928 resultados para malicious users
Resumo:
Traditional information retrieval (IR) systems respond to user queries with ranked lists of relevant documents. The separation of content and structure in XML documents allows individual XML elements to be selected in isolation. Thus, users expect XML-IR systems to return highly relevant results that are more precise than entire documents. In this paper we describe the implementation of a search engine for XML document collections. The system is keyword based and is built upon an XML inverted file system. We describe the approach that was adopted to meet the requirements of Content Only (CO) and Vague Content and Structure (VCAS) queries in INEX 2004.
Resumo:
Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.
Resumo:
This paper presents an efficient low-complexity clipping noise compensation scheme for PAR reduced orthogonal frequency division multiple access (OFDMA) systems. Conventional clipping noise compensation schemes proposed for OFDM systems are decision directed schemes which use demodulated data symbols. Thus these schemes fail to deliver expected performance in OFDMA systems where multiple users share a single OFDM symbol and a specific user may only know his/her own modulation scheme. The proposed clipping noise estimation and compensation scheme does not require the knowledge of the demodulated symbols of the other users, making it very promising for OFDMA systems. It uses the equalized output and the reserved tones to reconstruct the signal by compensating the clipping noise. Simulation results show that the proposed scheme can significantly improve the system performance.
Resumo:
The design of a building is a complicated process, having to formulate diverse components through unique tasks involving different personalities and organisations in order to satisfy multi-faceted client requirements. To do this successfully, the project team must encapsulate an integrated design that accommodates various social, economic and legislative factors. Therefore, in this era of increasing global competition integrated design has been increasingly recognised as a solution to deliver value to clients.----- The ‘From 3D to nD modelling’ project at the University of Salford aims to support integrated design; to enable and equip the design and construction industry with a tool that allows users to create, share, contemplate and apply knowledge from multiple perspectives of user requirements (accessibility, maintainability, sustainability, acoustics, crime, energy simulation, scheduling, costing etc.). Thus taking the concept of 3-dimensional computer modelling of the built environment to an almost infinite number of dimensions, to cope with whole-life construction and asset management issues in the design of modern buildings. This paper reports on the development of a vision for how integrated environments that will allow nD-enabled construction and asset management to be undertaken. The project is funded by a four-year platform grant from the Engineering and Physical Sciences Research Council (EPSRC) in the UK; thus awarded to a multi-disciplinary research team, to enable flexibility in the research strategy and to produce leading innovation. This paper reports on the development of a business process and IT vision for how integrated environments will allow nD-enabled construction and asset management to be undertaken. It further develops many of the key issues of a future vision arising from previous CIB W78 conferences.
Resumo:
This chapter explores the development of concepts of interactive environments by comparing two major projects that frame the period of this book. The Fun Palace of 1960 and the Generator of 1980 both proposed interactive environments responsive to the needs and behaviour of their users, but the contrast in terms of the available technology and what it enabled could not be more marked. The Fun Palace broke new architectural, organizational and social ground and was arguably the first proposition for cybernetic architecture; the Generator demonstrated how it could be achieved. Both projects are now acknowledged as seminal architectural propositions of the twentieth century, and both were designed by Cedric Price.
Resumo:
The majority of the world’s citizens now live in cities. Although urban planning can thus be thought of as a field with significant ramifications on the human condition, many practitioners feel that it has reached the crossroads in thought leadership between traditional practice and a new, more participatory and open approach. Conventional ways to engage people in participatory planning exercises are limited in reach and scope. At the same time, socio-cultural trends and technology innovation offer opportunities to re-think the status quo in urban planning. Neogeography introduces tools and services that allow non-geographers to use advanced geographical information systems. Similarly, is there potential for the emergence of a neo-planning paradigm in which urban planning is carried out through active civic engagement aided by Web 2.0 and new media technologies thus redefining the role of practicing planners? This paper traces a number of evolving links between urban planning, neogeography and information and communication technology. Two significant trends – participation and visualisation – with direct implications for urban planning are discussed. Combining advanced participation and visualisation features, the popular virtual reality environment Second Life is then introduced as a test bed to explore a planning workshop and an integrated software event framework to assist narrative generation. We discuss an approach to harness and analyse narratives using virtual reality logging to make transparent how users understand and interpret proposed urban designs.
Resumo:
This paper demonstrates that in order to design successful ubiquitous computing, designers must consider concurrently both the end user interactions in the context of use and the sustainability of the technology and its underlying infrastructure. We describe methods used to create more useful collaboration and communication between users, designers and engineers in designing ubiquitous computing systems. We tested these methods in a real domain in an attempt to create a system that is affordable, minimally disrupts the end-user's workplace and improves human-computer interaction.
