Search

Showing total 1,570 results
Start Over Search Limiters Full Text Topic computer.software_genre Publisher springer us
1,570 results

101. Selecting the Appropriate Machine Learning Techniques for the Prediction of Software Development Costs

Author

Ioannis Stamelos and Stamatia Bibi

Subjects
Artificial neural network, Wake-sleep algorithm, Active learning (machine learning), business.industry, Computer science, Online machine learning, Software development effort estimation, Machine learning, computer.software_genre, Relevance vector machine, Computational learning theory, Artificial intelligence, Data mining, Cluster analysis, business, computer
Abstract

This paper suggests several estimation guidelines for the choice of a suitable machine learning technique for software development effort estimation. Initially, the paper presents a review of relevant published studies, pointing out pros and cons of specific machine learning methods. The techniques considered are Association Rules, Classification and Regression Trees, Bayesian Belief Networks, Neural Networks and Clustering, and they are compared in terms of accuracy, comprehensibility, applicability, causality and sensitivity. Finally the study proposes guidelines for choosing the appropriate technique, based on the size of the training data and the desirable features of the extracted estimation model.

Published
2006

102. Engineering an interoperable adaptive hypermedia testing tool supporting user adaptable strategies

Author

Simeon Retalis and Fotis Lazarinis

Subjects
Multimedia, business.industry, Computer science, Interoperability, Learning standards, Usability, Adaptation strategies, computer.software_genre, Domain (software engineering), Human–computer interaction, Item response theory, Web application, Adaptive hypermedia, business, computer
Abstract

In this paper we present a web based tool for authoring adaptive assessments based on IMS QTI, IMS LIP and IEEE PAPI learning standards. The tool allows authors of assessments to customize the applied adaptation strategies to meet their own teaching experiences and goals. During the assessment procedure the system accumulates knowledge about learners and adapts the exposure of items based on this knowledge and on the adaptable rule model. Design decisions and the employed user, domain and rule models are analyzed and discussed. Results from a usability evaluation are discussed at the end of the paper.

Published
2006

103. Developing Personalized E-Books: A Multi-Layered Approach

Author

Demosthenes Stamatis, Athanasios Tsadiras, Konstantina Chatzara, and Athanasios Mpantsos

Subjects
Interactive systems engineering, User profile, Multimedia, business.industry, Computer science, Hypermedia, Usability, computer.software_genre, law.invention, law, Human–computer interaction, Information system, Architecture, business, GeneralLiterature_REFERENCE(e.g.,dictionaries,encyclopedias,glossaries), computer
Abstract

Users of hypermedia systems are heterogeneous, came from different backgrounds and have different level of knowledge in the use of information systems. This paper discusses a multi-layered approach for developing personalized e-books. The layers regard both Human Computer Interaction/Navigation level and the Content of the e-book. These layers are defined and described in detail. The tei-Book architecture is also presented in the paper and it is proposed as suitable for providing personalized e-book views to the various e-book readers. This is done by an E-Book manager that manage to provide the appropriate e-book view according to the User Profiles and Book Profile Components that dynamically are developed by the tei-Book. Future work includes the evaluation of the personalized e-book views and also the evaluation of system’s usability.

Published
2006

104. Retrieving Open Source Software Licenses

Author

Tommi Kärkkäinen, Jussi Koskinen, and Timo Tuunanen

Subjects
Database, business.industry, Computer science, Software development, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Static program analysis, Software maintenance, Software license, computer.software_genre, Software quality, Software construction, Backporting, Software system, business, computer
Abstract

Open Source Software maintenance and reuse require identifying and comprehending the applied software licenses. This paper first characterizes software maintenance, and open source software (OSS) reuse which are particularly relevant in this context. The information needs of maintainers and reusers can be supported by reverse engineering tools at different information retrieval levels. The paper presents an automated license retrieval approach called ASLA. User needs, system architecture, tool features, and tool evaluation are presented. The implemented tool features support identifying source file dependencies and licenses in source files, and adding new license templates for identifying licenses. The tool is evaluated against another tool for license information extraction. ASLA requires the source code as available input but is otherwise not limited to OSS. It supports the same programming languages as GCC. License identification coverage is good and the tool is extendable.

Published
2006

105. Learning context models for the recognition of scenarios

Author

James L. Crowley, Sofia Zaidenberg, Oliver Brdiczka, Patrick Reignier, Perception, recognition and integration for observation of activity (PRIMA), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université Joseph Fourier - Grenoble 1 (UJF)-Institut National Polytechnique de Grenoble (INPG)-Centre National de la Recherche Scientifique (CNRS), and Ilias Maglogiannis and Kostas Karpouzis and Max Bramer

Subjects
Context model, Ubiquitous computing, Computer science, business.industry, Word error rate, Context (language use), 02 engineering and technology, Machine learning, computer.software_genre, 01 natural sciences, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, Activity recognition, 010104 statistics & probability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Hard coding, Artificial intelligence, 0101 mathematics, business, Set (psychology), Hidden Markov model, computer
Abstract

International audience; This paper addresses the problem of automatic learning of scenarios. A ubiquitous computing environment must have the ability to perceive its occupants and their activities in order to recognize a context and to provide appropriate services. A context (a scenario) can be modeled as a temporal sequence of situations. Hard coding contexts by hand is a complex task. Our goal is to learn these context models based on a set of videos showing actors playing predefined scenarios. Once these models are learned, we can use them to classify new scenarios. Hidden Markov Models (HMMs) are particularly well suited for problems with a strong temporal structure; they are easily adaptable to variability of input and robust to noise. But two problems need to be addressed: how many HMMs do we need for all possible scenarios and how many states for each HMM. We propose in this paper an approach based on an incremental algorithm addressing these two problems. Under the best conditions we obtained the minimal error rate of 1.96% (2 errors in 102 validation entries).

Published
2006

106. Retraining the Neural Network for Data Visualization

Author

Gintautas Dzemyda and Viktor Medvedev

Subjects
Artificial neural network, Computer science, Time delay neural network, business.industry, Pattern recognition, computer.software_genre, Backpropagation, Data mapping, Sammon mapping, Probabilistic neural network, Data mining, Artificial intelligence, Projection (set theory), business, computer, Dykstra's projection algorithm
Abstract

In this paper, we discuss the visualization of multidimensional data. A well-known procedure for mapping data from a high-dimensional space onto a lower-dimensional one is Sammon’s mapping. The algorithm is oriented to minimize the projection error. We investigate an unsupervised backpropagation algorithm to train a multilayer feed-forward neural network (SAMANN) to perform the Sammon’s nonlinear projection. Sammon mapping has a disadvantage. It lacks generalization, which means that new points cannot be added to the obtained map without recalculating it. The SAMANN network offers the generalization ability of projecting new data, which is not present in the original Sammon’s projection algorithm. Retraining of the network when the new data points appear has been analyzed in this paper.

