying application. As well as comparing alternative ways of implementing such a system, we also consider issues relating to usability and manageability, such as password management

Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model

The ICE-TEL project is a pan-European project that is building an Internet X.509 based certification infrastructure throughout Europe, plus several secure applications that will use it. This paper describes the trust model that is being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact have a right to access the service or information that he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing Pretty Good Privacy (PGP) web of trust and Privacy Enhanced Mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both of the previous models, and these are highlighted here. The paper further describes the way that the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios

Corbyn, Labour, digital media, and the 2017 UK election

Corbyn, Labour, digital media, and the 2017 UK electio

From "Building the Actions" to "Being in the Moment": Older and newer media logics in political advocacy

From "Building the Actions" to "Being in the Moment": Older and newer media logics in political advocac

The new crisis of public communication: Challenges and opportunities for future research on digital media and politics

As the post-2016 political context becomes embedded, there is profound uncertainty about the long-term impact of digital media on the civic cultures of liberal democracies. In this article, Andrew Chadwick argues that the legacy of research on digital media and politics has created four epistemological problems that have hindered attempts to make sense of what amounts to a new crisis of public communication. Research in the field has tended to select cases that are progressive or pro-liberal democratic and it has usually employed what he terms the engagement gaze. Research has underestimated the trade-offs between affective solidarity and rational deliberation and it has been driven by a rationality expectation that neglects the role of indeterminacy in digital culture. For more than twenty years, researchers have focused on whether online “engagement” was being sufficiently embedded in political or journalistic organizational settings, irrespective of the motivations and ideological goals of those who actually engage. This has often obscured problematic aspects of how digital media may be reshaping the formation of public opinion and behaviour in ways that contribute, alongside other factors, to the erosion of liberal democratic norms of authenticity, rationality, tolerance, and trust. Addressing these epistemological challenges—a project already underway across a range of research endeavours—will better equip the field for the future

Initial Experiences of Building Secure Access to Patient Confidential Data via the Internet

A project to enable health care professionals (GPs, practice nurses and diabetes nurse specialists) to access, via the Internet, confidential patient data held on a secondary care (hospital) diabetes information system, has been implemented. We describe the application that we chose to distribute (a diabetes register); the security mechanisms we used to protect the data (a public key infrastructure with strong encryption and digitally signed messages, plus a firewall); the reasons for the implementation decisions we made; the validation testing that we performed and the preliminary results of the pilot implementation