These are representative sample records from Science.gov related to your search topic.
For comprehensive and current results, perform a real-time search at Science.gov.
1

Web Applications and Security Web protocol overview  

E-print Network

Web Applications and Security Web protocol overview Web forms Cookies Attacks against Web>University of Massachusetts Amherst #12;Basic Web scripting There are two basic HTTP request methods, GET and POST descriptor. #12;Securing basic web apps is easy DON'T TRUST USER INPUT, EVER... Never execute code provide

Massachusetts at Amherst, University of

2

Evaluation of web application security risks and secure design patterns  

Microsoft Academic Search

The application of security in web application is of profound importance due to the extended use of web for business. Most of the attacks, are either because the developers are not considering security as a concern or due to the security flaws in designing and developing the applications. The enforcement of security in the software development life cycle of the

Asish Kumar Dalai; Sanjay Kumar Jena

2011-01-01

3

Non-Detrimental Web Application Security Scanning  

Microsoft Academic Search

The World Wide Web has become a sophisticated platform capable of delivering a broad range of applications. However, its rapid growth has resulted in numerous security problems that current technologies cannot address. Researchers from both academic and private sector are devoting a considerable amount of resources to the development of Web application security scanners (i.e., automated software testing platforms for

Yao-wen Huang; Chung-hung Tsai; D. T. Lee; Sy-yen Kuo

2004-01-01

4

Architectures for Inlining Security Monitors in Web Applications  

E-print Network

the modern browsing experience on the web. JavaScript enables dynamic and interactive web pages. Glued policies to be enforced in web applications. This paper focuses on securing JavaScript code by inlining architectures for inlining security monitors for JavaScript: via browser extension, via web proxy, via suffix

Sabelfeld, Andrei

5

Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1 1 (2).  

E-print Network

Web Application Security Standards and Practices Page 1 of 13 Web Application Security Standard Operating Environment (SOE) V1 1 (2). Columbia University Web Application Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Application Security Standards and Practices

Grishok, Alla

6

Web Application Security—Past, Present, and Future  

Microsoft Academic Search

Web application security remains a major roadblock to universal acceptance of the Web for many kinds of online transactions,\\u000a especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application\\u000a bugs. In software engineering, software testing is an established and well-researched process for improving software quality.\\u000a Recently, formal verification tools have also shown success in

Yao-Wen Huang; D. T. Lee

7

Web-Based Training Applications in Safeguards and Security  

SciTech Connect

The U.S. Department of Energy (DOE) requires all employees who hold a security clearance and have access to classified information and/or special nuclear material to be trained in the area of Safeguards and Security. Since the advent of the World Wide Web, personnel who are responsible for training have capitalized on this communication medium to develop and deliver Web-based training. Unlike traditional computer based training where the student was required to find a workstation where the training program resided, one of Web-based training strongest advantage is that the training can be delivered right to the workers desk top computer. This paper will address reasons for the driving forces behind the utilization of Web-based training at the Laboratory with a brief explanation of the different types of training conducted. Also discussed briefly is the different types of distance learning used in conjunction with Web-based training. The implementation strategy will be addressed and how the Laboratory utilized a Web-Based Standards Committee to develop standards for Web-based training applications. Web-based problems resulting from little or no communication between training personnel across the Laboratory will be touched on and how this was solved. Also discussed is the development of a ''Virtual Training Center'' where personnel can shop on-line for their training needs. Web-based training programs within the Safeguards and Security arena will be briefly discussed. Specifically, Web-based training in the area of Materials Control and Accountability will be explored. A Web-based example of what a student would experience during a training session is also discussed. A short closing statement of what the future of Web-based Training holds in the future is offered.

Lopez, R.L.

1999-05-21

8

Ripley: Automatically Securing Distributed Web Applications  

E-print Network

of a server component implemented in Java J2EE, PHP or ASP.NET and a client-side component executing in Java complex and representative AJAX applications suggests that RIPLEY is a promising method for building

Livshits, Ben

9

A dynamic technique for enhancing the security and privacy of web applications  

Microsoft Academic Search

Web application security and privacy became a central concern among the security community. The problems that are faced once an application is compromised necessarily demands special attention. The emerging programming languages, which allow unexperienced users to quickly develop applications, still fail to introduce mechanisms for pre- venting the aforementioned attacks. We introduce a technique for en- hancing the security and

Ariel Futoransky; Ezequiel Gutesman; Ariel Waissbein

10

Practical security for multi-user web application databases  

E-print Network

Online web applications are continuously vulnerable to attacks on their users' data. Outside adversaries can gain unauthorized access by exploiting unknown vulnerabilities; curious or malicious database administrators can ...

Redfield, Catherine M. S

2012-01-01

11

Supporting secure programming in web applications through interactive static analysis  

PubMed Central

Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

2013-01-01

12

Supporting secure programming in web applications through interactive static analysis.  

PubMed

Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

2014-07-01

13

Evaluation of OPC UA secure communication in web browser applications  

Microsoft Academic Search

OPC UA XML Web services mapping offers a Web service interface to access process data. Web services use XML technology for data exchange. Present-day Web browsers include XML functionality already as a standard feature, they are therefore very promising candidates for the implementation of monitoring and operating functions for industrial processes. However, the acceptance of Web services in industrial automation

Annerose Braune; Stefan Hennig; Sebastian Hegler

2008-01-01

14

Grammar based oracle for security testing of web applications  

Microsoft Academic Search

The goal of security testing is to detect those defects that could be exploited to conduct attacks. Existing works, however, address security testing mostly from the point of view of automatic generation of test cases. Less attention is paid to the problem of developing and integrating with a security oracle. In this paper we address the problem of the security

Andrea Avancini; Mariano Ceccato

2012-01-01

15

Teaching Web Security Using Portable Virtual Labs  

ERIC Educational Resources Information Center

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Chen, Li-Chiou; Tao, Lixin

2012-01-01

16

Analysis and Enforcement of Web Application Security Policies  

E-print Network

with a web page is implemented in 27 lines of JavaScript. AJavaScript content are placed by a variety of ad- vertisers on web pages.JavaScript heap graph of the main frame created by visiting each of the 90 web pages

Weinberger, Joel Howard Willis

2012-01-01

17

Service and cloud computing oriented web GIS for labor and social security applications  

Microsoft Academic Search

The service and cloud computing oriented architecture is a very promising architecture for practical implementation of the next generation geographical information systems. This paper investigated the service and cloud computing oriented architecture for constructing a distributed and web service enabled geographical information platform for labor and social security applications. The spatial cloud computing applies geographical information systems to the cloud

Xiaolin Lu

2010-01-01

18

Security Lab Series Introduction to Web Technologies  

E-print Network

Security Lab Series Introduction to Web Technologies Prof. Lixin Tao Pace University http...........................................................................................................................................1 1.1 Web ArchitectureScript..................................................................................16 4.6 Creating Your First JavaServer Page Web Application

Tao, Lixin

19

January 2008 SECURE WEB SERVERS  

E-print Network

-44, Guidelines on Securing Public Web Servers, which focuses on the design, implementation, and operation, which focuses on the design, implementation, and operation of publicly accessible and secure Web serversJanuary 2008 SECURE WEB SERVERS: PROTECTING WEB SITES SECURE WEB SERVERS: PROTECTING WEB SITES

20

Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications  

Microsoft Academic Search

\\u000a While Java and PHP are two of the most popular languages for open source web applications found at \\u000a freshmeat.net\\u000a , Java has had a much better security reputation than PHP. In this paper, we examine whether that reputation is deserved.\\u000a We studied whether the variation in vulnerability density is greater between languages or between different applications written\\u000a in a single

James Walden; Maureen Doyle; Robert Lenhof; John Murray

2010-01-01

21

Security of web forms  

Microsoft Academic Search

This paper delivers some basic information about the security of Web forms from Web bots (robots). Possible threats are described and the article gives a list of some methods which can be used to protect Web forms. The emphasis is on the CAPTCHA (completely automated public turing test to tell computers and humans Apart) method that is most often used

Z. Covic; L. Szedmina

2007-01-01

22

A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application  

Microsoft Academic Search

This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU\\/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis

Darren S. Curtis; Elena S. Peterson; Christopher Oehmen

2008-01-01

23

Mapping software faults with web security vulnerabilities  

Microsoft Academic Search

Web applications are typically developed with hard time constraints and are often deployed with critical software bugs, making them vulnerable to attacks. The classification and knowledge of the typical software bugs that lead to security vulnerabilities is of utmost importance. This paper presents a field study analyzing 655 security patches of six widely used web applications. Results are compared against