Published
2006

107. MDA-Based Architecture of a Description Logics Reasoner

Author

Dragan Ðurić, Nenad Krdžavac, and Vladan Devedžić

Subjects
Theoretical computer science, Computer science, Programming language, Model transformation, Substructural logic, Computational logic, 020207 software engineering, Context (language use), 02 engineering and technology, Semantic reasoner, computer.software_genre, Metamodeling, TheoryofComputation_MATHEMATICALLOGICANDFORMALLANGUAGES, Description logic, Software_SOFTWAREENGINEERING, 0202 electrical engineering, electronic engineering, information engineering, T-norm fuzzy logics, computer, computer.programming_language
Abstract

The paper presents the architecture and design of a description logics (DLs) reasoner based on the Model Driven Architecture (MDA) methodology. The architecture relies on OMG’s description logics metamodel, tableau metamodel, and model transformations using a language for model transformation. We show an example of DLs knowledge base using UML notation in context of MDA. The idea can be easily applied to implementation of a first-order logic theorem prover. The paper does not discuss implementation details of reasoning algorithms and the reasoner performance.

Published
2006

108. An integrated classification model for incremental learning

Author

Hu Ji, Zhiyuan Li, Xin Liu, Chengwei Ren, Yi Yang, Chenggang Yan, Dongliang Peng, and Jiyong Zhang

Subjects
Computer Networks and Communications, Process (engineering), Computer science, Image classification, Feature vector, Masked-face dataset, 02 engineering and technology, Machine learning, computer.software_genre, Field (computer science), Article, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Artificial Intelligence & Image Processing, Confidence weight, Incremental learning, Contextual image classification, business.industry, Software Engineering, 020207 software engineering, Transfer learning, Statistical classification, Hardware and Architecture, Face (geometry), 0801 Artificial Intelligence and Image Processing, 0803 Computer Software, 0805 Distributed Computing, 0806 Information Systems, Noise (video), Artificial intelligence, Transfer of learning, business, computer, Software
Abstract

Incremental Learning is a particular form of machine learning that enables a model to be modified incrementally, when new data becomes available. In this way, the model can adapt to the new data without the lengthy and time-consuming process required for complete model re-training. However, existing incremental learning methods face two significant problems: 1) noise in the classification sample data, 2) poor accuracy of modern classification algorithms when applied to modern classification problems. In order to deal with these issues, this paper proposes an integrated classification model, known as a Pre-trained Truncated Gradient Confidence-weighted (Pt-TGCW) model. Since the pre-trained model can extract and transform image information into a feature vector, the integrated model also shows its advantages in the field of image classification. Experimental results on ten datasets demonstrate that the proposed method outperform the original counterparts.

Published
2020

109. Adapting SLP To Ad-Hoc Environment

Author

Pekka Vuorela, Janne Pietiainen, Jussi Saarinen, and Tommi Mikkonen

Subjects
Computer science, computer.internet_protocol, business.industry, media_common.quotation_subject, Service discovery, Computer security, computer.software_genre, Network configuration, User agent, Default gateway, Function (engineering), Communications protocol, Service Location Protocol, business, computer, Network address translation, media_common, Computer network
Abstract

Ad-hoc networking, where network structure is created dynamically as nodes enter and leave the network, has recently become an active reseach subject. As majority of existing network protocols has been targeted to be used in an environment, where a static network configuration and the option of using registry repositories is enabled, they need tailoring for ad-hoc net-working. In this paper, we discuss how Service Location Protocol (SLP) can be modified for such a dynamic environment starting from the requirements of applications that are to be run, and user’s intentions. The adaptations we have implemented include passive service discovery where the amount of network traffic needed for service discovery can be reduced, security related features for improved privacy, gateway function that offers connectivity to external networks, and service discovery proxies that assist in the discovery of services between ad-hoc and fixed networks. The paper also addresses implementation of these features.

Published
2006

110. Industrial Application Integration Using Agent-Enabled Sematic SOA: Capnet Case Study

Author

Miguel Contreras and Leonid Sheremetov

Subjects
Service (systems architecture), Process management, computer.internet_protocol, Business process, Computer science, business.industry, Service-oriented architecture, computer.software_genre, Business process management, Intelligent agent, Architecture, Web service, business, computer
Abstract

The paper addresses the issues of industrial application integration in business processes using agent enabled Service Oriented Architectures (SOA). in this paper, we show that agent-enabled SOA can play an important role for service integration. Our architecture combines Web services and intelligent agent technologies orchestrated by a business process management system. This architecture is grounded in a semantic service integration model and supported by the CAPNET agent platform tools. We describe the architecture and illustrate the approach by an industrial application scenario from petroleum wells’ drilling.

Published
2006

111. Beyond Low-Hanging Fruit: Seeking the Next Generation in FLOSS Data Mining

Author

Megan Conklin

Subjects
Computer science, Process (engineering), business.industry, Data stream mining, Proprietary software, computer.software_genre, Data science, Global software development, Open source, Software, Open-source software development, Data mining, business, computer
Abstract

This paper will discuss the motivations and methods for collecting quantitative data about free, libre and open source (FLOSS) software projects. The paper also describes the current state of the art in collecting this data, and some of the problems with this process. Finally, the paper outlines the challenges data miners should look forward to when trying to improve the usefulness of their quantitative data streams.

Published
2006

112. Knowledge Modelling Using The UML Profile

Author

Richard F. Paige, Chris Kimble, Ian D. Benest, and Mohd Syazwan Abdullah

Subjects
UML tool, Computer science, Modeling language, business.industry, Applications of UML, computer.software_genre, Metamodeling, Knowledge modeling, Systems Modeling Language, Class diagram, Data mining, Software engineering, business, computer, Object Constraint Language, computer.programming_language
Abstract

This paper discusses platform independent conceptual modeling of a knowledge intensive application, focusing on the use of knowledge-based systems (KBS) in the context of model-driven engineering. An extension to the Unified Modeling Language (UML) for knowledge modeling is presented based on the profiling extension mechanism of UML. The UML profile discussed in this paper has been successfully captured in a Meta-Object-Facility (MOF) based UML tool — the executable Modeling Framework (XMF). The example is that of modeling a knowledge-based system for the Ulcer Clinical Practical Guidelines (CPG) Recommendations. It demonstrates the use of the profile, with the prototype system implemented in the Java Expert System Shell (JESS).

