Explaining Variations in Client Extra Costs between Software Projects Offshored to India

Gaining economic benefits from substantially lower labor costs has been reported as a major reason for offshoring labor-intensive information systems services to low-wage countries. However, if wage differences are so high, why is there such a high level of variation in the economic success between offshored IS projects? This study argues that offshore outsourcing involves a number of extra costs for the ^his paper was recommended for acceptance by Associate Guest Editor Erran Carmel. client organization that account for the economic failure of offshore projects. The objective is to disaggregate these extra costs into their constituent parts and to explain why they differ between offshored software projects. The focus is on software development and maintenance projects that are offshored to Indian vendors. A theoretical framework is developed a priori based on transaction cost economics (TCE) and the knowledge-based view of the firm, comple mented by factors that acknowledge the specific offshore context The framework is empirically explored using a multiple case study design including six offshored software projects in a large German financial service institution. The results of our analysis indicate that the client incurs post contractual extra costs for four types of activities: (1) re quirements specification and design, (2) knowledge transfer, (3) control, and (4) coordination. In projects that require a high level of client-specific knowledge about idiosyncratic business processes and software systems, these extra costs were found to be substantially higher than in projects where more general knowledge was needed. Notably, these costs most often arose independently from the threat of oppor tunistic behavior, challenging the predominant TCE logic of market failure. Rather, the client extra costs were parti cularly high in client-specific projects because the effort for managing the consequences of the knowledge asymmetries between client and vendor was particularly high in these projects. Prior experiences of the vendor with related client projects were found to reduce the level of extra costs but could not fully offset the increase in extra costs in highly client-specific projects. Moreover, cultural and geographic distance between client and vendor as well as personnel turnover were found to increase client extra costs. Slight evidence was found, however, that the cost-increasing impact of these factors was also leveraged in projects with a high level of required client-specific knowledge (moderator effect).

Evaluation of therapist and client language in Motivational Interviewing (MI) sessions: A secondary analysis of data from the Southern Methodist Alcohol Research Trial (SMART) study

In the United States, “binge” drinking among college students is an emerging public health concern due to the significant physical and psychological effects on young adults. The focus is on identifying interventions that can help decrease high-risk drinking behavior among this group of drinkers. One such intervention is Motivational interviewing (MI), a client-centered therapy that aims at resolving client ambivalence by developing discrepancy and engaging the client in change talk. Of late, there is a growing interest in determining the active ingredients that influence the alliance between the therapist and the client. This study is a secondary analysis of the data obtained from the Southern Methodist Alcohol Research Trial (SMART) project, a dismantling trial of MI and feedback among heavy drinking college students. The present project examines the relationship between therapist and client language in MI sessions on a sample of “binge” drinking college students. Of the 126 SMART tapes, 30 tapes (‘MI with feedback’ group = 15, ‘MI only’ group = 15) were randomly selected for this study. MISC 2.1, a mutually exclusive and exhaustive coding system, was used to code the audio/videotaped MI sessions. Therapist and client language were analyzed for communication characteristics. Overall, therapists adopted a MI consistent style and clients were found to engage in change talk. Counselor acceptance, empathy, spirit, and complex reflections were all significantly related to client change talk (p-values ranged from 0.001 to 0.047). Additionally, therapist ‘advice without permission’ and MI Inconsistent therapist behaviors were strongly correlated with client sustain talk (p-values ranged from 0.006 to 0.048). Simple linear regression models showed a significant correlation between MI consistent (MICO) therapist language (independent variable) and change talk (dependent variable) and MI inconsistent (MIIN) therapist language (independent variable) and sustain talk (dependent variable). The study has several limitations such as small sample size, self-selection bias, poor inter-rater reliability for the global scales and the lack of a temporal measure of therapist and client language. Future studies might consider a larger sample size to obtain more statistical power. In addition the correlation between therapist language, client language and drinking outcome needs to be explored.^

Client Home or Agency Office? How Do We Decide Where to See Our Clients?

Decisions about location of services sometimes appear to be made more on the basis of agency preference than assessment of need. Today the profession has enough experience with service locations that it is possible to develop more clear guidelines for the decision about where work with clients should take place, in the client’s home or nearby community or in the practitioner’s office. This study was conducted with two purposes; 1) to identify at a higher level of evidence the various reasons for seeing clients in their own homes and nearby community setting; and 2) to demonstrate how readily available information can be used to gradually increase the level of evidence by which practice decisions are made.