José Fonseca; Marco Vieira

2008-01-01

24

MasteringWeb Services Security MasteringWeb Services Security  

E-print Network

for ASP.NET Web Services Planning and building secure Web Service systems ­ Architectural and policy to secure today ­ simple WS systems Java and (ASP).NET ­ complex WS systems for large enterprises Describe+, .NET, EJB Securing (ASP).NET and Java Web Services 3. Advanced Topics Interoperability Administration

25

Secure Mechanism for Mobile Web Browsing  

Microsoft Academic Search

The prevailing of mobile network provides increasing web applications and services available on mobile devices. However, most of the websites are developed with limited security consideration, let alone web services for mobile users. Hackers take advantage of the web-based vulnerabilities to inject malicious JavaScript into compromised web pages, and a mobile victim visits the site will be compromised. Current anti-virus

Chia-Mei Chen; Ya-Hui Ou

2011-01-01

26

Ripley: Automatically Securing Web 2.0 Applications Through Replicated Execution  

E-print Network

are becoming increasingly distributed, as demonstrated by the popularity of AJAX or Web 2.0 applications such as Facebook, Google Maps, Hotmail and many others. A typ- ical multi-tier AJAX application consists representative AJAX applications built in Volta and also on Hotmail, a large widely-used AJAX application. Our

Livshits, Ben

27

Ripley: automatically securing web 2.0 applications through replicated execution  

Microsoft Academic Search

Rich Internet applications are becoming increasingly distributed, as demonstrated by the popularity of AJAX or Web 2.0 applications such as Facebook, Google Maps, Hotmail and many others. A typ- ical multi-tier AJAX application consists, at the least, of a server- side component implemented in Java J2EE, PHP or ASP.NET and a client-side component running JavaScript. The resulting applica- tion is

K. Vikram; Abhishek Prateek; V. Benjamin Livshits

2009-01-01

28

Web services and web service security standards  

Microsoft Academic Search

This paper provides a short introduction to basic web services concepts and describes in greater detail the various specifications related to reliability, transactions and in particular security which are referred to as the Microsoft\\/IBM WS-* family of specifications. The authors were not involved in the development and specification of the family of WS-* specs described in this paper.

Christian Geuer-Pollmann; Joris Claessens

2005-01-01

29

Gordon and Mike's ICT Podcast: Flat World Strategies: Web 2.0 Application Security Threats  

NSDL National Science Digital Library

Gordon and Mike's ICT Podcast offers perspectives on the information and communication technologies (ICT) industries from Gordon Snyder and Mike Qaissaunee. In this podcast, Mike and Gordon discuss the vulnerabilities of Web 2.0 technologies by examining the seven threats identified by security experts at SPI Dynamics, Inc. The running time for this show is 23:26.This podcast is available for direct download in mp3 format from the Libsyn site, or click here to subscribe to the whole series in iTunes.

Qaissaunee, Michael; Snyder, Gordon F.

2008-02-20

30

IT Security: Target: The Web  

ERIC Educational Resources Information Center

In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

Waters, John K.

2009-01-01

31

Web Analytics for Security Informatics  

E-print Network

An enormous volume of security-relevant information is present on the Web, for instance in the content produced each day by millions of bloggers worldwide, but discovering and making sense of these data is very challenging. This paper considers the problem of exploring and analyzing the Web to realize three fundamental objectives: 1.) security relevant information discovery; 2.) target situational awareness, typically by making (near) real-time inferences concerning events and activities from available observations; and 3.) predictive analysis, to include providing early warning for crises and forming predictions regarding likely outcomes of emerging issues and contemplated interventions. The proposed approach involves collecting and integrating three types of Web data, textual, relational, and temporal, to perform assessments and generate insights that would be difficult or impossible to obtain using standard methods. We demonstrate the efficacy of the framework by summarizing a number of successful real-wor...

Glass, Kristin

2013-01-01

32

FOUNDATIONS OF WEB SCRIPT SECURITY Aaron Bohannon  

E-print Network

FOUNDATIONS OF WEB SCRIPT SECURITY Aaron Bohannon A DISSERTATION in Computer and Information Science #12;FOUNDATIONS OF WEB SCRIPT SECURITY COPYRIGHT 2012 Aaron Bohannon #12;Acknowledgements applying reactive noninterference to web browsers. Before I started the final phase of my thesis research

Plotkin, Joshua B.

33

web identity application sectioneleven  

E-print Network

web identity application sectioneleven 99 contents elements of webpage design......................................................................... 100-101 web development and design considerations web banners is required for all official UCSF webpages. This banner includes a required link

Derisi, Joseph

34

Measuring Quality Metrics for Web Applications  

Microsoft Academic Search

This paper makes an attempt to propose a framework for measuring quality attributes of web- based application systems. Web-based quality properties are referred to as non-functional properties of web applications such as performance, maintainability, security, usability, portability, and so on. This paper is particularly interested in two major quality attributes: usability from the users point of view; and maintainability for

Ben Lilburne; Prajwol Devkota

35

Web Server Security on Open Source Environments  

NASA Astrophysics Data System (ADS)

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

36

Security for Web-Based Tests.  

ERIC Educational Resources Information Center

The purpose of this paper is to enumerate a series of security steps that might be taken by those researchers or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations here…

Shermis, Mark D.; Averitt, Jason

37

Introducing Web Application Development  

E-print Network

Introducing Web Application Development Instructor: Dr Wei Ding Development Instructor: Dr.Wei Ding Fall 2009 1CS 437/637 Database-BackedWeb Sites andWeb Services Introduction: Internet vs. World Wide Web Internet is an interconnected network of thousands ofInternet is an interconnected network

Ding, Wei

38

An integrated approach for securing electronic transactions over the Web  

Microsoft Academic Search

The decentralised nature of Web-based information systems demands a careful evaluation of the pantheon of security issues in order to avoid the potential occurrence of business risks that could not be easily mitigated. Understanding that information security is not merely a technical solution implemented at each endpoint of the inter-organizational application, this paper describes an integrated approach based on a

N. Kolokotronis; C. Margaritis; P. Papadopoulou; P. Kanellis; D. Martakos

2002-01-01

39

Designing, Implementing, and Evaluating Secure Web Browsers  

ERIC Educational Resources Information Center

Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

Grier, Christopher L.

2009-01-01

40

Verifying policy-based web services security  

Microsoft Academic Search

WS-SecurityPolicy is a declarative language for configuring web services se- curity mechanisms. We describe a formal semantics for WS-SecurityPolicy and propose a more abstract language for specifying secure links between web ser- vices and their clients. We present the architecture and implementation of tools that (1) compile policy files from link specifications, and (2) verify by invoking a theorem prover

Karthikeyan Bhargavan; Cédric Fournet; Andrew D. Gordon

2008-01-01

41

Web Security Standards and Practices Page 1 of 13 Web Security Standard Operating Environment (SOE) V1.doc  

E-print Network

Web Security Standards and Practices Page 1 of 13 Web Security Standard Operating Environment (SOE) V1.doc Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related

Qian, Ning

42

Building fast and secure Web services with OKWS  

E-print Network

OKWS is a Web server specialized for secure and fast delivery of dynamic content. It provides Web developers with a small set of tools powerful enough to build complex Web-based systems. Despite its emphasis on security, ...

Krohn, Maxwell (Maxwell N.)

2005-01-01

43

Reverse Engineering Web Applications  

Microsoft Academic Search

The heterogeneous and dynamic nature of components making up a Web application, the lack of effective programming mechanisms for implementing basic software engineering principles in it, and undisciplined development processes induced by the high pressure of a very short time-to-market, make Web application maintenance a challenging problem. A relevant issue consists of reusing the methodological and technological experience in the

Porfirio Tramontana

2005-01-01

44

Speculations on the science of web user security Ravi Sandhu  

E-print Network

Speculations on the science of web user security Ravi Sandhu Institute for Cyber Security history: Available online 26 October 2012 Keywords: Web user security Security science Cyber security a b s t r a c t There appears to be consensus among seasoned cyber security researchers

Sandhu, Ravi

45

Enhancing web browser security against malware extensions  

Microsoft Academic Search

In this paper we examine security issues of functionality extension mechanisms supported by web browsers. Extensions (or “plug-ins”)\\u000a in modern web browsers enjoy unrestrained access at all times and thus are attractive vectors for malware. To solidify the\\u000a claim, we take on the role of malware writers looking to assume control of a user’s browser space. We have taken advantage

Mike Ter Louw; Jin Soon Lim; V. N. Venkatakrishnan

2008-01-01

46

Web Mining: Machine Learning for Web Applications.  