Published
2006

113. Understanding Meaning and Bridging Divides: The Use of an African Metaphor for the South African Open Source Center

Author

Nhlanhla Mabaso, Elaine Byrne, and Bob Jolliffe

Subjects
Multimedia, Metaphor, business.industry, media_common.quotation_subject, Organizational studies, Media studies, Intellectual property, computer.software_genre, Bridging (programming), ComputingMilieux_GENERAL, Software, Information system, Sociology, Software system, Communal land, business, computer, media_common
Abstract

This paper describes a conscious attempt to use metaphor to both promote and reinterpret ideas and values from the global free and open source software movement in the context of South Africa. A case study is given of an initiative launched by the South African Council for Industrial and Scientific Research to stimulate awareness and promote the use of free and open source software in South Africa and the region. The new Open Source Center made use of an African language metaphor to relate the concept of shared intellectual property in software to traditional communal land management. Whereas Western metaphors are commonly used in the field of organizational studies and Information Systems to facilitate meaning, the deliberate use of an African language metaphor to describe software systems is less common (even in Africa). This paper provides a background as to why such a metaphor was chosen as well as some reflection on its effectiveness.

Published
2006

114. Evaluating Classifiers for Mobile-Masquerader Detection

Author

Seppo Puuronen, Oleksiy Mazhelis, and Mika Raento

Subjects
business.industry, Computer science, Small number, Linear classifier, Pattern recognition, Machine learning, computer.software_genre, Random subspace method, Information sensitivity, ComputingMethodologies_PATTERNRECOGNITION, Artificial intelligence, business, computer, Classifier (UML)
Abstract

As a result of the impersonation of a user of a mobile terminal, sensitive information kept locally or accessible over the network can be abused. The means of masquerader detection are therefore needed to detect the cases of impersonation. In this paper, the problem of mobile-masquerader detection is considered as a problem of classifying the user behaviour as originating from the legitimate user or someone else. Different behavioural characteristics are analysed by designated one-class classifiers whose classifications are combined. The paper focuses on selecting the classifiers for mobile-masquerader detection. The selection process is conducted in two phases. First, the classification accuracies of classifiers are empirically evaluated, and inaccurate classifiers are excluded. After that, the accuracies of different classifier combinations are explored, and the combination with the best classification accuracy is identified. The experimental results suggest that, in order to achieve better accuracy, the individual classifiers with both high classification accuracy and a small number of non-classifications need to be selected.

Published
2006

115. Post Sequential Patterns Mining

Author

Osei Adjei, Jun Liu, Jing Lu, and Weiru Chen

Subjects
Computer science, business.industry, Event (computing), Graph (abstract data type), Pattern recognition, Artificial intelligence, Data mining, business, computer.software_genre, computer, Data modeling, Task (project management)
Abstract

In this paper we present a novel data mining technique, known as Post Sequential Patterns Mining, which can be used to discover Structural Patterns. A Structural Pattern is a new pattern, which is composed of sequential patterns, branch patterns or iterative patterns. Sequential patterns mining plays an essential role in many areas and substantial research has been conducted on their analysis and applications. In our previous work [12], we used a simple but efficient Sequential Patterns Graph (SPG) to model the sequential patterns. The task to discover hidden Structural Pattern is based on our previous work and sequential patterns mining, conveniently named Post Sequential Patterns Mining. In this paper, in addition to stating this new mining problem, we define patterns such as branch pattern, iterative pattern, structural pattern, and concentrate on finding concurrent branch pattern. Concurrent branch pattern is thus one of the main forms of structural pattern and will play an important role in event-based data modelling.

Published
2005

116. Inviting New Players to the Multimedia M-Commerce Arena

Author

Stefan Figge and Kai Rannenberg

Subjects
Engineering, Multimedia, business.industry, Value proposition, Mobile commerce, Business model, computer.software_genre, Revenue model, Digital Video Broadcasting, Digital television, Mobile telephony, business, Mobile device, computer
Abstract

Digital Video Broadcasting (DVB) using the same terrestrial infrastructure (DVB-T) as traditional analogue television has become a mature technology with a growing number of users. Different activities have been started (e.g. DVB-H) in order to apply that infrastructure for distributing multimedia content and interactive services to mobile devices. DVB (i.e. the television industry) and 3G mobile networks (i.e. the mobile telecommunications industry) are therefore becoming competitors from a value proposition point of view. On one hand there is the television industry with its close relation to the movie and media industry as well as its often advertising based business model. On the other hand there is the mobile telecommunications industry with its focus on direct revenue models for data and services (referred to as M-Commerce), targeting on mobile subscribers. The paper will show that currently the television industry applies different business models more flexibly than the mobile telecommunications industry does. Looking at the likely upcoming competition between the both industries, the paper proposes an approach to expand the business model that is currently applied in the mobile telecommunications industry in order to make it competitive against broadcasted mobile multimedia services. As research in progress the paper addresses the question, which concepts could be applied in order to redesign the current M-Commerce business model for the sake of higher user adoption.

Published
2005

117. Dynamic Security Labels and Noninterference (Extended Abstract)

Author

Lantian Zheng and Andrew C. Myers

Subjects
Provable security, Class (computer programming), Program analysis, Computer science, Programming language, Concrete security, Information flow (information theory), Computer security model, computer.software_genre, Computer security, Security policy, computer, Typed lambda calculus
Abstract

This paper presents a language in which information flow is securely controlled by a type system, yet the security class of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restrictions placed on data. However, real computing systems have security policies that vary dynamically and that cannot be determined at the time of program analysis. For example, a file has associated access permissions that cannot be known with certainty until it is opened. Although one security-typed programming language has included support for dynamic security labels, there has been no demonstration that a general mechanism for dynamic labels can securely control information flow. In this paper, we present an expressive language-based mechanism for reasoning about dynamic security labels. The mechanism is formally presented in a core language based on the typed lambda calculus; any well-typed program in this language is provably secure because it satisfies noninterference.

Published
2005

118. Using Data Mining for Virtual Enterprise Management

Author

Ricardo J. Rabelo, Edmilson Rampazzo Klen, Alexandra A. Pereira-Klen, D. Luz, and Leandro Loss

Subjects
Computer science, business.industry, Enterprise integration, Integrated enterprise modeling, Enterprise architecture, computer.software_genre, Enterprise system, Business intelligence, Data mining, Enterprise information system, business, Cluster analysis, computer, Enterprise software
Abstract

This paper presents exploratory results on how a data-mining-based tool can be used to enhance the quality of decision-making in a Virtual Enterprise environment. The developed tool is based on the Clustering mining method and implements the K-Means algorithm. The algorithm is explained, its utilization in the proposed model is introduced and the implementation results are presented and stressed in the end of the paper.