Resumo:
Purpose – This paper compares the experiential consumption values that motivate consumer choice to purchase online for both male and female purchasers and non-purchasers. Design/methodology/approach – Using the theory of consumption value the study examines gendered perceptions of the functional, social and conditional value of using a virtual consumption setting for purchasing. Data was collected through an online survey and analysed using multiple discriminant analysis to determine meaningful differences between male and female purchasers and non-purchasers. Findings – The findings show that male online purchasers are discriminated from female purchasers by social value and from male non-purchasers by conditional value. Female purchasers are discriminated from male purchasers by functional value and from female non-purchasers by social value. Female non-purchasers are discriminated from female purchasers by conditional value. Male non-purchasers are discriminated from male purchasers by functional and social value. Research limitations/implications – Limitations include using an Internet survey and an Australian sample which may impact the generalisability of the findings to a wider population of Internet users. Future research should involve replication of the study in a country more or less developed in terms of gender composition of internet users to extend the generalisability of the findings. Additionally, researchers should examine whether other dimensions of consumption value,such as social influence through on- and off-line communication networks, may influence consumer choice to purchase online. Practical implications – The study provides practical implications for marketers to leverage consumption values that influence male and female consumers’ choice to purchase online and then drive their behaviour online through integrated marketing campaigns that involve both on- and offline strategies. Originality/value – The research makes an original contribution to the consumer behaviour literature as to date, no research has been found that undertakes such a comprehensive gender-based comparison of the perceived value of using a virtual consumption setting for purchasing.
Resumo:
New mobile digital communication technologies present opportunities for advertisers to capitalize on the evolving relationships of consumers with their mobile devices and their desire to access enhanced information services while mobile (m-services). Consumers already use mobile devices (cell phones, personal mobile digital assistants) for traditional phone calls and message handling (e.g., Kalakota and Robinson, 2002; Sullivan Mort and Drennan, 2002). The combination of rapidly developing mobile digital technology and high uptake rates of mobile devices presents enormous potential for delivery of m-services through these devices (Bitner, Brown, and Meuter, 2000). M-services encompass a wide variety of types including the ability to trade stock, to book theater and movie tickets while accessing seating plans online, to send and receive text and pictures, and receive personalized direct advertising such as alerts for shopping bargains. Marketing communications, and specifically advertising, may be delivered as an m-service and termed m-services advertising, forming part of the broader category of m-services. However, advertising research has not yet addressed the area of m-services and needs to do so to be able to take advantage of the advanced interactivity (Yadav and Varadarajan, 2005) of mobile communication devices. Such advertising research is likely to help develop open attitudes and responses to new business models as has been advocated for other new technology such as advanced television (Tauder, 2005). In this article, we model the factors influencing the use of m-services, in the context of consumers' existing relationships with mobile devices. First, we address the value propositions underpinning consumer involvement with mobile devices. Next, we canvass the types of involvement relevant to this consumption domain and argue that involvement, together with personal attributes innovativeness and self-efficacy, will influence use of m-services. Finally, implications for advertising delivered as an m-service are discussed, the potential for m-services advertising as part of m-commerce are canvassed, and directions for future research identified.
Resumo:
Online technological advances are pioneering the wider distribution of geospatial information for general mapping purposes. The use of popular web-based applications, such as Google Maps, is ensuring that mapping based applications are becoming commonplace amongst Internet users which has facilitated the rapid growth of geo-mashups. These user generated creations enable Internet users to aggregate and publish information over specific geographical points. This article identifies privacy invasive geo-mashups that involve the unauthorized use of personal information, the inadvertent disclosure of personal information and invasion of privacy issues. Building on Zittrain’s Privacy 2.0, the author contends that first generation information privacy laws, founded on the notions of fair information practices or information privacy principles, may have a limited impact regarding the resolution of privacy problems arising from privacy invasive geo-mashups. Principally because geo-mashups have different patterns of personal information provision, collection, storage and use that reflect fundamental changes in the Web 2.0 environment. The author concludes by recommending embedded technical and social solutions to minimize the risks arising from privacy invasive geo-mashups that could lead to the establishment of guidelines for the general protection of privacy in geo-mashups.
Resumo:
This study investigates variation in IT professionals' experience of ethics with a view to enhancing their formation and support. This is explored through an examination of the experience of IT, IT professional ethics and IT professional ethics education. The study's principal contribution is the empirical study and description of IT professionals' experience of ethics. The empirical phase is preceded by a review of conceptions of IT and followed by an application of the findings to IT education. The study's empirical findings are based on 30 semi-structured interviews with IT professionals who represent a wide demographic, experience and IT sub-discipline range. Their experience of ethics is depicted as five citizenships: Citizenship of my world, Citizenship of the corporate world, Citizenship of a shared world, Citizenship of the client's world and Citizenship of the wider world. These signify an expanding awareness, which progressively accords rights to others and defines responsibility in terms of others. The empirical findings inform a Model of Ethical IT. This maps an IT professional space increasingly oriented towards others. Such a model provides a conceptual tool, available to prompt discussion and reflection, and which may be employed in pursuing formation aimed at experiential change. Its usefulness for the education of IT professionals with respect to ethics is explored. The research approach employed in this study is phenomenography. This method seeks to elicit and represent variation of experience. It understands experience as a relationship between a subject (IT professionals) and an object (ethics), and describes this relationship in terms of its foci and boundaries. The study's findings culminate in three observations, that change is indicated in the formation and support of IT professionals in: 1. IT professionals' experience of their discipline, moving towards a focus on information users; 2. IT professionals' experience of professional ethics, moving towards the adoption of other-centred attitudes; and 3. IT professionals' experience of professional development, moving towards an emphasis on a change in lived experience. Based on these results, employers, educators and professional bodies may want to evaluate how they approach professional formation and support, if they aim to promote a comprehensive awareness of ethics in IT professionals.