ERIC Educational Resources Information Center

Presents an overview of machine learning research and reviews methods used for evaluating machine learning systems. Ways that machine-learning algorithms were used in traditional information retrieval systems in the "pre-Web" era are described, and the field of Web mining and how machine learning has been used in different Web mining applications

Chen, Hsinchun; Chau, Michael

2004-01-01

47

Improving web site security with data flow management  

E-print Network

This dissertation describes two systems, RESIN and BFLow, whose goal is to help Web developers build more secure Web sites. RESIN and BFLOW use data flow management to help reduce the security risks of using buggy or ...

Yip, Alexander Siumann, 1979-

2009-01-01

48

Reliability, compliance, and security in web-based course assessments  

NSDL National Science Digital Library

Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage and utilization of web resources. An investigation was carried out in introductory astronomy courses comparing pre- and postcourse administration of assessments using the web and on paper. Overall no difference was seen in performance due to the medium. Compliance rates fluctuated greatly, and factors that seemed to produce higher rates are identified. Notably, email reminders increased compliance by 20%. Most of the 559 students complied with requests to not copy, print, or save questions nor use web resources; about 1% did copy some question text and around 2% frequently used other windows or applications while completing the assessment.

Bonham, Scott W.

2008-09-24

49

Engineering Web Applications for Reuse  

Microsoft Academic Search

In this paper we present Web design frameworks as a conceptual approach to maximize reuse in Web applications. We first analyze the current state of the art of Web applications design, stating the need for an approach that clearly separates concerns (conceptual, navigational, interface). We briefly introduce the OOHDM approach for Web applications design. We next focus on the problem

Daniel Schwabe; Luiselena Esmeraldo; Gustavo Rossi; Fernando Lyardet

2001-01-01

50

Designing personalized web applications  

Microsoft Academic Search

The goal of this paper is to argue the need to approach the personalization issues in Web applications from the very beginning in the application's development cycle. Since personalization is a critical aspect in many popular domains such as e-commerce, it important enough that it should be dealt with through a design view, rather than only an implementation view (which

Gustavo Rossi; Daniel Schwabe; Robson Guimarães

2001-01-01

51

Factsheets Web Application  

SciTech Connect

The Factsheets web application was conceived out of the requirement to create, update, publish, and maintain a web site with dynamic research and development (R and D) content. Before creating the site, a requirements discovery process was done in order to accurately capture the purpose and functionality of the site. One of the high priority requirements for the site would be that no specialized training in web page authoring would be necessary. All functions of uploading, creation, and editing of factsheets needed to be accomplished by entering data directly into web form screens generated by the application. Another important requirement of the site was to allow for access to the factsheet web pages and data via the internal Sandia Restricted Network and Sandia Open Network based on the status of the input data. Important to the owners of the web site would be to allow the published factsheets to be accessible to all personnel within the department whether or not the sheets had completed the formal Review and Approval (R and A) process. Once the factsheets had gone through the formal review and approval process, they could then be published both internally and externally based on their individual publication status. An extended requirement and feature of the site would be to provide a keyword search capability to search through the factsheets. Also, since the site currently resides on both the internal and external networks, it would need to be registered with the Sandia search engines in order to allow access to the content of the site by the search engines. To date, all of the above requirements and features have been created and implemented in the Factsheet web application. These have been accomplished by the use of flat text databases, which are discussed in greater detail later in this paper.

VIGIL,FRANK; REEDER,ROXANA G.

2000-10-30

52

Application Security Automation  

ERIC Educational Resources Information Center

With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

Malaika, Majid A.

2011-01-01

53

Dragnet? No, Internet! Campus Security on the Web.  

ERIC Educational Resources Information Center

Examines college campus security's use of an Internet Web page to better inform its students and enhance campus law enforcement. The University of Richmond security Web site is provided as an example of how an interactive security system works. It notes that this system is available free to campus law enforcement agencies able to satisfy certain…

Fickes, Michael

1998-01-01

54

A Security Architecture for Grid-enabling OGC Web Services  

NASA Astrophysics Data System (ADS)

In the proposed presentation we describe an architectural solution for enabling a secure access to Grids and possibly other large scale on-demand processing infrastructures through OGC (Open Geospatial Consortium) Web Services (OWS). This work has been carried out in the context of the security thread of the G-OWS Working Group. G-OWS (gLite enablement of OGC Web Services) is an international open initiative started in 2008 by the European CYCLOPS , GENESI-DR, and DORII Project Consortia in order to collect/coordinate experiences in the enablement of OWS's on top of the gLite Grid middleware. G-OWS investigates the problem of the development of Spatial Data and Information Infrastructures (SDI and SII) based on the Grid/Cloud capacity in order to enable Earth Science applications and tools. Concerning security issues, the integration of OWS compliant infrastructures and gLite Grids needs to address relevant challenges, due to their respective design principles. In fact OWS's are part of a Web based architecture that demands security aspects to other specifications, whereas the gLite middleware implements the Grid paradigm with a strong security model (the gLite Grid Security Infrastructure: GSI). In our work we propose a Security Architectural Framework allowing the seamless use of Grid-enabled OGC Web Services through the federation of existing security systems (mostly web based) with the gLite GSI. This is made possible mediating between different security realms, whose mutual trust is established in advance during the deployment of the system itself. Our architecture is composed of three different security tiers: the user's security system, a specific G-OWS security system, and the gLite Grid Security Infrastructure. Applying the separation-of-concerns principle, each of these tiers is responsible for controlling the access to a well-defined resource set, respectively: the user's organization resources, the geospatial resources and services, and the Grid resources. While the gLite middleware is tied to a consolidated security approach based on X.509 certificates, our system is able to support different kinds of user's security infrastructures. Our central component, the G-OWS Security Framework, is based on the OASIS WS-Trust specifications and on the OGC GeoRM architectural framework. This allows to satisfy advanced requirements such as the enforcement of specific geospatial policies and complex secure web service chained requests. The typical use case is represented by a scientist belonging to a given organization who issues a request to a G-OWS Grid-enabled Web Service. The system initially asks the user to authenticate to his/her organization's security system and, after verification of the user's security credentials, it translates the user's digital identity into a G-OWS identity. This identity is linked to a set of attributes describing the user's access rights to the G-OWS services and resources. Inside the G-OWS Security system, access restrictions are applied making use of the enhanced Geospatial capabilities specified by the OGC GeoXACML. If the required action needs to make use of the Grid environment the system checks if the user is entitled to access a Grid infrastructure. In that case his/her identity is translated to a temporary Grid security token using the Short Lived Credential Services (IGTF Standard). In our case, for the specific gLite Grid infrastructure, some information (VOMS Attributes) is plugged into the Grid Security Token to grant the access to the user's Virtual Organization Grid resources. The resulting token is used to submit the request to the Grid and also by the various gLite middleware elements to verify the user's grants. Basing on the presented framework, the G-OWS Security Working Group developed a prototype, enabling the execution of OGC Web Services on the EGEE Production Grid through the federation with a Shibboleth based security infrastructure. Future plans aim to integrate other Web authentication services such as OpenID, Kerberos and WS-Federation.

Angelini, Valerio; Petronzio, Luca

2010-05-01

55

Implementing Open Authentication for Web Services with a Secure Memory Card  

Microsoft Academic Search

Open authentication protocols have become a standard solution to allow interfacing of third-party applications and websites. This paper presents a rationale for the use of secure memory cards with NFC-enabled service. A software application prototype is presented to show how a secure memory card can provide a portable authentication module to access web services. The prototype shows that it is

Aki-Petteri Leinonen; Tuomo Tuikka; Erkki Siira

2012-01-01

56

ShadowCrypt: Encrypted Web Applications for Everyone UC Berkeley  

E-print Network

and compute on data handled by web (or cloud-based) applications. Few, if any, of these proposals have users to transparently switch to encrypted input/output for text-based web applications. Shadow- Crypt and encrypted text with secure, isolated cleartext. ShadowCrypt's key innovation is the use of Shadow DOM

Shi, Elaine

57

ShadowCrypt: Encrypted Web Applications for Everyone UC Berkeley  

E-print Network

, 38] discusses techniques to encrypt and compute on data handled by web (or cloud-based) applications users to transparently switch to encrypted input/output for text-based web applications. Shadow- Crypt and encrypted text with secure, isolated cleartext. ShadowCrypt's key innovation is the use of Shadow DOM

Song, Dawn

58

A Systematic Analysis of XSS Sanitization in Web Application Frameworks  

E-print Network

A Systematic Analysis of XSS Sanitization in Web Application Frameworks Joel Weinberger, Prateek. By streamlining and au- tomating XSS sanitization, web application frameworks stand in a good position to stop XSS systematically study the security of the XSS sanitization abstractions frameworks provide. We develop a novel

Song, Dawn

59

Opal: Simple Web Services Wrappers for Scientific Applications  

E-print Network

Opal: Simple Web Services Wrappers for Scientific Applications Sriram Krishnan, Brent Stearn, Karan. In this paper, we will present Opal, which is a toolkit for wrapping scientific applications as Web services in a matter of hours. Opal provides features such as scheduling, standards-based Grid security, and data

Krishnan, Sriram

60

Secure Web-Site Access with Tickets and Message-Dependent Digests  

USGS Publications Warehouse

Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

Donato, David I.