Published
2005

119. A Responsibility Framework for Information Security

Author

Rossouw von Solms and Shaun Posthumus

Subjects
Security service, Information security management, Certified Information Security Manager, Information security standards, Security convergence, Business, Information security, Asset (computer security), Computer security, computer.software_genre, computer, Security information and event management
Abstract

This paper demonstrates that information security is more than a technical issue, through the development of an information security responsibility framework that shows consideration for strategic and legal issues as well. It is important that information security be viewed as both a governance challenge and a management responsibility. In order to achieve this this paper addresses information security governance and the board’s participation in directing and controlling security efforts. Furthermore information security management is addressed in order to demonstrate how information security should be implemented. Once a comprehensive picture of the information security function has been established, the roles of various individuals in terms of information security are discussed and mapped out in the responsibility framework in order to demonstrate the true scope of an organizations information security function.

Published
2005

120. Threat Modelling for Security Tokens in Web Applications

Author

D. De Cock, Dries Schellekens, Bart Preneel, Karel Wouters, and Dave Singelée

Subjects
business.industry, Computer science, Computer security, computer.software_genre, Security token, Web application security, Electronic signature, Variety (cybernetics), World Wide Web, Threat model, Web application, Smart card, Web threat, business, computer
Abstract

In the last couple of years, several European countries have started projects which intend to provide their citizens with electronic identity cards, driven by the European Directive on Electronic Signatures. One can expect that within a few years, these smart cards will be used in a wide variety of applications. In this paper, we describe the common threats that can be identified when using security tokens such as smart cards in web applications. We illustrate each of these threats with a few attack scenarios. This paper is part of a series of papers, written by several academic teams. Each paper focuses on one particular technological building block for web applications.

Published
2005

121. Statistical Signatures for Early Detection of Flooding Denial-of-Service Attacks

Author

John Haggerty, Qi Shi, and Madjid Merabti

Subjects
Router, Information economy, Network packet, Computer science, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Early detection, Denial-of-service attack, Computer security, computer.software_genre, Flooding (computer networking), Software deployment, State information, business, computer, Computer network
Abstract

A major threat to the information economy is denial-of-service attacks. Despite the widespread deployment of perimeter model countermeasures these attacks are highly prevalent. Therefore a new approach is posited; early detection. This paper posits an approach that utilises statistical signatures at the router to provide early detection of flooding denial-of-service attacks. The advantages of the approach presented in this paper are threefold: analysing fewer packets reduces computational load on the defence mechanism; no state information is required about the systems under protection; and alerts may span many attack packets. Thus, the defence mechanism may be placed within the routing infrastructure to prevent malicious packets from reaching their intended victim in the first place. This paper presents an overview of the early detection-enabled router algorithm and case study results.

Published
2005

122. Assignment of Security Clearances in an Organization

Author

Victor Portougal and Lech J. Janczewski

Subjects
Cloud computing security, Security service, Computer science, Security convergence, Information security, Computer security model, Asset (computer security), Computer security, computer.software_genre, computer, Security information and event management, Logical security
Abstract

The paper discusses the assignment of security clearances to employees in a security conscious organization. New approaches are suggested for solving two major problems. First, full implementation of the ‘need-to-know’ principle is provided by the introduction of Data Access Statements (DAS) as part of employee’s job description. Second, for the problem of setting up border points between different security clearances, the paper introduces a fuzzy set model. This model helps to solve this problem, effectively connecting it with the cost of security. Finally, a method is presented for calculating security values of objects security clearances for employees when the information objects are connected to each other in a network structure.

Published
2005

123. Schema Based XML Security: RBAC Approach

Author

Xinwen Zhang, Ravi Sandhu, and Jaehong Park

Subjects
Document Structure Description, XML Encryption, Database, Computer science, Programming language, Efficient XML Interchange, XML Signature, XML validation, computer.file_format, computer.software_genre, XML Schema Editor, Streaming XML, ComputingMethodologies_DOCUMENTANDTEXTPROCESSING, RELAX NG, computer
Abstract

Security of XML instance is a basic problem, especially in enterprise with large number of users and XML objects as well as complex authorizations administration. In this paper, a role-based access control (RBAC) model based on XML Schema is proposed. RBAC has been proven to be efficient to improve security administration with flexible authorization management. XML Schemais a specification to define format and contents of XML instance. Access control based on a schema will be transported to all its instances. As a proposed alternate of XML Document Type Definition (DTD), XML Schema supports complex constraints for XML components, such as elements, attributes, datatypes and groups. Also, XML Schema provides a mechanism to build rich reuse relationships between schemas and elements. These will be applied in reusable permissions in our model, which efficiently simplify the security administration. Based on these features fine-grained access control can be achieved. At the same time, our model also supports instances-level authorization naturally, which provides a uniform mechanism for XML security. A abstract implementation is presented in this paper for our proposed model. “Pure” XML technologies will be applied in the implementation mechanism, which make the system lightweight and can be easily embedded into existing systems.

Published
2004

124. Secure Authorisation for Web Services

Author

Sarath Indrakanti, Rajat Kumar, Vijay Varadharajan, and Michael Hitchens

Subjects
WS-Addressing, Database, computer.internet_protocol, business.industry, WS-I Basic Profile, Access control, Service-oriented architecture, computer.software_genre, Devices Profile for Web Services, Business, Web service, WS-Policy, computer, XML
Abstract

In this paper, we investigate the authorisation service provided by Microsoft®. NET MyServices [1]. We propose modifications and extensions to eXtensible Markup Language (XML) [2] based data structures’ schemas to support a range of commonly used access policies in commercial systems. We have developed the modified access evaluation algorithms that take the proposed extensions into account. The extensions proposed in this paper have been used in the specification and analysis of a practical application involving access control to electronic patient records in hospitals.

Published
2004

125. A Survey on Fault Attacks

Author

Hugues Thiebeauld and Christophe Giraud

Subjects
Differential fault analysis, Computer science, business.industry, Cryptography, Fault (power engineering), Computer security, computer.software_genre, Whole systems, Cryptosystem, Smart card, Side channel attack, business, computer, Tamper resistance, Computer network
Abstract

Fault attacks described in cryptographic papers mostly apply to cryptographic algorithms, yet such attacks may have an impact on the whole system in a smart card. In this paper, we describe what can be achieved nowadays by using fault attacks in a smart card environment. After studying several ways of inducing faults, we describe attacks on the most popular cryptosystems and we discuss the problem of induced perturbations in the smart card environment. Finally we discuss how to find appropriate software countermeasures.

