267 resultados para software component
Resumo:
Security-critical communications devices must be evaluated to the highest possible standards before they can be deployed. This process includes tracing potential information flow through the device's electronic circuitry, for each of the device's operating modes. Increasingly, however, security functionality is being entrusted to embedded software running on microprocessors within such devices, so new strategies are needed for integrating information flow analyses of embedded program code with hardware analyses. Here we show how standard compiler principles can augment high-integrity security evaluations to allow seamless tracing of information flow through both the hardware and software of embedded systems. This is done by unifying input/output statements in embedded program execution paths with the hardware pins they access, and by associating significant software states with corresponding operating modes of the surrounding electronic circuitry.
Resumo:
Electronic Health Record (EHR) systems are being introduced to overcome the limitations associated with paper-based and isolated Electronic Medical Record (EMR) systems. This is accomplished by aggregating medical data and consolidating them in one digital repository. Though an EHR system provides obvious functional benefits, there is a growing concern about the privacy and reliability (trustworthiness) of Electronic Health Records. Security requirements such as confidentiality, integrity, and availability can be satisfied by traditional hard security mechanisms. However, measuring data trustworthiness from the perspective of data entry is an issue that cannot be solved with traditional mechanisms, especially since degrees of trust change over time. In this paper, we introduce a Time-variant Medical Data Trustworthiness (TMDT) assessment model to evaluate the trustworthiness of medical data by evaluating the trustworthiness of its sources, namely the healthcare organisation where the data was created and the medical practitioner who diagnosed the patient and authorised entry of this data into the patient’s medical record, with respect to a certain period of time. The result can then be used by the EHR system to manipulate health record metadata to alert medical practitioners relying on the information to possible reliability problems.
Resumo:
For many organizations, maintaining and upgrading enterprise resource planning (ERP) systems (large packaged application software) is often far more costly than the initial implementation. Systematic planning and knowledge of the fundamental maintenance processes and maintenance-related management data are required in order to effectively and efficiently administer maintenance activities. This paper reports a revelatory case study of Government Services Provider (GSP), a high-performing ERP service provider to government agencies in Australia. GSP ERP maintenance-process and maintenance-data standards are compared with the IEEE/EIA 12207 software engineering standard for custom software, also drawing upon published research, to identify how practices in the ERP context diverge from the IEEE standard. While the results show that many best practices reflected in the IEEE standard have broad relevance to software generally, divergent practices in the ERP context necessitate a shift in management focus, additional responsibilities, and different maintenance decision criteria. Study findings may provide useful guidance to practitioners, as well as input to the IEEE and other related standards.
Resumo:
Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.
Resumo:
Current regulatory requirements on data privacy make it increasingly important for enterprises to be able to verify and audit their compliance with their privacy policies. Traditionally, a privacy policy is written in a natural language. Such policies inherit the potential ambiguity, inconsistency and mis-interpretation of natural text. Hence, formal languages are emerging to allow a precise specification of enforceable privacy policies that can be verified. The EP3P language is one such formal language. An EP3P privacy policy of an enterprise consists of many rules. Given the semantics of the language, there may exist some rules in the ruleset which can never be used, these rules are referred to as redundant rules. Redundancies adversely affect privacy policies in several ways. Firstly, redundant rules reduce the efficiency of operations on privacy policies. Secondly, they may misdirect the policy auditor when determining the outcome of a policy. Therefore, in order to address these deficiencies it is important to identify and resolve redundancies. This thesis introduces the concept of minimal privacy policy - a policy that is free of redundancy. The essential component for maintaining the minimality of privacy policies is to determine the effects of the rules on each other. Hence, redundancy detection and resolution frameworks are proposed. Pair-wise redundancy detection is the central concept in these frameworks and it suggests a pair-wise comparison of the rules in order to detect redundancies. In addition, the thesis introduces a policy management tool that assists policy auditors in performing several operations on an EP3P privacy policy while maintaining its minimality. Formal results comparing alternative notions of redundancy, and how this would affect the tool, are also presented.