2008-01-01

61

FPA Depot - Web Application  

NASA Technical Reports Server (NTRS)

Lines of code (LOC) analysis is one of the methods used to measure programmer productivity and estimate schedules of programming projects. The Launch Control System (LCS) had previously used this method to estimate the amount of work and to plan development efforts. The disadvantage of using LOC as a measure of effort is that one can only measure 30% to 35% of the total effort of software projects involves coding [8]. In the application, instead of using the LOC we are using function point for a better estimation of hours in each software to develop. Because of these disadvantages, Jamie Szafran of the System Software Branch of Control And Data Systems (NE-C3) at Kennedy Space Canter developed a web application called Function Point Analysis (FPA) Depot. The objective of this web application is that the LCS software architecture team can use the data to more accurately estimate the effort required to implement customer requirements. This paper describes the evolution of the domain model used for function point analysis as project managers continually strive to generate more accurate estimates.

Avila, Edwin M. Martinez; Muniz, Ricardo; Szafran, Jamie; Dalton, Adam

2011-01-01

62

Java web services: WS-Security without client certificates  

E-print Network

-SecureConversation performance. About this series Web services are a crucial part of Java technology's role in enterprise, simplifying your web service configuration while also providing performance benefits. You can use it directly'll also see how plain WS-Security symmetric encryption performance compares to WS

63

Towards a Framework for Migrating Web Applications to Web Services  

E-print Network

Towards a Framework for Migrating Web Applications to Web Services Asil A. Almonaies Manar H {asil,alalfi,cordy,dean}@cs.queensu.ca Abstract Migrating traditional legacy web applications to web services is an important step in the modernization of web-based business systems to more complex inter

Cordy, James R.

64

From Desktop Applications Towards Ajax Web Applications  

Microsoft Academic Search

Ajax is a set of different technologies that work together to create new and powerful Web applications. Ajax is demonstrating its usefulness in real world applications. The most important Internet companies as: Google, Yahoo, Amazon, Microsoft, are developing rich Web applications based on Ajax. Many developers do not know how to use these technologies to build Ajax Applications. In this

J. Sergio Zepeda; Sergio V. Chapa

2007-01-01

65

Improving the Security and Robustness of Modern Web Browsers  

Microsoft Academic Search

Despite their popularity, modern web browsers do not oer a secure or robust environment for interacting with untrusted content. Today's web users face a variety of threats, including exploits of browser vul- nerabilities, interference between web sites, script in- jection attacks, and abuse of authentication creden- tials. To address these threats, I leverage an anal- ogy between operating systems and

Charles Reis

66

Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies  

Microsoft Academic Search

While conducting a security analysis of JavaScriptand VBScript, the most popular scripting languageson the Web, we found some serious #aws. Motivatedby this outcome, we propose steps towards asound de#nition and design of a security frameworkfor scripting languages on the Web. We show that ifsuch a security framework had been integrated intothe respective scripting languages from the very beginning,the probability of

Vinod Anupam

1998-01-01

67

Turning Access™ into a web-enabled secure information system for clinical trials  

PubMed Central

Background Organizations that have limited resources need to conduct clinical studies in a cost-effective, but secure way. Clinical data residing in various individual databases need to be easily accessed and secured. Although widely available, digital certification, encryption, and secure web server, have not been implemented as widely, partly due to a lack of understanding of needs and concerns over issues such as cost and difficulty in implementation. Purpose The objective of this study was to test the possibility of centralizing various databases and to demonstrate ways of offering an alternative to a large-scale comprehensive and costly commercial product, especially for simple phase I and II trials, with reasonable convenience and security. Methods We report a working procedure to transform and develop a standalone Access™ database into a secure Web-based secure information system. Results For data collection and reporting purposes, we centralized several individual databases; developed, and tested a web-based secure server using self-issued digital certificates. Limitations The system lacks audit trails. The cost of development and maintenance may hinder its wide application. Conclusions The clinical trial databases scattered in various departments of an institution could be centralized into a web-enabled secure information system. The limitations such as the lack of a calendar and audit trail can be partially addressed with additional programming. The centralized Web system may provide an alternative to a comprehensive clinical trial management system. PMID:19625330

Chen, Dongquan; Chen, Wei-Bang; Soong, Mayhue; Soong, Seng-Jaw; Orthner, Helmuth F.

2010-01-01

68

SmartNotes: Application of Crowdsourcing to the Detection of Web Threats  

E-print Network

SmartNotes: Application of Crowdsourcing to the Detection of Web Threats Mehrbod Sharifi mehrbod detects security threats related to web browsing, such as Internet scams, deceptive sales of substandard--Crowdsourcing, Machine Learning, Web Security. I. INTRODUCTION Cybersecurity threats can be broadly divided to two high

Fink, Eugene

69

A Framework for Migrating Web Applications to Web Services  

E-print Network

A Framework for Migrating Web Applications to Web Services Asil A. Almonaies, Manar H. Alalfi-automatically migrat- ing monolithic legacy web applications to service oriented architecture (SOA) by separating potentially reusable features as web services. Software design re- covery and source transformation techniques

Cordy, James R.

70

A Policy Based Approach to Security for the Semantic Web  

Microsoft Academic Search

\\u000a Along with developing specifications for the description of meta-data and the extraction of information for the Semantic Web,\\u000a it is important to maximize security in this environment, which is fundamentally dynamic, open and devoid of many of the clues\\u000a human societies have relied on for security assessment. Our research investigates the marking up of web entities with a semantic\\u000a policy

Lalana Kagal; Timothy W. Finin; Anupam Joshi

2003-01-01

71

Web Cube: a Programming Model for Reliable Web Applications  

E-print Network

Web Cube: a Programming Model for Reliable Web Applications I.S.W.B. Prasetya, T.E.J. Vos, S UU-CS-2005-002 www.cs.uu.nl #12;Web Cube: a Programming Model for Reliable Web Applications I@cs.uu.nl, tanja@iti.upv.es, doaitse@cs.uu.nl, bela@cs.ui.ac.id Abstract Web Cube is a server side programming

Utrecht, Universiteit

72

Lecture 24: Document and Web Applications  

E-print Network

Lecture 24: Document and Web Applications Sam Roweis March 31, 2004 Machine Learning on Text/Web Machine Learning Problems for Text/Web Data · Document / Web Page Classification or Detection 1. Does this document/web page contain an example of thing X? e.g. Job advertisements (FlipDog). 2. Is this document/web

Roweis, Sam

73

Reliability, Compliance, and Security in Web-Based Course Assessments  

ERIC Educational Resources Information Center

Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage…

Bonham, Scott

2008-01-01

74

On the relationship between Web Services Security and traditional protocols  

E-print Network

in the last decade by the theoretical community for the analysis of crypto­ graphic protocols to be used community for the analysis of cryptographic protocols to be used for analysing WS­Security protocolsOn the relationship between Web Services Security and traditional protocols E. Kleiner and A

Roscoe, Bill

75

WebNC: efficient sharing of web applications  

E-print Network

WebNC is a system for efficiently sharing, retrieving and viewing web applications. Unlike existing screencasting and screensharing tools, WebNC is optimized to work with web pages where a lot of scrolling happens. WebNC uses a tile-based encoding to capture, transmit and deliver web applications, and relies only on dynamic HTML and JavaScript. The resulting webcasts require very little bandwidth and are viewable on any modern web browser including Firefox and Internet Explorer as well as browsers on the iPhone and Android platforms.