Published
2004

126. Evolutionary Robot Behaviors Based on Natural Selection and Neural Network

Author

Yanbin Zhuang, Jingan Yang, and Hongyan Wang

Subjects
Fitness function, Fitness approximation, business.industry, Computer science, Artificial creation, Evolutionary algorithm, Evolutionary robotics, Interactive evolutionary computation, Machine learning, computer.software_genre, Evolutionary computation, Evolutionary acquisition of neural topologies, Artificial intelligence, business, computer
Abstract

The methodology of artificial evolution based on the traditional fitness function is argued to be inadequate for constructing the entities with behaviors novel to their designers. Evolutionary emergence via natural selection(without an explicit fitness function) is a promising way. This paper primarily considers the question of what to evolve, and focuses on the principles of developmental modularity based on neural networks. The connection weight values of this neural network are encoded as genes, and the fitness individuals are determined using a genetic algorithm. In paper we has created and described an artificial world containing autonomous organisms for developing and testing some novel ideas. Experimental results through simulation have demonstrated that the developmental system is well suited to long-term incremental evolution. Novel emergent strategies are identified both from an observer’s perspective and in terms of their neural mechanisms.

Published
2004

127. Integrating Two Artificial Intelligence Theories in a Medical Diagnosis Application

Author

Hadrian Peter and Wayne Goodridge

Subjects
Reasoning system, Artificial Intelligence System, Opportunistic reasoning, Artificial neural network, business.industry, Computer science, Inference, Machine learning, computer.software_genre, Model-based reasoning, Procedural reasoning system, Case-based reasoning, Artificial intelligence, business, computer
Abstract

Reasoning Systems (Inference Mechanisms) and Neural Networks are two major areas of Artificial Intelligence (AI). The use of case-based reasoning in Artificial Intelligence systems is well known. Similarly, the AI literature is replete with papers on neural networks. However, there is relatively little research in which the theories of case-based reasoning and neural networks are combined. In this paper we integrate the two theories and show how the resulting model is used in a medical diagnosis application. An implementation of our model provides a valuable prototype for medical experts and medical students alike.

Published
2004

128. Use of Models and Modelling Techniques for Service Development

Author

Ferreira Pires, Luis, van Sinderen, Marten J., Guareis de farias, Cléver, Andrade Almeida, João, Mendes, Manuel J., Suomi, Reima, and Passos, Carlos

Subjects
Flexibility (engineering), Computer science, Context (language use), computer.software_genre, Service-oriented development, Unified Modeling Language (UML), Identification (information), Unified Modeling Language, Component (UML), Systems engineering, Feature (machine learning), Web service, Architecture, Model Driven Architecture, computer, computer.programming_language
Abstract

E-applications are increasingly being composed from individual services that can be realized with different technologies, such as, e.g., Web Services and standard component technologies. A current trend in the development of these services is to describe their technology-independent and technology-specific aspects in separate models. A prominent development that leads this trend is the Model-Driven Architecture (MDA). An important feature of the MDA approach is the explicit identification of Platform-Independent Models (PIMs) and the flexibility to implement them on different platforms via Platform-Specific Models (PSMs), possibly through (automated) model transformations. A platform can be any technology that supports the execution of these models, either directly or after translation to code in a programming language. This paper aims at identifying the benefits of the MDA approach in the development of services for e-applications. The paper presents a short introduction to MDA, in the context of service development, and an overview of the modelling capabilities of the Unified Modelling Language (UML), one of MDA’s main modelling languages.

Published
2004

129. An Asymmetric Cryptography Secure Channel Protocol for Smart Cards

Author

Konstantinos Rantos and Konstantinos Markantonakis

Subjects
business.industry, Computer science, Key distribution, Public key infrastructure, Cryptographic protocol, Computer security, computer.software_genre, Public-key cryptography, Key (cryptography), Smart card, Java Card, business, computer, Secure channel, Computer network
Abstract

Smart card secure channel protocols based on public key cryptography are not widely utilised mainly due to processing overheads introduced in the underlying smart card microprocessors and the complexities introduced by the operation of a PKI infrastructure. In this paper we analyse the significance of public key secure channel protocols in multi application smart cards. We believe that multi application smart card technology (e.g. the GlobalPlatform smart card specification) should benefit more from the advantages of public key cryptography specifically for the initiation and maintenance of a secure channel. This paper introduces a public key based cryptographic protocol for secure entity authentication, data integrity and data confidentiality. The proposed secure channel protocol uses a combination of public key, secret key and the main idea behind the Diffie-Hellmann key establishment protocols in order to achieve the desired goals.

Published
2004

130. Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities Using Pointer Taintedness Semantics

Author

Shuo Chen, Ravishankar K. Iyer, Karthik Pattabiraman, and Zbigniew Kalbarczyk

Subjects
scanf format string, Programming language, Computer science, Pointer (computer programming), Memory model, Equational logic, Static analysis, computer.software_genre, Formal reasoning, computer, User input, Buffer overflow
Abstract

This paper is motivated by a low level analysis of various categories of severe security vulnerabilities, which indicates that a common characteristic of many classes of vulnerabilities is pointer taintedness. A pointer is said to be tainted if a user input can directly or indirectly be used as a pointer value. In order to reason about pointer taintedness, a memory model is needed. The main contribution of this paper is the formal definition of a memory model using equational logic, which is used to reason about pointer taintedness. The reasoning is applied to several library functions to extract security preconditions, which must be satisfied to eliminate the possibility of pointer taintedness. The results show that pointer taintedness analysis can expose different classes of security vulnerabilities, such as format string, heap corruption and buffer overflow vulnerabilities, leading us to believe that pointer taintedness provides a unifying perspective for reasoning about security vulnerabilities.

Published
2004

131. Composing Web Services Using an Agent Factory

Author

Marta Sabou, Deborah Richards, Sander van Splunter, and Frances M. T. Brazier

Subjects
Web standards, medicine.medical_specialty, Web 2.0, Web development, Computer science, computer.software_genre, Social Semantic Web, World Wide Web, 102001 Artificial intelligence, Web page, Web design, medicine, Semantic analytics, 102015 Information systems, Web navigation, Semantic Web Stack, RDF, 102015 Informationssysteme, Semantic Web, Data Web, 102022 Softwareentwicklung, business.industry, computer.file_format, Web application security, 102022 Software development, Web service, Web intelligence, business, computer, Web modeling
Abstract

Web service composition can provide a value-chain between customers and suppliers. The increasing number of services, and thus possible combinations, demands the development of dynamic and automatic techniques for their composition. Current commercial solutions are limited and are primarily static and manual. Automation requires reasoning about (semantic descriptions of) the services. This paper describes our initial work which brings together agents, Web service and semantic Web technology. Our knowledge-based software engineering approach to the design of agents, known as the Agent Factory, is applied to the composition of Web services. Using semantic descriptions of Web services written in DAML-S, the design process in our Agent Factory derives a Web service configuration. This paper also includes some observations regarding our experiences with DAML-S, UDDI and WSDL for this purpose.

