Selwyn Russell

Bio: Selwyn Russell is an academic researcher from Queensland University of Technology. The author has contributed to research in topics: The Internet & Certificate. The author has an hindex of 6, co-authored 24 publications receiving 172 citations.

Security as a Safety Issue in Rail Communications

Abstract: Systems whose failure can lead to the damage of property or the environment, or loss of human life are regarded as safety-critical systems. It is no longer adequate to build safety-critical systems based on the control of errors and failures alone. Safety-critical systems must also deal with securing the data that is used in their operation. While safety and security engineering have evolved separately, there are a number of similarities. These similarities and efforts to integrate safety and security are identified. A project looking at securing safety-critical communications for the Australian rail network is also discussed.

Security as a safety issue in rail communications

Abstract: Systems whose failure can lead to the damage of property or the environment, or loss of human life are regarded as safety-critical systems It is no longer adequate to build safety-critical systems based on the control of errors and failures alone Safety-critical systems must also deal with securing the data that is used in their operation While safety and security engineering have evolved separately, there are a number of similarities These similarities and efforts to integrate safety and security are identified A project looking at securing safety-critical communications for the Australian rail network is also discussed

Fast checking of individual certificate revocation on small systems

Abstract: High-security network transactions require the checking of the revocation status of public key certificates. On mobile systems this may lead to excessive delays and unacceptable performance. This paper examines small system requirements and options, with a view to improving performance. It is shown that the use of keyed hash functions (message authentication codes) with a pre-registration option reduces network latency and allows stateless servers.

Transparent cosignatures for electronic documents

Abstract: A major problem facing enterprises communicating via general electronic commercial documents is how to ensure that an incoming document is not only authentic in origin but also was legally authorized within the purported sending enterprise. Another one is how to ensure that only authorized documents leave an enterprise. To quickly identify unauthorized documents, even if authentication of source is correct, this paper proposes transparent cosignature schemes, i.e. signature schemes which require multiple cosigners but which appear to a recipient as the product of one signature process. These will also greatly discourage potential internal fraud, even by several people in collusion. The paper gives a taxonomy and investigates paradigms and properties. An implementation is described. >

Systems and Methods for Secure Transaction Management and Electronic Rights Protection

Abstract: PROBLEM TO BE SOLVED: To solve the problem, wherein it is impossible for an electronic content information provider to provide commercially secure and effective method, for a configurable general-purpose electronic commercial transaction/distribution control system. SOLUTION: In this system, having at least one protected processing environment for safely controlling at least one portion of decoding of digital information, a secure content distribution method comprises a process for encapsulating digital information in one or more digital containers; a process for encrypting at least a portion of digital information; a process for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container; a process for delivering one or more digital containers to a digital information user; and a process for using a protected processing environment, for safely controlling at least a portion of the decoding of the digital information. COPYRIGHT: (C)2006,JPO&NCIPI

Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels

Abstract: Electronic steganographic techniques can be used to encode a rights management control signal onto an information signal carried over an insecure communications channel. Steganographic techniques ensure that the digital control information is substantially invisibly and substantially indelibly carried by the information signal. These techniques can provide end-to-end rights management protection of an information signal irrespective of transformations between analog and digital. An electronic appliance can recover the control information and use it for electronic rights management to provide compatibility with a Virtual Distribution Environment. In one example, the system encodes low data rate pointers within high bandwidth time periods of the content signal to improve overall control information read/seek times.

Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions and rights management

Abstract: An integrated, modular array of administrative and support services are provided for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting transaction-related capabilities over electronic networks, and can also be adapted to the specific needs of electronic commerce value chains. In one embodiment a Distributed Commerce Utility having a secure, programmable, distributed architecture provides these administrative and support services. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many of its participants. Different support functions can be collected together in hierarchical and/or networked relationships to suit various business models or other objectives. Modular support functions can be combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes.

Systems and Methods Using Cryptography to Protect Secure Computing Environments

Abstract: Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management

Abstract: The present inventions provide an integrated, modular array of administrative and support services for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting financial management, rights management, certificate authority, rules clearing, usage clearing, secure directory services, and other transaction related capabilities functioning over a vast electronic network such as the Internet and/or over organization internal Intranets. These administrative and support services can be adapted to the specific needs of electronic commerce value chains. Electronic commerce participants can use these administrative and support services to support their interests, and can shape and reuse these services in response to competitive business realities. A Distributed Commerce Utility having a secure, programmable, distributed architecture provides administrative and support services. The Distributed Commerce Utility makes optimally efficient use of commerce administration resources, and can scale in a practical fashion to accommodate the demands of electronic commerce growth. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many or all of its participants. Different support functions can be collected together in hierarchical and/or in networked relationships to suit various business models and/or other objectives. Modular support functions can combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes. These Commerce Utility Systems can be distributed across a large number of electronic appliances with varying degrees of distribution.