Denoue, Laurent; Adcock, John; Golovchinsky, Gene; Girgensohn, Andreas

2009-01-01

76

Intelligent and Adaptive Crawling of Web Applications for Web Archiving  

E-print Network

Intelligent and Adaptive Crawling of Web Applications for Web Archiving Muhammad Faheem1 and Pierre Kong, Hong Kong firstname.lastname@telecom.paristech.fr Abstract. Web sites are dynamic in nature with content and structure changing overtime. Many pages on the Web are produced by content management systems

Senellart, Pierre

77

Secure, Autonomous, Intelligent Controller for Integrating Distributed Sensor Webs  

NASA Technical Reports Server (NTRS)

This paper describes the infrastructure and protocols necessary to enable near-real-time commanding, access to space-based assets, and the secure interoperation between sensor webs owned and controlled by various entities. Select terrestrial and aeronautics-base sensor webs will be used to demonstrate time-critical interoperability between integrated, intelligent sensor webs both terrestrial and between terrestrial and space-based assets. For this work, a Secure, Autonomous, Intelligent Controller and knowledge generation unit is implemented using Virtual Mission Operation Center technology.

Ivancic, William D.

2007-01-01

78

Security Encryption Scheme for Communication of Web Based Control Systems  

NASA Astrophysics Data System (ADS)

A control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. The trend in most systems is that they are connected through the Internet. Traditional Supervisory Control and Data Acquisition Systems (SCADA) is connected only in a limited private network Since the internet Supervisory Control and Data Acquisition Systems (SCADA) facility has brought a lot of advantages in terms of control, data viewing and generation. Along with these advantages, are security issues regarding web SCADA, operators are pushed to connect Control Systems through the internet. Because of this, many issues regarding security surfaced. In this paper, we discuss web SCADA and the issues regarding security. As a countermeasure, a web SCADA security solution using crossed-crypto-scheme is proposed to be used in the communication of SCADA components.

Robles, Rosslin John; Kim, Tai-Hoon

79

How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores  

Microsoft Academic Search

Web applications increasingly integrate third-party services. The integration introduces new security challenges due to the complexity for an application to coordinate its internal states with those of the component services and the web client across the Internet. In this paper, we study the security implications of this problem to merchant websites that accept payments through third-party cashiers (e.g., PayPal, Amazon

Rui Wang; Shuo Chen; XiaoFeng Wang; Shaz Qadeer

2011-01-01

80

A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications  

Microsoft Academic Search

This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security

Silvia TRIF; Adrian VISOIU

2011-01-01

81

Application Web Services  

E-print Network

Admin sif node Online Book Search Service Balancing Service · Performs federated query across all · Performs federated query across all libraries to find books matching the search criteria of an online user Archive CSV Plugin Derby JDBC Plugin SQL Federation Service sif Middleware DB2 Database Plugin Web Service

Oxford, University of

82

Trust-Based Security Model and Enforcement Mechanism for Web Service Technology  

Microsoft Academic Search

The emerging Web service technology has enabled the development of Internet-based applications that integrate distributed\\u000a and heterogeneous systems and processes which are owned by different organizations. Compared to centralized systems and client-server\\u000a environments, the Web service environment is much more dynamic and security for such an environment poses unique challenges.\\u000a For example, an organization (e.g., a service provider or a

Seokwon Yang; Herman Lam; Stanley Y. W. Su

2002-01-01

83

Cost estimation for web applications  

Microsoft Academic Search

In this paper, we investigate the application of the COBRA#8482; method (Cost Estimation, Benchmarking, and Risk Assessment) in a new application domain, the area of web development. COBRA combines expert knowledge with data on a small number of projects to develop cost estimation models, which can also be used for risk analysis and benchmarking purposes. We modified and applied the

Melanie Ruhe; Ross Jeffery; Isabella Wieczorek

2003-01-01

84

Secure password-based authenticated key exchange for web services  

SciTech Connect

This paper discusses an implementation of an authenticated key-exchange method rendered on message primitives defined in the WS-Trust and WS-SecureConversation specifications. This IEEE-specified cryptographic method (AuthA) is proven-secure for password-based authentication and key exchange, while the WS-Trust and WS-Secure Conversation are emerging Web Services Security specifications that extend the WS-Security specification. A prototype of the presented protocol is integrated in the WSRF-compliant Globus Toolkit V4. Further hardening of the implementation is expected to result in a version that will be shipped with future Globus Toolkit releases. This could help to address the current unavailability of decent shared-secret-based authentication options in the Web Services and Grid world. Future work will be to integrate One-Time-Password (OTP) features in the authentication protocol.

Liang, Fang; Meder, Samuel; Chevassut, Olivier; Siebenlist, Frank

2004-11-22

85

Sound and precise analysis of web applications for injection vulnerabilities  

Microsoft Academic Search

Web applications are popular targets of security attacks. One common type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously crafted database queries. Bothstatic and dynamic approaches have been proposed to detect or prevent SQL injections; while dynamic approaches provide protection for deployed software, static approaches can detect potential vulnerabilities before software deployment.

Gary Wassermann; Zhendong Su

2007-01-01

86

Sound and precise analysis of web applications for injection vulnerabilities  

Microsoft Academic Search

Web applications are popular targets of security attacks. One com- mon type of such attacks is SQL injection, where an attacker exploits faulty application code to execute maliciously cr afted database queries. Both static and dynamic approaches have been proposed to detect or prevent SQL injections; while dynamic approaches provide protection for deployed software, static ap- proaches can detect potential

Gary Wassermann; Zhendong Su

2007-01-01

87

A Static Analysis Tool for Detecting Web Application Injection Vulnerabilities for ASP Program  

Microsoft Academic Search

Publicly reported vulnerability in recent years strong growth of the Web Application , Cross-site scripting (XSS) and SQL injection have been the most dominant class of web vulnerabilities, Web application security has been a great challenge. For the case, the static analysis tools ASPWC presented in this paper to detect XSS attacks and SQL injection vulnerabilities based on taint analysis,

Xin-hua Zhang; Zhi-jian Wang

2010-01-01

88

Project Assessment Skills Web Application  

NASA Technical Reports Server (NTRS)

The purpose of this project is to utilize Ruby on Rails to create a web application that will replace a spreadsheet keeping track of training courses and tasks. The goal is to create a fast and easy to use web application that will allow users to track progress on training courses. This application will allow users to update and keep track of all of the training required of them. The training courses will be organized by group and by user, making readability easier. This will also allow group leads and administrators to get a sense of how everyone is progressing in training. Currently, updating and finding information from this spreadsheet is a long and tedious task. By upgrading to a web application, finding and updating information will be easier than ever as well as adding new training courses and tasks. Accessing this data will be much easier in that users just have to go to a website and log in with NDC credentials rather than request the relevant spreadsheet from the holder. In addition to Ruby on Rails, I will be using JavaScript, CSS, and jQuery to help add functionality and ease of use to my web application. This web application will include a number of features that will help update and track progress on training. For example, one feature will be to track progress of a whole group of users to be able to see how the group as a whole is progressing. Another feature will be to assign tasks to either a user or a group of users. All of these together will create a user friendly and functional web application.

Goff, Samuel J.

2013-01-01

89

Application Instructions for: Cyber Security Fundamentals Certificate  

E-print Network

Application Instructions for: Cyber Security Fundamentals Certificate Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) Monterey, CA 93943 cyber@nps.edu #12;Cyber Security Fundamentals Certificate - Online Application Instructions 1. Go to https

90

Information flow control for secure web sites  

E-print Network

Sometimes Web sites fail in the worst ways. They can reveal private data that can never be retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt data to users [27]. Blame can fall on ...

Krohn, Maxwell N. (Maxwell Norman)

2008-01-01

91

Declarative specification of Web applications exploiting Web services and workflows  

Microsoft Academic Search

This demo presents an extension of a declarative language for specifying data-intensive Web applications. We demonstrate a scenario extracted from a real-life application, the Web portal of a computer manufacturer, including interactions with third-party service providers and enabling distributors to participate in well-defined business processes. The crucial advantage of our framework is the high-level modeling of a complex Web application,

Marco Brambilla; Stefano Ceri; Sara Comai; Marco Dario; Piero Fraternali; Ioana Manolescu

2004-01-01

92

INSTITUTE FOR CYBER SECURITY Application-Centric Security  

E-print Network

INSTITUTE FOR CYBER SECURITY Application-Centric Security: How to Get There Prof. Ravi Sandhu Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio Executive Director and Endowed Chair Institute for Cyber Security (ICS) University of Texas at San Antonio

Sandhu, Ravi

93

A Multi-Factor Security Protocol for Wireless Payment - Secure Web Authentication using Mobile Devices  

E-print Network

Previous Web access authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. This paper proposes a new protocol using multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce extra security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy, that does not require any change in infrastructure or protocol of wireless networks. This Protocol for Wireless Payment is extended to provide two way authentications.