Client-Provider Communication in Postabortion Care

Muchos trabajadores de la salud que tratan a las mujeres que sufren complicaciones de aborto inducido o espontáneo están dispuestos a admitir que estas mujeres necesitan asesoría, pero a menudo ven la consejería como una función no médica que requiere una formación específica, un tiempo especialmente designado, aparte de la prestación de servicios postaborto y otras instalaciones separadas y privadas. De este modo, los proveedores de servicios de atención postaborto a menudo creen que el asesoramiento no es una de sus responsabilidades de trabajo y que carecen de la formación y las instalaciones para hacerlo

Thin Client Technology in the Academic Environment

From research groups at the universities of developed countries there is a growing interest in providing solutions to problems of developing countries. In this context we have studied typical problems in many (educational) institutions, such as the lack of technicians who repair the computers, the administration of the machines, and also the difficulty to maintain and configure the old hardware available due to the variety of characteristics of the different machines and the amount of hardware breakdowns and software issues (viruses, administration issues) that the local staff has to face up to with their equipments. We propose a thin client approach that takes into account the human, hardware and software characteristics of developing institutions to provide a complete service for a computer network. The network administration is reduced to the administration of one server only. The maintenance of the machines is simplified and old computers can simulate the running of a powerful computer. Our proposal results in a cheap, simple (from the support point of view) and powerful (in terms of achieved functionalities) design.

A real case of a cognitive multiplayer game: design and development of the iOS client in Swift and its cloud architecture

as tecnologías emergentes como el cloud computing y los dispositivos móviles están creando una oportunidad sin precedentes para mejorar el sistema educativo, permitiendo tanto a los educadores personalizar y mejorar la experiencia de aprendizaje, como facilitar a los estudiantes que adquieran conocimientos sin importar dónde estén. Por otra parte, a través de técnicas de gamificacion será posible promover y motivar a los estudiantes a que aprendan materias arduas haciendo que la experiencia sea más motivadora. Los juegos móviles pueden ser el camino correcto para dar soporte a esta experiencia de aprendizaje mejorada. Este proyecto integra el diseño y desarrollo de una arquitectura en la nube altamente escalable y con alto rendimiento, así como el propio cliente de iOS, para dar soporte a una nueva version de Temporis, un juego móvil multijugador orientado a reordenar eventos históricos en una línea temporal (e.j. historia, arte, deportes, entretenimiento y literatura). Temporis actualmente está disponible en Google Play. Esta memoria describe el desarrollo de la nueva versión de Temporis (Temporis v.2.0) proporcionando detalles acerca de la mejora y adaptación basados en el Temporis original. En particular se describe el nuevo backend hecho en Go sobre Google App Engine creado para soportar miles de usuarios, asó como otras características por ejemplo como conseguir enviar noticaciones push desde la propia plataforma. Por último, el cliente de iOS en Temporis v.2.0 se ha desarrollado utilizando las últimas y más relevantes tecnologías, prestando especial atención a Swift (el lenguaje de programación nuevo de Apple, que es seguro y rápido), el Paradigma Funcional Reactivo (que ayuda a construir aplicaciones altamente interactivas además de a minimizar errores) y la arquitectura VIPER (una arquitectura que sigue los principios SOLID, se centra en la separación de asuntos y favorece la reutilización de código en otras plataformas). ABSTRACT Emerging technologies such as cloud computing and mobile devices are creating an unprecedented opportunity for enhancing the educational system, letting both educators customize and improve the learning experience, and students acquire knowledge regardless of where they are. Moreover, through gamification techniques it would be possible to encourage and motivate students to learn arduous subjects by making the experience more motivating. Mobile games can be a perfect vehicle to support this enhanced learning experience. This project integrates the design and development of a highly scalable and performant cloud architecture, as well as the iOS client that uses it, in order to provide support to a new version of Temporis, a mobile multiplayer game focused on ordering time-based (e.g. history, art, sports, entertainment and literature) in a timeline that currently is available on Google Play. This work describes the development of the new Temporis version (Temporis v.2.0), providing details about improvements and details on the adaptation of the original Temporis. In particular, the new Google App Engine backend is described, which was created to support thousand of users developed in Go language are provided, in addition to other features like how to achieve push notications in this platform. Finally, the mobile iOS client developed using the latest and more relevant technologies is explained paying special attention to Swift (Apple's new programming language, that is safe and fast), the Functional Reactive Paradigm (that helps building highly interactive apps while minimizing bugs) and the VIPER architecture (a SOLID architecture that enforces separation of concerns and makes it easy to reuse code for other platforms).