Resumo:
Agent-oriented conceptual modelling (AoCM) approaches in Requirements Engineering (RE) have received considerable attention recently. Semi-formal modeling frameworks such as i* assist analysts in requirements elicitation and reasoning of early-phase RE. AgentSpeak(L) is a widely accepted agent programming language. The Strategic Rationale (SR) model of the i* framework naturally lends itself to AgentSpeak(L) programs. Furthermore, the Strategic Dependency (SD) component of the i* framework prescribes the interaction between the agents in a multi-agent environment. This paper proposes a formal methodology for transforming a SR model to an AgentS- peak(L) agent. The constructed AgentSpeak(L) agents will then form the essential components of a multi-agent system, MAS.
Resumo:
In Web service based systems, new value-added Web services can be constructed by integrating existing Web services. A Web service may have many implementations, which are functionally identical, but have different Quality of Service (QoS) attributes, such as response time, price, reputation, reliability, availability and so on. Thus, a significant research problem in Web service composition is how to select an implementation for each of the component Web services so that the overall QoS of the composite Web service is optimal. This is so called QoS-aware Web service composition problem. In some composite Web services there are some dependencies and conflicts between the Web service implementations. However, existing approaches cannot handle the constraints. This paper tackles the QoS-aware Web service composition problem with inter service dependencies and conflicts using a penalty-based genetic algorithm (GA). Experimental results demonstrate the effectiveness and the scalability of the penalty-based GA.
Resumo:
With the widespread applications of electronic learning (e-Learning) technologies to education at all levels, increasing number of online educational resources and messages are generated from the corresponding e-Learning environments. Nevertheless, it is quite difficult, if not totally impossible, for instructors to read through and analyze the online messages to predict the progress of their students on the fly. The main contribution of this paper is the illustration of a novel concept map generation mechanism which is underpinned by a fuzzy domain ontology extraction algorithm. The proposed mechanism can automatically construct concept maps based on the messages posted to online discussion forums. By browsing the concept maps, instructors can quickly identify the progress of their students and adjust the pedagogical sequence on the fly. Our initial experimental results reveal that the accuracy and the quality of the automatically generated concept maps are promising. Our research work opens the door to the development and application of intelligent software tools to enhance e-Learning.
Resumo:
In the field of music technology there is a distinct focus on networking between spatially disparate locales to improve teaching and learning through real-time communication. This article proposes a new delivery model for learner support based on a review of technical and learning services, pilot research using remote desktops to teach music-sequencing software, and recent education research regarding professional development. A 24/7 delivery model using remote desktops, mobile devices and shared calendars offers a flexible real-time addition to the learner support services already on offer. Treating every user of the service as a potential expert, the model aims to deliver universal support situated in a personalized context, which will serve the technical and education requirements of teachers and learners.
Resumo:
Growing participation is a key challenge for the viability of sustainability initiatives, many of which require enactment at a local community level in order to be effective. This paper undertakes a review of technology assisted carpooling in order to understand the challenge of designing participation and consider how mobile social software and interface design can be brought to bear. It was found that while persuasive technology and social networking approaches have roles to play, critical factors in the design of carpooling are convenience, ease of use and fit with contingent circumstances, all of which require a use-centred approach to designing a technological system and building participation. Moreover, the reach of technology platform-based global approaches may be limited if they do not cater to local needs. An approach that focuses on iteratively designing technology to support and grow mobile social ridesharing networks in particular locales is proposed. The paper contributes an understanding of HCI approaches in the context of other designing participation approaches.
Resumo:
Invited one hour presentation at Microsoft Tech Ed 2009 about getting students interested in games programming at QUT.