Tiwari, Ayu; Abraham, Ajith; Knapskog, Svein Johan; Sanyal, Sugata

2011-01-01

94

Security applications of magnetic sensors  

NASA Astrophysics Data System (ADS)

Magnetic sensors are often used for security and military applications such as detection, discrimination and localization of ferromagnetic and conducting objects, navigation, position tracking and antitheft systems. We give only general overview, few remarks and some interesting references on these applications.

Ripka, Pavel

2013-06-01

95

MedlinePlus Connect: Web Application  

MedlinePLUS

MedlinePlus Connect: Web Application To use the sharing features on this page, please enable JavaScript. MedlinePlus Connect is available as a ... please see our guidelines and instructions on linking. Web Application Overview The API for the Web application ...

96

Security seal. [Patent application  

DOEpatents

Security for a package or verifying seal in plastic material is provided by a print seal with unique thermally produced imprints in the plastic. If tampering is attempted, the material is irreparably damaged and thus detectable. The pattern of the imprints, similar to fingerprints are recorded as a positive identification for the seal, and corresponding recordings made to allow comparison. The integrity of the seal is proved by the comparison of imprint identification records made by laser beam projection.

Gobeli, G.W.

1981-11-17

97

Secure and Lightweight Advertising on the Web  

Microsoft Academic Search

We consider how to obtain a safe and efficient scheme for Web advertising. We introduce to cryptography the market model, a common concept from economics. This corresponds to an assumption of rational behavior of protocol participants. Making this assumption allows us to design schemes that are highly efficient in the common case — which is, when participants behave rationally. We

Markus Jakobsson; Philip D. Mackenzie; Julien P. Stern

1999-01-01

98

Designing User-Centered Web Applications in Web Time  

Microsoft Academic Search

As designers struggle to develop Web applications “in Web time,” they are under the added pressure of delivering usability. The author describes her company's successful transformation to user-driven processes for designing e-commerce applications. She also offers strategies for introducing human factors methods into a reluctant development organization

Molly Hammar Cloyd

2001-01-01

99

Efficient Integration of Web Services in Ambient-aware Sensor Network Applications1  

E-print Network

, and security cameras. Emergency response, homeland security, and many other applications have a very real need platforms such as satellite imaging systems, meteorological stations, air quality stations, and security cameras. The ability to seamlessly assemble a sensor web from various sensor network architectures greatly

Koutsoukos, Xenofon D.

100

Homeland Security and Defense Applications  

ScienceCinema

Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

None

2015-01-09

101

Homeland Security and Defense Applications  

SciTech Connect

Homeland Security and Defense Applications personnel are the best in the world at detecting and locating dirty bombs, loose nukes, and other radiological sources. The site trains the Nation's emergency responders, who would be among the first to confront a radiological or nuclear emergency. Homeland Security and Defense Applications highly training personnel, characterize the threat environment, produce specialized radiological nuclear detection equipment, train personnel on the equipment and its uses, test and evaluate the equipment, and develop different kinds of high-tech equipment to defeat terrorists. In New York City for example, NNSS scientists assisted in characterizing the radiological nuclear environment after 9/11, and produced specialized radiological nuclear equipment to assist local officials in their Homeland Security efforts.

None

2014-11-06

102

XMM-Newton Mobile Web Application  

NASA Astrophysics Data System (ADS)

We present the first XMM-Newton web mobile application, coded using new web technologies such as HTML5, the Query mobile framework, and D3 JavaScript data-driven library. This new web mobile application focuses on re-formatted contents extracted directly from the XMM-Newton web, optimizing the contents for mobile devices. The main goals of this development were to reach all kind of handheld devices and operating systems, while minimizing software maintenance. The application therefore has been developed as a web mobile implementation rather than a more costly native application. New functionality will be added regularly.

Ibarra, A.; Kennedy, M.; Rodríguez, P.; Hernández, C.; Saxton, R.; Gabriel, C.

2013-10-01

103

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications  

E-print Network

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications Michael web applications. Authentication attacks occur when a web application authenticates users unsafely, granting access to web clients that lack the ap- propriate credentials. Access control attacks occur when

Sabatini, David M.

104

Linked data platform for web applications  

E-print Network

Most of today's web applications are tightly coupled to proprietary server backends that store and control all user data. This thesis presents Linked Data as a decentralized web app platform, eliminating vendor lock-in, ...

Presbrey, Joe (Joseph Warren)

2014-01-01

105

Social Security Online: The Official Web Site of the Social Security Administration  

NSDL National Science Digital Library

Social Security Online: The Official Web Site of the Social Security Administration provides information on the agency's history, goals, budget, services, laws and regulations, as well as statistical data and research. The site provides consumers with information about retirement and disability benefits, forms, answers to frequently asked questions, and instructions and directories that will help those interested in contacting the agency. Employers will find information on wage reporting, tax guides, and employee handouts. Consumers who have a web browser that supports Secure Sockets Layer (SSL) can file an electronic request for Personal Earnings and Benefit Estimate statement; however, as reported in the May 23, 1997 Scout Report, for security reasons the SSA no longer sends the statement online.

1994-01-01

106

Threat Modelling for Web Services Based Web Applications  

Microsoft Academic Search

Threat analysis of a web application can lead to a wide variety of identified threats. Some of these threats will be very\\u000a specific to the application; others will be more related to the underlying infrastructural software, such as the web or application\\u000a servers, the database, the directory server and so forth. This paper analyzes the threats that can be related

Lieven Desmet; Bart Jacobs; Frank Piessens; Wouter Joosen

107

Building Rich Web Applications with Ajax  

Microsoft Academic Search

Looks at how developers are going back to the future by building Web applications using Ajax (Asynchronous JavaScript and XML), a set of technologies mostly developed in the 1990s. A key advantage of Ajax applications is that they look and act more like desktop applications. Proponents argue that Ajax applications perform better than traditional Web programs. As an example, Ajax

Linda Dailey Paulson

2005-01-01

108

Application Instructions for: Cyber Security Defense Certificate  

E-print Network

Application Instructions for: Cyber Security Defense Certificate Naval Postgraduate School Center for Information Systems Security Studies and Research (CISR) Monterey, CA 93943 cyber@nps.edu #12;Cyber Security ­ Cyber Security Defense iv. Academic Year/ Quarter: SELECT THE FOLLOWING START DATE: a. Quarter 3 Start

109

A survey on web modeling approaches for ubiquitous web applications  

Microsoft Academic Search

Purpose - Ubiquitous web applications (UWA) are a new type of web applications which are accessed in various contexts, i.e. through different devices, by users with various interests, at anytime from anyplace around the globe. For such full-fledged, complex software systems, a methodologically sound engineering approach in terms of model-driven engineering (MDE) is crucial. Several modeling approaches have already been

Wieland Schwinger; Werner Retschitzegger; Andrea Schauerhuber; Gerti Kappel; Manuel Wimmer; Birgit Pröll; Cristina Cachero Castro; Sven Casteleyn; Olga De Troyer; Piero Fraternali; Irene Garrigós; Franca Garzotto; Athula Ginige; Geert-jan Houben; Nora Koch; Nathalie Moreno; Oscar Pastor; Paolo Paolini; Vicente Pelechano; Gustavo Rossi; Daniel Schwabe; Massimo Tisi; Antonio Vallecillo; Kees Van Der Sluijs; Gefei Zhang

2008-01-01

110

Development of Web Applications from Web Enhanced Conceptual Schemas  

Microsoft Academic Search

\\u000a This work presents an OO software production method that defines a systematic process for conceptual modelling of web applications.\\u000a The paper discusses a set of minimum primitives to capture the essentials of dynamic web applications and it discusses how\\u000a to introduce them in a classical model-centered OO method that provides systematic code generation. Finally, the paper presents\\u000a some ideas to

Joan Fons; Vicente Pelechano; Manoli Albert; Oscar Pastor

2003-01-01

111

APPLICATION RESPONSE MEASUREMENT OF DISTRIBUTED WEB SERVICES  

Microsoft Academic Search

Web service technology will provide a platform for dynamic e-business applications. This paper describes a framework for identifying, monitoring and reporting performance data of critical transactions within a web service using the Java ARM standard, a Transaction Definition Language (TDL) and a bytecode instrumentation tool. The data extracted using this framework is shown to be appropriate for dynamically selecting web

J. D. Turner; D. A. Bacigalupo; S. A. Jarvis; D. N. Dillenberger; G. R. Nudd

112

Cohesive Design of Personalized Web Applications  

Microsoft Academic Search

Good software engineering practices, such as separating concerns and identifying patterns, simplify the critical design decisions in building personalized Web applications. The authors use the object-oriented hypermedia design method (OOHDM) for constructing customized Web applications. Incorporating well-known object-oriented design structures and techniques, OOHDM produces flexible Web application models. Designers can add personalized behavior to these models with minimal code manipulation,

Daniel Schwabe; Robson Mattos Guimarães; Gustavo Rossi

2002-01-01

113

FAILLES DE SECURITE DES APPLICATIONS WEB  

E-print Network

FAILLES DE SECURITE DES APPLICATIONS WEB PRINCIPES, PARADES ET BONNES PRATIQUES DE DEVELOPPEMENT Référence : Failles de sécurité des applications Web Date de dernière mise à jour : 03/04/2012 Version du-BY-NC-ND Objet du document : Ce document explique les 10 principales failles de sécurité des applications Web

Paris-Sud XI, Université de

114

Integrating Application Programs for Bioinformatics Using a Web Browser.  