Defending against cybercrime: advances in the detection of malicious servers and the analysis of client-side vulnerabilities

Esta tesis se centra en el análisis de dos aspectos complementarios de la ciberdelincuencia (es decir, el crimen perpetrado a través de la red para ganar dinero). Estos dos aspectos son las máquinas infectadas utilizadas para obtener beneficios económicos de la delincuencia a través de diferentes acciones (como por ejemplo, clickfraud, DDoS, correo no deseado) y la infraestructura de servidores utilizados para gestionar estas máquinas (por ejemplo, C & C, servidores explotadores, servidores de monetización, redirectores). En la primera parte se investiga la exposición a las amenazas de los ordenadores victimas. Para realizar este análisis hemos utilizado los metadatos contenidos en WINE-BR conjunto de datos de Symantec. Este conjunto de datos contiene metadatos de instalación de ficheros ejecutables (por ejemplo, hash del fichero, su editor, fecha de instalación, nombre del fichero, la versión del fichero) proveniente de 8,4 millones de usuarios de Windows. Hemos asociado estos metadatos con las vulnerabilidades en el National Vulnerability Database (NVD) y en el Opens Sourced Vulnerability Database (OSVDB) con el fin de realizar un seguimiento de la decadencia de la vulnerabilidad en el tiempo y observar la rapidez de los usuarios a remiendar sus sistemas y, por tanto, su exposición a posibles ataques. Hemos identificado 3 factores que pueden influir en la actividad de parches de ordenadores victimas: código compartido, el tipo de usuario, exploits. Presentamos 2 nuevos ataques contra el código compartido y un análisis de cómo el conocimiento usuarios y la disponibilidad de exploit influyen en la actividad de aplicación de parches. Para las 80 vulnerabilidades en nuestra base de datos que afectan código compartido entre dos aplicaciones, el tiempo entre el parche libera en las diferentes aplicaciones es hasta 118 das (con una mediana de 11 das) En la segunda parte se proponen nuevas técnicas de sondeo activos para detectar y analizar las infraestructuras de servidores maliciosos. Aprovechamos técnicas de sondaje activo, para detectar servidores maliciosos en el internet. Empezamos con el análisis y la detección de operaciones de servidores explotadores. Como una operación identificamos los servidores que son controlados por las mismas personas y, posiblemente, participan en la misma campaña de infección. Hemos analizado un total de 500 servidores explotadores durante un período de 1 año, donde 2/3 de las operaciones tenían un único servidor y 1/2 por varios servidores. Hemos desarrollado la técnica para detectar servidores explotadores a diferentes tipologías de servidores, (por ejemplo, C & C, servidores de monetización, redirectores) y hemos logrado escala de Internet de sondeo para las distintas categorías de servidores maliciosos. Estas nuevas técnicas se han incorporado en una nueva herramienta llamada CyberProbe. Para detectar estos servidores hemos desarrollado una novedosa técnica llamada Adversarial Fingerprint Generation, que es una metodología para generar un modelo único de solicitud-respuesta para identificar la familia de servidores (es decir, el tipo y la operación que el servidor apartenece). A partir de una fichero de malware y un servidor activo de una determinada familia, CyberProbe puede generar un fingerprint válido para detectar todos los servidores vivos de esa familia. Hemos realizado 11 exploraciones en todo el Internet detectando 151 servidores maliciosos, de estos 151 servidores 75% son desconocidos a bases de datos publicas de servidores maliciosos. Otra cuestión que se plantea mientras se hace la detección de servidores maliciosos es que algunos de estos servidores podrán estar ocultos detrás de un proxy inverso silente. Para identificar la prevalencia de esta configuración de red y mejorar el capacidades de CyberProbe hemos desarrollado RevProbe una nueva herramienta a través del aprovechamiento de leakages en la configuración de la Web proxies inversa puede detectar proxies inversos. RevProbe identifica que el 16% de direcciones IP maliciosas activas analizadas corresponden a proxies inversos, que el 92% de ellos son silenciosos en comparación con 55% para los proxies inversos benignos, y que son utilizado principalmente para equilibrio de carga a través de múltiples servidores. ABSTRACT In this dissertation we investigate two fundamental aspects of cybercrime: the infection of machines used to monetize the crime and the malicious server infrastructures that are used to manage the infected machines. In the first part of this dissertation, we analyze how fast software vendors apply patches to secure client applications, identifying shared code as an important factor in patch deployment. Shared code is code present in multiple programs. When a vulnerability affects shared code the usual linear vulnerability life cycle is not anymore effective to describe how the patch deployment takes place. In this work we show which are the consequences of shared code vulnerabilities and we demonstrate two novel attacks that can be used to exploit this condition. In the second part of this dissertation we analyze malicious server infrastructures, our contributions are: a technique to cluster exploit server operations, a tool named CyberProbe to perform large scale detection of different malicious servers categories, and RevProbe a tool that detects silent reverse proxies. We start by identifying exploit server operations, that are, exploit servers managed by the same people. We investigate a total of 500 exploit servers over a period of more 13 months. We have collected malware from these servers and all the metadata related to the communication with the servers. Thanks to this metadata we have extracted different features to group together servers managed by the same entity (i.e., exploit server operation), we have discovered that 2/3 of the operations have a single server while 1/3 have multiple servers. Next, we present CyberProbe a tool that detects different malicious server types through a novel technique called adversarial fingerprint generation (AFG). The idea behind CyberProbe’s AFG is to run some piece of malware and observe its network communication towards malicious servers. Then it replays this communication to the malicious server and outputs a fingerprint (i.e. a port selection function, a probe generation function and a signature generation function). Once the fingerprint is generated CyberProbe scans the Internet with the fingerprint and finds all the servers of a given family. We have performed a total of 11 Internet wide scans finding 151 new servers starting with 15 seed servers. This gives to CyberProbe a 10 times amplification factor. Moreover we have compared CyberProbe with existing blacklists on the internet finding that only 40% of the server detected by CyberProbe were listed. To enhance the capabilities of CyberProbe we have developed RevProbe, a reverse proxy detection tool that can be integrated with CyberProbe to allow precise detection of silent reverse proxies used to hide malicious servers. RevProbe leverages leakage based detection techniques to detect if a malicious server is hidden behind a silent reverse proxy and the infrastructure of servers behind it. At the core of RevProbe is the analysis of differences in the traffic by interacting with a remote server.