Resumo:
We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.
Resumo:
Many governments world wide are attempting to increase accountability, transparency, and the quality of services by adopting information and communications technologies (ICTs) to modernize and change the way their administrations work. Meanwhile e-government is becoming a significant decision-making and service tool at local, regional and national government levels. The vast majority of users of these government online services see significant benefits from being able to access services online. The rapid pace of technological development has created increasingly more powerful ICTs that are capable of radically transforming public institutions and private organizations alike. These technologies have proven to be extraordinarily useful instruments in enabling governments to enhance the quality, speed of delivery and reliability of services to citizens and to business (VanderMeer & VanWinden, 2003). However, just because the technology is available does not mean it is accessible to all. The term digital divide has been used since the 1990s to describe patterns of unequal access to ICTs—primarily computers and the Internet—based on income, ethnicity, geography, age, and other factors. Over time it has evolved to more broadly define disparities in technology usage, resulting from a lack of access, skills, or interest in using technology. This article provides an overview of recent literature on e-government and the digital divide, and includes a discussion on the potential of e-government in addressing the digital divide.
Resumo:
Health Information Systems (HIS) make extensive use of Information and Communication Technologies (ICT). The use of ICT aids in improving the quality and efficiency of healthcare services by making healthcare information available at the point of care (Goldstein, Groen, Ponkshe, and Wine, 2007). The increasing availability of healthcare data presents security and privacy issues which have not yet been fully addressed (Liu, Caelli, May, and Croll, 2008a). Healthcare organisations have to comply with the security and privacy requirements stated in laws, regulations and ethical standards, while managing healthcare information. Protecting the security and privacy of healthcare information is a very complex task (Liu, May, Caelli and Croll, 2008b). In order to simplify the complexity of providing security and privacy in HIS, appropriate information security services and mechanisms have to be implemented. Solutions at the application layer have already been implemented in HIS such as those existing in healthcare web services (Weaver et al., 2003). In addition, Discretionary Access Control (DAC) is the most commonly implemented access control model to restrict access to resources at the OS layer (Liu, Caelli, May, Croll and Henricksen, 2007a). Nevertheless, the combination of application security mechanisms and DAC at the OS layer has been stated to be insufficient in satisfying security requirements in computer systems (Loscocco et al., 1998). This thesis investigates the feasibility of implementing Security Enhanced Linux (SELinux) to enforce a Role-Based Access Control (RBAC) policy to help protect resources at the Operating System (OS) layer. SELinux provides Mandatory Access Control (MAC) mechanisms at the OS layer. These mechanisms can contain the damage from compromised applications and restrict access to resources according to the security policy implemented. The main contribution of this research is to provide a modern framework to implement and manage SELinux in HIS. The proposed framework introduces SELinux Profiles to restrict access permissions over the system resources to authorised users. The feasibility of using SELinux profiles in HIS was demonstrated through the creation of a prototype, which was submitted to various attack scenarios. The prototype was also subjected to testing during emergency scenarios, where changes to the security policies had to be made on the spot. Attack scenarios were based on vulnerabilities common at the application layer. SELinux demonstrated that it could effectively contain attacks at the application layer and provide adequate flexibility during emergency situations. However, even with the use of current tools, the development of SELinux policies can be very complex. Further research has to be made in order to simplify the management of SELinux policies and access permissions. In addition, SELinux related technologies, such as the Policy Management Server by Tresys Technologies, need to be researched in order to provide solutions at different layers of protection.
Resumo:
As an understanding of users' tacit knowledge and latent needs embedded in user experience has played a critical role in product development, users’ direct involvement in design has become a necessary part of the design process. Various ways of accessing users' tacit knowledge and latent needs have been explored in the field of user-centred design, participatory design, and design for experiencing. User-designer collaboration has been used unconsciously by traditional designers to facilitate the transfer of users' tacit knowledge and to elicit new knowledge. However, what makes user-designer collaboration an effective strategy has rarely been reported on or explored. Therefore, interaction patterns between the users and the designers in three industry-supported user involvement cases were studied. In order to develop a coding system, collaboration was defined as a set of coordinated and joint problem solving activities, measured by the elicitation of new knowledge from collaboration. The analysis of interaction patterns in the user involvement cases revealed that allowing users to challenge or modify their contextual experiences facilitates the transfer of knowledge and new knowledge generation. It was concluded that users can be more effectively integrated into the product development process by employing collaboration strategies to intensify the depth of user involvement.