PubMed

We have constructed a general framework for integrating application programs with control through a local Web browser. This method is based on a simple inter-process message function from an external process to application programs. Commands to a target program are prepared in a script file, which is parsed by a message dispatcher program. When it is used as a helper application to a Web browser, these messages will be sent from the browser by clicking a hyper-link in a Web document. Our framework also supports pluggable extension-modules for application programs by means of dynamic linking. A prototype system is implemented on our molecular structure-viewer program, MOSBY. It successfully featured a function to load an extension-module required for the docking study of molecular fragments from a Web page. Our simple framework facilitates the concise configuration of Web softwares without complicated knowledge on network computation and security issues. It is also applicable for a wide range of network computations processing private data using a Web browser. PMID:11072353

Ueno; Asai; Arita

1999-01-01

115

Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance  

SciTech Connect

This paper explores techno-social predictive analytics (TPA) and related methods for Web “data mining” where users’ posts and queries are garnered from Social Web (“Web 2.0”) tools such as blogs, microblogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people’s collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks.

Kamel Boulos, Maged; Sanfilippo, Antonio P.; Corley, Courtney D.; Wheeler, Steve

2010-03-17

116

A FRAMEWORK FOR COLLECTING CLIENTSIDE PARADATA IN WEB APPLICATIONS  

E-print Network

and stores clients' behavior on web applications. The framework is implemented in JavaScript, PHP, and My with static web pages--current web sites--which we call web applications--interact with users through rich and JavaScript content. This type of web applications is commonly referred to by Web 2.0. The scripting

Bremen, Universität

117

Bachelor Project StockHome -Web Application  

E-print Network

Bachelor Project StockHome - Web Application User interface for a financial analysis tool Gilad and assisting us during dark times. Last but not least, I would like to thank my friends who spent those long . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 iii #12;Gilad Geron StockHome - Web Application A Technologies 31 A.1 Ruby

Lanza, Michele

118

MedIT Solutions Web application development  

E-print Network

MedIT Solutions Web application development MedIT can create a customized web app unique to you- ports, pull metrics and much more. Virtual server hosting On a grant budget? MedIT provides vir- tual infrastructure. Virtual desktop and applications MedIT offers a complete remote office, giving you access to all

MacMillan, Andrew

119

Web Application Software for Ground Operations Planning Database (GOPDb) Management  

NASA Technical Reports Server (NTRS)

A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

2013-01-01

120

A taxonomy and business analysis for mobile web applications  

E-print Network

Mobile web applications refer to web applications on mobile devices, aimed at personalizing, integrating, and discovering mobile contents in user contexts. This thesis presents a comprehensive study of mobile web applications ...

Liu, Kevin H

2009-01-01

121

Web Usage Mining: Discovery and Applications of Usage Patterns from Web Data  

Microsoft Academic Search

Web usage mining is the application of data mining techniques to discover usage patterns from Web data, in order to understand and better serve the needs of Web-based applications. Web usage mining consists of three phases, namely . This paper describes each of these phases in detail. Given its application potential, Web usage mining has seen a rapid increase in

Jaideep Srivastava; Robert Cooley; Mukund Deshpande; Pang-Ning Tan

2000-01-01

122

IBM Software IBM Security AppScan: Application  

E-print Network

IBM Software Security June 2012 IBM Security AppScan: Application security and risk managementScan: Application security and risk management Organizations today rely on software applications to drive essential solutions specific to the challenges of application security that go beyond basic security testing to manage

123

A specialized framework for data retrieval Web applications  

SciTech Connect

Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.

Jerzy Nogiec; Kelley Trombly-Freytag; Dana Walbridge

2004-07-12

124

Access Control of Web- and Java-Based Applications  

NASA Technical Reports Server (NTRS)

Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

Tso, Kam S.; Pajevski, Michael J.

2013-01-01

125

Image-Based Electronic Patient Records for Secured Collaborative Medical Applications  

Microsoft Academic Search

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), image-based EPR repository server (EPR-Server), Web server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of digital signature and authentication are integrated to

Jianguo Zhang; Jianyong Sun; Yuanyuan Yang; Chenwen Liang; Yihong Yao; Jin Jin; Weihua Cai; Kun Sun; Guozhen Zhang

2005-01-01

126

Client\\/Server Web Application Development  

Microsoft Academic Search

Client Side Web Application Development refers to coding in HTML and\\/or scripting languages. When a user opens a web page, which is stored in a server, the file is transferred from the server computer to the client computer and viewed in the client computer. If it consists of scripts, execution of these programs is done in the client computer. In

Mehdi Raoufi; Kimberly Spoa; Zachary Wiggins

127

VOGCLUSTERS: an example of DAME web application  

E-print Network

We present the alpha release of the VOGCLUSTERS web application, specialized for data and text mining on globular clusters. It is one of the web2.0 technology based services of Data Mining & Exploration (DAME) Program, devoted to mine and explore heterogeneous information related to globular clusters data.

Castellani, Marco; Mancini, Ettore; Pellecchia, Luca; Longo, Giuseppe

2011-01-01

128

Evaluating WS-security and XACML in web services-based network management  

Microsoft Academic Search

The use of Web services in network management has became a reality after recent researches and industry standardization effort. Although performance is a critical issue, as well as security support, no investigation so far has observed how secure Web services communications perform when employed for network management. In this paper we present a first investigation in this subject by evaluating

Estêvão M. Z. Rohr; Lisandro Zambenedetti Granville; Liane Margarida Rockenbach Tarouco

2009-01-01

129

Where Did All the Data Go? Internet Security for Web-Based Assessments.  

ERIC Educational Resources Information Center

The purpose of this paper is to enumerate a series of security steps that might be taken by those individuals or organizations that are contemplating Web-based tests and performance assessments. From a security viewpoint, much of what goes on with Web-based transactions is similar to other general computer activity, but the recommendations focus…

Shermis, Mark D.; Averitt, Jason

130

Security applications of terahertz technology  

NASA Astrophysics Data System (ADS)

Recent events have accelerated the quest for ever more effective security screening to detect an increasing variety of threats. Many techniques employing different parts of the electromagnetic spectrum from radio up to X- and gammaray are in use. Terahertz radiation, which lies between microwave and infrared, is the last part to be exploited for want, until recently, of suitable sources and detectors. This paper describes practical techniques for Terahertz imaging and spectroscopy which are now being applied to a variety of applications. We describe a number of proof-of-principle experiments which show that Terahertz imaging has the ability to use very low levels of this non-ionising radiation to detect hidden objects in clothing and common packing materials and envelopes. Moreover, certain hidden substances such as plastic explosives and other chemical and biological agents may be detected from their characteristic Terahertz spectra. The results of these experiments, coupled with availability of practical Terahertz systems which operate outside the laboratory environment, demonstrate the potential for Terahertz technology in security screening and counterterrorism.

Kemp, Michael C.; Taday, P. F.; Cole, Bryan E.; Cluff, J. A.; Fitzgerald, Anthony J.; Tribe, William R.

2003-08-01

131

Do You Talk to Each Poster? Security and Privacy for Interactions with Web Service by Means of Contact Free Tag Readings  

Microsoft Academic Search

The pervasive service interaction (PERCI) application allows interaction with Web services through associated real world objects equipped with contact less tags. The tags are read with a mobile. The read tag content is used to invoke Web service in the back-end system. The case study presented here is identifying in a structured approach security and privacy requirements of an near

Peter Schoo; Massimo Paolucci

2009-01-01

132

Opal web services for biomedical applications.  