Development of a psychological assessment battery to measure client beliefs about the effectiveness of psychotherapy

The author attempted to develop a brief scale to measure clients' beliefs about the effectiveness of psychotherapy. The study is an early pilot study to determine if the scale can predict therapy outcomes. While the scale did differ significantly between clients who were active in therapy and those who were not, higher scores on the instrument were not indicative of greater involvement. Possibilities for future research to refine the instrument are discussed.

Evidence-Based Practice in the Juvenile Justice System: Balancing Clinical Expertise with Best Available Research and Client Variables

Each year, thousands of adolescents are processed through the juvenile justice system -- a system that is complicated, expensive, and inadequately addressing the needs of the youth in its care. While there is extensive literature available in support of interventions for youthful offenders that are clinically superior to current care and more cost-effective than the existing structure, there is a gap between research and practice that is preventing their implementation. The use of Evidence-Based Practice in Psychology (EBPP) as defined by the American Psychological Association is presented as one method to bridge this gap. This paper identifies and discusses each of five barriers to effective use of EBPP: cost, fragmentation of the mental health system, historical and systemic variables, research methodology, and clinician variables. These barriers are first defined and then illustrated using examples from the author's experience working in the juvenile justice field. Finally, recommendations for the field are presented.

Three Dichotomies in Lawyers’ Ethics (With Particular Attention to the Corporation as Client)

Three usually unexpressed, and too often unnoticed, conceptual dichotomies underlie our perception and understanding of lawyers’ ethics. First, the existence of a special body of professional ethics and professional regulation presupposes some special need or risk. Criminal and civil law are apparently insufficient. Ordinary day-to-day morality and ordinary ethics, likewise, are not considered to be enough. What is the risk entailed by the notion of a profession that is special; who needs protection, and from what? Two quite different possible answers to this question provide the first of the three dichotomies examined in this article: one can understand the risk as primarily to a vulnerable client from a powerful professional; or, to the contrary, from a powerful client-lawyer combination toward vulnerable others. Second, what is the foundational orientation of lawyers? Are lawyers serving primarily their particular clients, and those clients’ preferences, choices and autonomy? Or is the primary allegiance of lawyers to some community or collective goal or interest distinct from the particular goals or interests of the client? The third dichotomy concerns not the substance of the risk, or the primary orientation, but the appropriate means of responding to that risk or that fundamental obligation. Should professional ethics be implemented primarily through rules? Or, should we rely on character and the discretion of lawyers to make a thought out, all things considered, decision? Each of these three presents a fundamental difference in how we perceive and address issues of lawyers’ ethics. Each affects our understanding and analysis on multiple levels, from (1) determining the appropriate or requisite conduct in a particular situation, to (2) framing a specific rule or approach for a particular category of situations, to (3) more general or abstract theory or policy. A person’s inclinations in regard to the dichotomies affects the conclusions that person will reach on each of those levels of analysis, yet those inclinations and assumptions are frequently unexamined and unarticulated. One’s position on each of the dichotomies tends to structure the approach and outcome without the issues and choice having been explicitly addressed or possibly even noticed. This article is an effort to ameliorate that problem. Part I addresses the question of what is the risk in the work of lawyers, or the function of lawyers, for which professional ethics is the answer. The concluding section focuses on the particular problem of the corporation as client. Part II then asks the related and possibly consequent question of what is the foundational orientation or allegiance of the lawyer? Is it to the individual client? Or is it to some larger community interest? Again, the concluding section focuses on the corporation. Part III turns to the means or method for addressing the obligations and possible problems of the professional ethics of lawyers. Should lawyers’ ethics guide and confine the conduct of lawyers primarily through rules? Or should it function primarily through reliance on the knowledge, judgment and character of lawyers? If the latter were the guide, ethical decisions would be made on a situation by situation basis under the discretion of each lawyer. Toward the end of each discussion possibilities for bridging the dichotomy are considered (and with such bridges each dichotomy may come to look more like a spectrum or continuum.). At several points after its introduction in Parts I and II, the special problem of the corporation as client is revisited and possible solutions suggested. Illustrating the usefulness of keeping the dichotomies in view, Part IV applies them to several exemplary situations of ethical difficulty in actual lawyer practice. For readers finding it difficult to envision the consequences of these distinctions, turning ahead to Part IV may be useful in making the discussion more concrete. Some commonalities across the dichotomies and connections among them are then developed in the concluding section, Part V.