Published
2004

132. On the Era of Educational Hypermedia Computing

Author

Jari Multisilta and Anneli Heimbürger

Subjects
Multimedia, Computer science, Hypermedia, Timeline, computer.software_genre, HyperCard, law.invention, World Wide Web, Memex, law, Information and Communications Technology, Computer-supported cooperative work, ComputingMethodologies_DOCUMENTANDTEXTPROCESSING, Learning theory, Hypertext, computer, computer.programming_language
Abstract

The paper presents a timeline of information and communication technologies in learning since the days of Vannebar Bush’s Memex, Douglas Engelbart’s Augment, Ted Nelson’s Xanadu, and PLATO systems to the current lively research and development work going on between the traditional hypertext research community and the World Wide Web Consortium (W3C). Hypermedia has been widely applied in computer assisted instruction and learning. Engelbart’s NLS/Augment can be regarded as the first CSCW (Computer Supported Collaborative Work) environment. Later, such systems as Intermedia, Microcosm and HyperCard have successfully presented the ideas of hypertext in learning contexts. In this paper we discuss the development of learning theories and hypertext linking environments and their roles in today’s networked and mobile learning environments.

Published
2004

133. Adapting Query Optimization Techniques for Efficient Alert Correlation

Author

Dingbang Xu and Peng Ning

Subjects
Computer science, Hash function, Heapsort, sort, Sargable, Intrusion detection system, Data mining, Linear hashing, computer.software_genre, Nested loop join, Query optimization, computer
Abstract

Intrusion alert correlation is the process to identify high-level attack scenarios by reasoning about low-level alerts raised by intrusion detection systems (IDSs). The efficiency of intrusion alert correlation is critical in enabling interactive analysis of intrusion alerts as well as prompt responses to attacks. This paper presents an experimental study aimed at adapting main memory index structures (e.g., T Trees, Linear Hashing) and database query optimization techniques (e.g., nested loop join, sort join) for efficient correlation of intensive alerts. By taking advantage of the characteristics of the alert correlation process, this paper presents three techniques named hyper-alert container, two-level index, and sort correlation. This paper then reports a series of experiments designed to evaluate the effectiveness of these techniques. These experiments demonstrate that (1) hyper-alert containers improve the efficiency of order-preserving index structures (e.g., T Trees), with which an insertion operation involves search, (2) two-level index improves the efficiency of all index structures, (3) a two-level index structure combining Chained Bucket Hashing and Linear Hashing is the most efficient for streamed alerts with and without memory constraint, and (4) sort correlation with heap sort algorithm is the most efficient for alert correlation in batch.

Published
2004

134. Managing Heterogeneous Services and Devices with the Device Unifying Service

Author

Tore Jonvik, Dao Van Tran, P. Lokstad, Erik Vanem, and Do Van Thanh

Subjects
Service (business), Multimedia, Computer science, business.industry, computer.software_genre, Software portability, Mobile phone, The Internet, Web navigation, Parlay, Data as a service, Session (computer science), business, computer
Abstract

Due to the ubiquitous explosion of the Internet and the fast proliferation of heterogeneous networked devices and services, the end user are faced with a formidable task in managing it all. The Device Unifying Service presented in this paper is a novel powerful concept that allows anyone confronted with multiple devices and services to administer and manage them by themselves. With this service, different devices connected to different networks offering different types of data and communication services can be integrated and handled in a straightforward way. It allows the usage of multiple devices simultaneously and the possibility of adding, removing or changing devices in a service session. The Device Unifying Service addresses personal service management for both communication services and data services. Communication services like a normal phone call can for example easily be transferred from a fixed phone to a mobile phone or an IP phone with multimedia capabilities with the Device Unifying Service. Additionally, a data service like a WEB browsing session can be transferred from a PC to a laptop or PDA including cached information like history and bookmarks. Providing an easy way of moving services between devices, the Device Unifying Service thus fulfils the vision of service portability in an elegant way. This paper presents the concept of the Device Unifying Service, a novel service that will take care of the management, coordination and configuration of all the devices that the user has at his disposal and provide service portability and adaptation of services to devices with different characteristics. Furthermore, this paper will reveal how the first version of the Device Unifying Service has been implemented using Parlay APIs and H.323 technologies.

Published
2003

135. A Distributed Policy Approach in Support of Multimedia Session Establishment

Author

Hamid Syed Mahmood and Louis Nicolas Hamer

Subjects
Multimedia, Interface (Java), Computer science, Quality of service, media_common.quotation_subject, Reservation, computer.software_genre, Resource (project management), Session (computer science), Function (engineering), Set (psychology), Host (network), computer, media_common
Abstract

Policies may be required in various scenarios during a multimedia flow set up, for example, during session setup, policy decisions must be provided to ensure that the session being requested lie within the bounds of the service profile established for the requesting host. Similarly, when a host requests resources to provide a certain QoS for a packet flow, policies may be provided to ensure that the required resources lie within the bounds of the resource profile established for the requesting host. The policy framework at the IETF [1] is focused on the resource reservation issues and thus provided a centralized approach for the policy decision function. This paper attempts to highlight the various scenarios in a multimedia flow establishment that lead to a distributed approach for policy decision-making. The paper also discusses the required characteristics of an interface between the policy decision functions residing in different administrative domains.

Published
2003

136. Information Security: Auditing the Behaviour of the Employee

Author

Rossouw von Solms and Cheryl Vroom

Subjects
Information security audit, Process management, Certified Information Security Manager, Security service, Information security management, Information security standards, Computer science, Information security, Asset (computer security), Computer security, computer.software_genre, computer, Security information and event management
Abstract

The following paper serves to examine the evolution of auditing in the organization from traditional financial auditing through the introduction of computers into daily transactions. It discusses the need for information security in business today and the methods that can he taken to verify that the security measures are properly utilized to ensure the safety of information systems. This paper hopes to enhance the future role of the auditor by including auditing the employee and his behaviour.

Published
2003

137. The Technoludic Film:Images of Video Games in Movies (1973–2001)

Author

Matteo Bittanti

Subjects
Video production, Multimedia, business.industry, ComputingMilieux_PERSONALCOMPUTING, Full motion video, computer.software_genre, GeneralLiterature_MISCELLANEOUS, Film genre, New media, Linguistics, Movie theater, Genre studies, Video game graphics, Narrative, Sociology, business, computer, ComputingMilieux_MISCELLANEOUS
Abstract

This paper explores the dialectic between video games and film. The researcher analyzed how video games have been depicted, represented, and incorporated into feature-length, commercial movies by viewing, and analyzing 53 video gamerelated films covering the period from 1973 to 2001. These texts were examined and discussed with respect to film genre analysis, structuralism, semiotics, and new media theory. The researcher suggests that convergence between film and cinema led to the emergence of a new film genre, the technoludic film. The neologism combines two different words: technology and Indus, a Latin word for play. Technoludic film is an umbrella term for films that incorporate video games in their narrative. The paper identified and analyzed four possible modes of incorporation of video games into film: commentary, quotation, adaptation, and remediation.The research concludes that there is a merging of languages, narrative strategies, and genres as video games influence films and vice versa.