Resumo:
The traditional means for isolating applications from each other is via the use of operating system provided “process” abstraction facilities. However, as applications now consist of multiple fine-grained components, the traditional process abstraction model is proving to be insufficient in ensuring this isolation. Statistics indicate that a high percentage of software failure occurs due to propagation of component failures. These observations are further bolstered by the attempts by modern Internet browser application developers, for example, to adopt multi-process architectures in order to increase robustness. Therefore, a fresh look at the available options for isolating program components is necessary and this paper provides an overview of previous and current research on the area.
Resumo:
PERWAPI is a component for reading and writing .NET PE-files. The name is a compound acronym for Program Executable – Reader/Writer – Application Programming Interface. The code was written by one of us (Diane Corney) with some contributions from some of the early users of the tool. PERWAPI is a managed component, written entirely in safe C#. The design of the writer part of the component is loosely based on Diane Corney’s previous PEAPI component. It is open source software, and is released under a “FreeBSD-like” license. The source may be downloaded from “http://plas.fit.qut.edu.au/perwapi/” As of the date of this document the code has facilities for reading and writing PEfiles compatible with the latest (beta-2) release of the ”Whidbey” version of .NET, that is, the Visual Studio 2005 framework. An invocation option allows earlier versions of the framework to be targeted.
Resumo:
Opiine wasps (Hymenoptera: Braconidae: Opiinae) are parasitoids of dacine fruit flies (Diptera: Tephritidae: Dacinae), the primary horticultural pests of Australia and the South Pacific. Effective use of opiines for biological control of fruit flies is limited by poor taxonomy and identification difficulties. To overcome these problems, this thesis had two aims: (i) to carry out traditional taxonomic research on the fruit fly infesting opine braconids of Australia and the South Pacific; and (ii) to transfer the results of the taxonomic research into user friendly diagnostic tools. Curated wasp material was borrowed from all major Australian museum collections holding specimens. This was supplemented by a large body of material gathered as part of a major fruit fly project in Papua New Guinea: nearly 4000 specimens were examined and identified. Each wasp species was illustrated using traditional scientific drawings, full colour photomicroscopy and scanning electron microscopy. An electronic identification key was developed using Lucid software and diagnostic images were loaded on the web-based Pest and Diseases Image Library (PaDIL). A taxonomic synopsis and distribution and host records for each of the 15 species of dacine-parasitising opiine braconids found in the South Pacific is presented. Biosteres illusorius Fischer (1971) was formally transferred to the genus Fopius and a new species, Fopius ferrari Carmichael and Wharton (2005), was described. Other species dealt with were Diachasmimorpha hageni (Fullaway, 1952), D. kraussii (Fullaway, 1951), D. longicaudata (Ashmead, 1905), D. tryoni (Cameron, 1911), Fopius arisanus (Sonan, 1932), F. deeralensis (Fullaway, 1950), F. schlingeri Wharton (1999), Opius froggatti Fullaway (195), Psyttalia fijiensis (Fullaway, 1936), P. muesebecki (Fischer, 1963), P. novaguineensis (Szépliget, 1900i) and Utetes perkinsi (Fullaway, 1950). This taxonomic component of the thesis has been formally published in the scientific literature. An interactive diagnostics package (“OpiineID”) was developed, the centre of which is a Lucid based multi-access key. Because the diagnostics package is computer based, without the space limitations of the journal publication, there is no pictorial limit in OpiineID and so it is comprehensively illustrated with SEM photographs, full colour photographs, line drawings and fully rendered illustrations. The identification key is only one small component of OpiineID and the key is supported by fact sheets with morphological descriptions, host associations, geographical information and images. Each species contained within the OpiineID package has also been uploaded onto the PaDIL website (www.padil.gov.au). Because the identification of fruit fly parasitoids is largely of concern to fruit fly workers, rather than braconid specialists, this thesis deals directly with an area of growing importance to many areas of pure and applied biology; the nexus between taxonomy and diagnostics. The Discussion chapter focuses on this area, particularly the opportunities offered by new communication and information tools as new ways delivering the outputs of taxonomic science.
