Colin T. Stockel

Applications of keystroke analysis for improved login security and continuous user authentication

This paper examines the use of keystroke analysis as a means of improving authentication in modem information systems, based upon the biometric measurement of user typing characteristics. The discussion identifies that the concept may be implemented in two ways, providing the basis for both an enhanced authentication front-end as well as for continuous, transparent supervision throughout the session.

Assessing staff attitudes towards information security in a European healthcare establishment

Information security is now recognized as an important consideration in modern healthcare establishments (HCEs), with a variety of guidelines and standards currently available to enable the environments to be properly protected. However, financial and operational constraints often exist which influence the practicality of these recommendations. This paper establishes that the staff culture of the organization is of particular importance in determining the level and types of security that will be accepted. This culture will be based upon staff awareness of and attitudes towards security and it is, therefore, important to have a clear idea of what these attitudes are. To this end, two surveys have been conducted within a reference environment to establish the attitudes of general users and technical staff, allowing the results to be fed back to HCE management to enable security policy to be appropriately defined. These results indicated that, although the establishment had participated in a European healthcare security initiative, staff attitudes and awareness were still weak in some areas.

THE QUADRATIC RESIDUE CIPHER AND SOME NOTES ON IMPLEMENTATION

Although of similar age, the Quadratic Residue Cipher (QRC) has been neglected compared with the publicity received by other public key cryptosystems, notably the RSA cipher. This paper attempts to redress the balance somewhat, explaining in expository form the principle of the QRC, the advantages it offers over RSA and some experiences gained as a result of using the cipher.

Practical approach to the optimization of large-scale switching networks

Abstract There are a number of techniques that enable networks to be optimized. Neither search techniques nor heuristic methods are entirely satisfactory in solving practical problems. The authors describe an approach to network optimization that utilizes an algorithm that reduces the number of nodes and consequently the time taken to find a solution. The approach is based on two basic stages: a preparation stage and an optimization stage.

Approaches to security in healthcare multimedia systems

This paper examines the need for security in modem healthcare applications and, in particular, the considerations that arise from the use of multimedia. Whilst multimedia is particularly advantageous for information delivery within Healthcare Establishments (HCEs), its adoption introduces some new requirements for information security. The paper presents the outline of a security strategy for future healthcare multimedia systems and networks and also highlights some new opportunities that may be offered by the technologies involved. The discussion is supported by an examination of the approach taken in the POSEIDON system, a prototype multimedia patient records system that is being developed within our research group in conjunction with a local HCE. This describes aspects of both the underlying analysis strategy and the system implementation, with particular reference to how security is being realised.

Fast heuristics for practical TDM network design

Many large scale core data networks are now based on the new generation of intelligent time division multiplexers. These allow permanent virtual circuits between any network nodes and automatic rerouting of lost connections should link failures occur. The design requirements for such networks are very different to those more usually associated with standard packet switched network arrangements. For a given traffic matrix the number of possible network topologies, link capacity selections, and circuit routings, even between a small number of nodes, is relatively large. When taking into account the additional requirements of optimising the overall link capacity of a network and ensuring its resilience to failure by specifying link disjoint primary and backup paths, the design complexity becomes very large. It is also necessary to use commercial link costs for all the link specifications likely to be selected from by the various PTT service providers to ensure realistic design results. The following paper describes the modules of a heuristic method that has been successfully used on a standard personal computer to provide minimum cost optimum designs based on the described network characteristics. The heuristics incorporate a speed versus accuracy trade-off factor so that rapid approximate designs may be examined for differing traffic conditions.

Research: New technique for the representation of access network performance

Many large data communication systems can be conveniently divided into core and customer access network arrangements. The design of the latter, with statistical multiplexers and leased line or dial-up access, is often neglected in terms of optimum arrangement. This is simply because the attachment of users to the system is effected in an ad hoc manner, over a period of time, and is highly susceptible to physical changes and variability in traffic demand. More attention is now being given to this relatively expensive resource, especially as the quality of service, in terms of delays and blocking, are an increasingly important part of service level arrangements between the value added network supplier and customer. This paper presents a new technique, suitable for a wide range of queuing systems, that aids the optimal design of star type networks where the quality of service constraints must be taken into consideration.