Abstract. In this paper we present practical guidelines for designing secure block cipher key schedules. In particular we analyse the AES key schedule and discuss its security properties both from a theoretical viewpoint, and in relation to published attacks exploiting weaknesses in its key schedule. We then propose and analyse an efficient and more secure key schedule.
As universities seek to adopt increased e-business, e-commerce and e-learning initiates, the overall approach taken for security management within the organisation plays an increasingly relevant role. In many cases security in universities is approached through the addition of tactical solutions. Often systems security is added on as a final consideration instead of during early design stages. This approach can be incomprehensive and inefficient. Although this approach can provide limited security, there is no guarantee that business requirements for security are incorporated and integrated effectively. This situation is partly due to security management in Australian universities being challenged by the complexity of both university culture and diverse operating environments. In many circumstances the champion for security in universities tends to be relegated to an officer in the IT department, hidden away from the business itself. Often this person with operational responsibility for security will have a detailed understanding of what should occur in security, but faces difficulties in determining exactly how to go about achieving this on an enterprise level. In order to assist in securing university IT systems and thereby improving e-business security, this research proposes a security practitioner’s management model. This model is aimed at facilitating the transition of security knowledge into actual implementation across the enterprise, with an end goal of an improved culture of compliance towards security practices in the university sector. This work is of significant value as it results from a study into specific security management issues facing Australian universities. This study highlights that future research would be well-placed to focus on benchmarking information security management within the university sector.
Technology has changed the way we approach medical care: health data is constantly being generated, medical discoveries are progressing more rapidly, and individuals are more connected across the world than ever before. Backpack Health is a global personal health record platform that harnesses the power of technology to connect users to their primary health data sources, the medical community, and researchers. By syncing with existing patient portals, health data can be stored on the Backpack Health platform and easily accessed and controlled by users in one connected interface. Individuals manage and collate their current and past conditions, genetic test results, symptoms, medications, procedures, labs, and other health data. Users are empowered to disseminate their information to clinicians, researchers, foundations, and pharmaceutical and biotechnology companies they connect with through the Backpack Health application. Here, we describe how two rare disease advocacy groups, The Marfan Foundation and Project Alive, utilize Backpack Health to connect with their target populations. Through secure transfer of pseudonymized data, groups can query their members to improve understanding of clinical features and to facilitate meaningful research. Responses to the groups' surveys show strong member engagement with high completion rates and increases in new Backpack Health users when surveys are deployed. Data from these surveys have been published and used to better inform clinical outcomes for treatment trials. By connecting users directly to the foundations, clinicians, researchers, and industry partners working on their condition, Backpack Health is instrumental in fast‐tracking medical discoveries and treatment for rare diseases.
This issues paper is concerned with ensuring the integrity of Australia’s e-court processes through the development of information protection standards and protocols. The integrity of the court process is important to the national interest because businesses and citizens depend on the certainty of court decisions, naturally assuming that their information and privacy is protected. This paper is a catalyst for future research leading to the creation of an information protection framework, including policies and standards enabling courts to define the use of courtroom technologies, thus ensuring that their design and application is grounded within established information protection principles. Without substantiation of the quality of technological structures and processes used by e-courts, the system of certainty upon which the courts and law are based has the potential to become inherently uncertain.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.