Published
2003

138. Ubiquitous Access to Personalised Services

Author

Anne Marie Hartvigsen, Do Van Thanh, and Tore Jonvik

Subjects
World Wide Web, Web technology, Xml web services, Firewall (construction), User profile, Common Object Request Broker Architecture, Computer science, computer.internet_protocol, Distributed Component Object Model, Web service, computer.software_genre, computer, XML
Abstract

Nowadays, the user expects not only to be able to access services and applications anywhere at anytime and on any terminal fixed or mobile; but also in the same way as at home. In order to provide ubiquitous access to personalised services this paper propose to implement the User Profile containing the user’s preferences, settings and personal data, as an XML web service which is accessible to the user at anytime anywhere and on any terminal. As an XML Web service, the User Profile will also be accessible from any application over operator’s borders, firewall and without the need of a specific middleware platform, e.g. CORBA, RMI, DCOM, etc. With such a User Profile, ubiquitous and customised access to applications and services will be a reality. The paper starts with a brief overview of the XML Web service concept. The User profile is described in details before the main focus, which is about realising the User Profile as an XML service. In the conclusion, further works and activities are proposed.

Published
2003

139. Development of multimedia animations — a contribution of informatics teaching to media studies

Author

Michael Weigend

Subjects
Development (topology), Multimedia, Computer science, Process (engineering), business.industry, Human–computer interaction, Informatics, Information technology, Animation, Product (category theory), computer.software_genre, business, computer
Abstract

The development of a multimedia visual model can be an informative process that requires and encourages a large number of abilities. This paper focuses on three dimensions of the modelling process, all connected with certain abilities. Firstly, an informative model is a simplified image of a real system. In this respect modellers are required to observe reality well, to recognise and describe structures. Secondly, the model can be regarded as a medium through which certain mental constructs and contents can be imparted to recipients (communicative aspect). Finally, a multimedia model (especially if it is to be attractive) is a complex, technical product whose implementation demands the use of methods of information technology, for example object-oriented modelling. Using the example of the object-oriented modelling of a waterworks with the help of Flash 5, the paper discusses under what conditions the development of animation in IT teaching can help modelling abilities.

Published
2003

140. Content Management in Mixed Reality Systems

Author

Martin Kurze

Subjects
Point (typography), Multimedia, business.industry, Computer science, computer.software_genre, Mixed reality, Software, State (computer science), User interface, Architecture, business, computer, Interactive media, Content management
Abstract

Content Management Systems form the backbone of most of today’s interactive multimedia applications. Mixed Reality Systems are probably today’s most ambitious multimedia applications. This paper discusses some consequences of these findings. A state of the art CMS architecture is described briefly, and a similar architecture is proposed for a general type of MR application. As a first result a considerable increase in complexity is observed from a software architects point of view. On the other hand, a structured way to deal with the various types of content should lead to better system quality. The paper does not present a final conclusion, but rather offers a number of key issues to consider in future MR applications utilizing content management systems.

Published
2003

141. Teaching Network Security through Live Exercises

Author

Giovanni Vigna

Subjects
Class (computer programming), Engineering, Work (electrical), Multimedia, Network security, business.industry, Dynamics (music), ComputingMilieux_COMPUTERSANDEDUCATION, business, computer.software_genre, computer
Abstract

Live exercises represent a valuable tool to teach the practical aspects of security and the dynamics of network-based attack and defense techniques. However, these exercises are very difficult to organize and execute. For this reason, there are very few courses that offer live exercise as an integral part of the class work. This paper describes a series of live exercises that have been used in a graduate-level Computer Science course on network security. For each exercise, the setup, execution, and lessons learned are discussed The intended audience of this paper is represented by instructors - especially in colleges and universities - who want to start using this type of instructional tools but have no experience and are unsure of the possible pitfalls in their implementation.

Published
2003

142. Usability and Playability Issues for Arquake

Author

Bruce H. Thomas, Wayne Piekarski, Benjamin Close, and Nicholas Krul

Subjects
Engineering, Artificial reality, Multimedia, business.industry, ComputingMilieux_PERSONALCOMPUTING, Wearable computer, Usability, Virtual reality, Computer-mediated reality, computer.software_genre, Mixed reality, Human–computer interaction, Augmented reality, Augmented virtuality, business, computer
Abstract

This paper presents a set of informal studies into the usability and playability of our ARQuake game. ARQuake is an outdoor Augmented Reality version of a first person perspective desktop application. One area of investigation was comparing playing the game along different points of Milgram’s Reality-Virtuality Continuum: Virtual Reality, Augmented Virtuality, and Augmented Reality. The paper reports on the feedback from a set of users operating ARQuake in an outdoor setting.

Published
2003

143. Enhancing collaboration through web enabled performance measurement system

Author

Sai S. Nudurupati, Umit Bititci, and Stephen Maddocks

Subjects
Commercial software, Engineering, business.industry, Statistical process control, computer.software_genre, Technology management, Action (philosophy), Systems management, Information system, Systems engineering, Performance measurement, Architecture, business, computer
Abstract

There are several frameworks and models available on performance measurement but current Management Information Systems (MIS) available in the enterprises are not sufficient to support these frameworks and models. Hence, the paper includes a review of the commercial software available to support performance measurement frameworks and models. From the results of this review, there is a requirement for a new approach called Web enabled Performance Measurement System (WePMS). The paper demonstrates the design and architecture of WePMS and implements it in two companies in action. Finally the paper discusses several scenarios in which WePMS had enhanced the enterprise collaboration with its customers and suppliers.

Published
2003

144. Teacher in the Mobile World

Author

Harri Ketamo, Jari Multisilta, and Harri Keiho

Subjects
Engineering, Java, Multimedia, business.industry, computer.internet_protocol, Emerging technologies, computer.software_genre, Mobile phone, Wireless, Wireless Application Protocol, Multimedia Messaging Service, Mobile technology, business, computer, Mobile device, computer.programming_language
Abstract

In this paper, we discuss wireless technologies and their role in educationalapplications and in teachers’ everyday work. Today we already have powerful handheld devices that have wireless internet connection. History has shown that new technologies are often applied to merely do the same tasks as previous technologies. Handheld devices could provide teachers with new opportunities, but not by simply transforming current W W W content to handheld devices. What would be the best way to apply these technologies? In this paper we present the results from the study of Finnish youth as users of mobile phones. Based on this study we can say that Finnish youth are ready to adopt new mobile technologies for everyday use. In addition we discuss three current mainstream technologies, namely Wireless Application Protocol (WAP), Java MIDIet and PocketPC as examples of new mobile technologies and implementation platforms. In particular we try to focus on how teachers could apply these technologies in their teaching.