Three Dichotomies in Lawyers’ Ethics (With Particular Attention to the Corporation as Client)

Three usually unexpressed, and too often unnoticed, conceptual dichotomies underlie our perception and understanding of lawyers’ ethics. First, the existence of a special body of professional ethics and professional regulation presupposes some special need or risk. Criminal and civil law are apparently insufficient. Ordinary day-to-day morality and ordinary ethics, likewise, are not considered to be enough. What is the risk entailed by the notion of a profession that is special; who needs protection, and from what? Two quite different possible answers to this question provide the first of the three dichotomies examined in this article: one can understand the risk as primarily to a vulnerable client from a powerful professional; or, to the contrary, from a powerful client-lawyer combination toward vulnerable others. Second, what is the foundational orientation of lawyers? Are lawyers serving primarily their particular clients, and those clients’ preferences, choices and autonomy? Or is the primary allegiance of lawyers to some community or collective goal or interest distinct from the particular goals or interests of the client? The third dichotomy concerns not the substance of therisk, or the primary orientation, but the appropriate means of responding to that risk or that fundamental obligation. Should professional ethics be implemented primarily through rules? Or, should we rely on character and the discretion of lawyers to make a thought out, all things considered, decision? Each of these three presents a fundamental difference in how we perceive and address issues of lawyers’ ethics. Each affects our understanding and analysis on multiple levels, from (1) determining the appropriate or requisite conduct in aparticular situation, to (2) framing a specific rule or approach for a particular category of situations, to (3) more general or abstract theory or policy. A person’s inclinations in regard to the dichotomies affects the conclusions that person will reach on each of those levels of analysis, yet those inclinations and assumptions are frequently unexamined and unarticulated. One’s position on each of the dichotomies tends to structure the approach and outcome without the issues and choice having been explicitly addressed or possibly even noticed. This article is an effort to ameliorate that problem. Part I addresses the question of what is the risk in the work of lawyers, or the function of lawyers, for which professional ethics is the answer. The concluding section focuses on the particular problem of the corporation as client. Part II then asks the related and possibly consequent question of what is the foundational orientation or allegiance of the lawyer? Is it to the individual client? Or is it to some larger community interest? Again, the concluding section focuses on thecorporation. Part III turns to the means or method for addressing the obligations and possible problems of the professional ethics of lawyers. Should lawyers’ ethics guide and confine the conduct of lawyers primarily through rules? Or should it function primarily through reliance on the knowledge, judgment and character of lawyers? If the latter were the guide, ethical decisions would be made on a situation by situation basis under the discretion of each lawyer. Toward the end of each discussion possibilities for bridging the dichotomy are considered (and with such bridges each dichotomy may come to look more like a spectrum or continuum.). At several points after its introduction in Parts I and II, the special problem of the corporation as client is revisited and possible solutions suggested. Illustrating the usefulness of keeping the dichotomies in view, Part IV applies them to several exemplary situations of ethical difficulty in actual lawyer practice. For readers finding it difficult to envision the consequences of these distinctions, turning ahead to Part IV may be useful in making the discussion more concrete. Some commonalities across the dichotomies and connections among them are then developed in the concluding section, Part V.