Published
2003

145. Role Delegation for a Resource-Based Security Model

Author

H. Ellis, J. Ellis, M. Liebrand, T. C. T. Ting, C. Phillips, and S. Demurjian

Subjects
Security analysis, Cloud computing security, Delegate, Delegation, media_common.quotation_subject, Computer security model, Computer security, computer.software_genre, Software security assurance, Server, Network security policy, Business, computer, media_common
Abstract

Corporations and government agencies rely on inter-operating legacy, COTs, databases, clients, servers, etc., with security addressed from different dimensions. One dimension is delegation, where an authorized individual may delegate all or part of his/her authority to another individual, increasing security risk. This paper explores the inclusion of role delegation into a unified security model/enforcement framework that controls access to software APIs to limit, by role, which users can access which parts of APIs, constrained by time, classification (MAC), and data values. This paper examines role delegation, its incorporation into the security model, and, its impact on security assurance.

Published
2003

146. Prioritized Buffer Management in Photonic Packet Switches for Diffserv Assured Forwarding

Author

Hiroaki Harai and Masayuki Murata

Subjects
Computer science, business.industry, Network packet, Packet forwarding, Computer security, computer.software_genre, Buffer (optical fiber), Packet switching, Differentiated services, Packet loss, Optical buffer, business, Queue, computer, Computer network
Abstract

We study photonic packet switching archi tecture that enables a high node throughput and provides priority services in DiffServ (Differentiated Services). As we will show in this paper, a photonic packet switch can be equipped with an ultra-high-speed address-lookup capability in the optical domain. However, the optical buffer must be managed in the electrical domain. In this paper, we investigate buffer management schemes with less complexity, such that the capability of the ultra-high-speed packet forwarding can be sustained in the photonic switch. We propose an implementation method for PBS (Partial Buffer Sharing) that provides DiffServ AF (Assured Forwarding). We show that PBS is applicable to single-stage optical buffer. Also, we propose a new buffer management method, called PBSO (PBS with Overwriting), which is applicable to broadcast-andselect-based single-stage optical buffer. PBSO is also applicable to the current space-switch-based single-stage optical buffer with an addition of a few optical components. The PBS and PBSO methods are based on a single queue and their complexities are O(1) and O(p), respectively, where pis the number of levels of drop precedence. Through simulation study, we show that both methods provide different levels of drop precedence for DiffServ AF, and that PBSO improves buffer utilization and the packet loss probability of both drop-level packets.

Published
2003

147. A policy-based approach to firewall management

Author

Filipe Caldeira and Edmundo Monteiro

Subjects
Structure of Management Information, Network security, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Computer security, computer.software_genre, Network management application, Firewall (construction), Information model, Architecture, business, Communications protocol, Software engineering, computer, Network management station
Abstract

This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of IETF is analysed, together with the communication protocols, policy specification languages, and the necessary information models. The paper continues with a description of an application of the PBN architecture to firewall management. The proposed architecture is presented and its implementation issues are analysed with some usage examples. The paper concludes with the evaluation of the policy-based approach to firewall management.

Published
2003

148. On Security and Privacy Risks in Association Mining Algorithms

Author

Vijay V. Raghavan, Tom Johnsten, and Kevin Hill

Subjects
Engineering, Association mining, business.industry, Process (engineering), Control (management), Knowledge hiding, Data mining, computer.software_genre, business, Risk assessment, computer, Algorithm
Abstract

Association mining algorithms can be used to discover sensitive knowledge from non-protected data that are voluntarily released for mining purposes. In this paper, we present a risk assessment procedure designed to control the security and privacy threats presented by association mining algorithms. The assessment procedure is based upon a new data analysis process that we introduce called Knowledge Hiding in Databases (KHD). The specific contributions of this paper include a description of the KHD process, and the development and implementation of a risk assessment procedure for association mining algorithms.

Published
2003

149. Security Education for Times of Netwar and Peace

Author

Jaroslav Dockal

Subjects
Czech, Engineering, Netwar, business.industry, Lifelong learning, Subject (philosophy), Public relations, Computer security, computer.software_genre, language.human_language, language, Spite, Security management, The Internet, business, computer, Hacker
Abstract

Security education has a lot of things in common all over world but there are some differences that distinguish richer countries from poorer ones and military education from civilian contexts. Although the Internet partially removes some of the handicap of restrictions on international personal contact, it does not fully eliminate it. In spite of this, certain aspects of security education in a small country would be interesting for participants of such an important conference as WISE 3/WECS. That is why this paper describes system of security education in the Czech Republic and discusses specific procedures used at Brno Military Academy for training in operative decision-making. The paper supplement comprises two examples of solutions to critical situations by means of Aprisma's SPECTRUM Security Manager (SSM).

Published
2003

150. Multiple moderator meta-analysis using the R-package Meta-CART

Author

Elise Dusseldorp, Jacqueline J. Meulman, Xinru Li, and Xiaogang Su

Subjects
Cart, Computer science, Experimental and Cognitive Psychology, Machine learning, computer.software_genre, 01 natural sciences, Article, 010104 statistics & probability, 03 medical and health sciences, Arts and Humanities (miscellaneous), Developmental and Educational Psychology, CART, Humans, Computer software, 0101 mathematics, Categorical variable, General Psychology, 030505 public health, business.industry, Fixed effect, Interaction between moderators, Fixed effects model, Random effects model, Moderation, Random effects, Meta-analysis, Treatment Outcome, Research Design, Psychology (miscellaneous), Artificial intelligence, Heterogeneity, 0305 other medical science, business, Look-ahead, computer, Decision tree model
Abstract

In meta-analysis, heterogeneity often exists between studies. Knowledge about study features (i.e., moderators) that can explain the heterogeneity in effect sizes can be useful for researchers to assess the effectiveness of existing interventions and design new potentially effective interventions. When there are multiple moderators, they may amplify or attenuate each other’s effect on treatment effectiveness. However, in most meta-analysis studies, interaction effects are neglected due to the lack of appropriate methods. The method meta-CART was recently proposed to identify interactions between multiple moderators. The analysis result is a tree model in which the studies are partitioned into more homogeneous subgroups by combinations of moderators. This paper describes the R-package metacart, which provides user-friendly functions to conduct meta-CART analyses in R. This package can fit both fixed- and random-effects meta-CART, and can handle dichotomous, categorical, ordinal and continuous moderators. In addition, a new look ahead procedure is presented. The application of the package is illustrated step-by-step using diverse examples. Electronic supplementary material The online version of this article (10.3758/s13428-020-01360-0) contains supplementary material, which is available to authorized users.

Published
2020