PubMed

Biomedical applications have become increasingly complex, and they often require large-scale high-performance computing resources with a large number of processors and memory. The complexity of application deployment and the advances in cluster, grid and cloud computing require new modes of support for biomedical research. Scientific Software as a Service (sSaaS) enables scalable and transparent access to biomedical applications through simple standards-based Web interfaces. Towards this end, we built a production web server (http://ws.nbcr.net) in August 2007 to support the bioinformatics application called MEME. The server has grown since to include docking analysis with AutoDock and AutoDock Vina, electrostatic calculations using PDB2PQR and APBS, and off-target analysis using SMAP. All the applications on the servers are powered by Opal, a toolkit that allows users to wrap scientific applications easily as web services without any modification to the scientific codes, by writing simple XML configuration files. Opal allows both web forms-based access and programmatic access of all our applications. The Opal toolkit currently supports SOAP-based Web service access to a number of popular applications from the National Biomedical Computation Resource (NBCR) and affiliated collaborative and service projects. In addition, Opal's programmatic access capability allows our applications to be accessed through many workflow tools, including Vision, Kepler, Nimrod/K and VisTrails. From mid-August 2007 to the end of 2009, we have successfully executed 239,814 jobs. The number of successfully executed jobs more than doubled from 205 to 411 per day between 2008 and 2009. The Opal-enabled service model is useful for a wide range of applications. It provides for interoperation with other applications with Web Service interfaces, and allows application developers to focus on the scientific tool and workflow development. Web server availability: http://ws.nbcr.net. PMID:20529877

Ren, Jingyuan; Williams, Nadya; Clementi, Luca; Krishnan, Sriram; Li, Wilfred W

2010-07-01

133

Toolsets for Airborne Data Web Application  

... aircraft data for scientific research on climate change and air quality relevant issues. Features Include Select data based ... Details:  Toolsets for Airborne Data (TAD) Web Application Category:  Instrument Specific Search, ...

2014-09-17

134

Secure application partitioning for intellectual property protection  

E-print Network

Intellectual property protection is a major concern for both hardware and software architects today. Recently secure platforms have been proposed to protect the privacy of application code and enforce that an application ...

O'Donnell, Charles W., S.M. Massachusetts Institute of Technology

2005-01-01

135

Memento: A Framework for Hardening Web Applications  

Microsoft Academic Search

We propose a generic framework called Memento for systemati cally hardening web applications. Memento models a web application's behavior using a deterministic finite automata (DFA), where each server-side script is a state, and st ate transitions are triggered by HTTP requests. We use this DFA t o defend against cross-site request forgery (CSRF) and cros s- site-scripting (XSS) attacks. The

Karthick Jayaraman; Grzegorz Lewandowski; Steve J. Chapin

2008-01-01

136

On specifying security policies for web documents with an XML-based language  

Microsoft Academic Search

The rapid growth of the Web and the ease with which data can be accessed facilitate the distribution and sharing of information. Information dissemination often takes the form of documents that are made available at Web servers, or that are actively broadcasted by Web servers to interested clients. In this paper, we present an XML-compliant formalism for specifying security-related information

Elisa Bertino; Silvana Castano; Elena Ferrari

2001-01-01

137

Enforcing direct communications between clients and Web servers to improve proxy performance and security  

Microsoft Academic Search

SUMMARY The amount of dynamic Web contents and secured e-commerce transactions has been dramatically increasing on the Internet, where proxy servers between clients and Web servers are commonly used for the purpose of sharing commonly accessed data and reducing Internet traffic. A significant and unnecessary Web access delay is caused by the overhead in proxy servers to process two types

Songqing Chen; Xiaodong Zhang

2004-01-01

138

AT&T Consulting Application Security Program Management  

E-print Network

AT&T Consulting Application Security Program Management In today's global marketplace, businesses Program Management services in Application Security. By offering program management, we allow your a comprehensive approach to application security. This includes metrics, training, and management reporting

Fisher, Kathleen

139

Bringing Web 2.0 to the Old Web: A Platform for Parasitic Applications  

Microsoft Academic Search

It is possible to create interactive, responsive web applications that al- low user-generated contributions. However, the relevant technologies have to be explicitly deployed by the authors of the web pages. In this work we present the concept of parasitic and symbiotic web applications which can be deployed on arbitrary web pages by means of a proxy-based application platform. Such appli-

Florian Alt; Albrecht Schmidt; Richard Atterer; Paul Holleis

2009-01-01

140

A Web-Enabled Enterprise Security Management Framework Based on a Unified Model of Enterprise Information System Security  

Microsoft Academic Search

\\u000a This paper presents an ongoing research project that is a sequel to an earlier work on the Development of Enterprise Information\\u000a Security Management (EISM) Tool Suite for different stages like Requirement and Risk Analysis, Policy Development, Infrastructure\\u000a Advisory Generation, and Testing of the Security Engineering Life Cycle. The present project attempts to develop a set of\\u000a web-based information security management

Anirban Sengupta; Aniruddha Mukhopadhyay; Koel Ray; Aveek Guha Roy; Dipankar Aich; Mridul Sankar Barik; Chandan Mazumdar

2005-01-01

141

Secure coprocessing applications and research issues  

SciTech Connect

The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

Smith, S.W.

1996-08-01

142

Capturing Trust in Social Web Applications  

NASA Astrophysics Data System (ADS)

The Social Web constitutes a shift in information flow from the traditional Web. Previously, content was provided by the owners of a website, for consumption by the end-user. Nowadays, these websites are being replaced by Social Web applications which are frameworks for the publication of user-provided content. Traditionally, Web content could be `trusted' to some extent based on the site it originated from. Algorithms such as Google's PageRank were (and still are) used to compute the importance of a website, based on analysis of underlying link topology. In the Social Web, analysis of link topology merely tells us about the importance of the information framework which hosts the content. Consumers of information still need to know about the importance/reliability of the content they are reading, and therefore about the reliability of the producers of that content. Research into trust and reputation of the producers of information in the Social Web is still very much in its infancy. Every day, people are forced to make trusting decisions about strangers on the Web based on a very limited amount of information. For example, purchasing a product from an eBay seller with a `reputation' of 99%, downloading a file from a peer-to-peer application such as Bit-Torrent, or allowing Amazon.com tell you what products you will like. Even something as simple as reading comments on a Web-blog requires the consumer to make a trusting decision about the quality of that information. In all of these example cases, and indeed throughout the Social Web, there is a pressing demand for increased information upon which we can make trusting decisions. This chapter examines the diversity of sources from which trust information can be harnessed within Social Web applications and discusses a high level classification of those sources. Three different techniques for harnessing and using trust from a range of sources are presented. These techniques are deployed in two sample Social Web applications—a recommender system and an online auction. In all cases, it is shown that harnessing an increased amount of information upon which to make trust decisions greatly enhances the user experience with the Social Web application.

O'Donovan, John

143

Robust image obfuscation for privacy protection in Web 2.0 applications  

NASA Astrophysics Data System (ADS)

We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

Poller, Andreas; Steinebach, Martin; Liu, Huajian

2012-03-01

144

Modelling Safe Interface Interactions in Web Applications  

NASA Astrophysics Data System (ADS)

Current Web applications embed sophisticated user interfaces and business logic. The original interaction paradigm of the Web based on static content pages that are browsed by hyperlinks is, therefore, not valid anymore. In this paper, we advocate a paradigm shift for browsers and Web applications, that improves the management of user interaction and browsing history. Pages are replaced by States as basic navigation nodes, and Back/Forward navigation along the browsing history is replaced by a full-fledged interactive application paradigm, supporting transactions at the interface level and featuring Undo/Redo capabilities. This new paradigm offers a safer and more precise interaction model, protecting the user from unexpected behaviours of the applications and the browser.

Brambilla, Marco; Cabot, Jordi; Grossniklaus, Michael

145

SOCIAL SECURITY ADMINISTRATION Application for a Social Security Card  

E-print Network

now. 3. If you check "other" for CITIZENSHIP, provide a document from the Federal/State or local clarification about who can sign. HOW TO SUBMIT THE APPLICATION Mail the form and your evidence documents to the nearest Social Security office. We will return your documents to you. If you do not want to mail your

Li, Mo

146

Decomposition and Abstraction of Web Applications for Web Service Extraction and Composition  

Microsoft Academic Search

There are large demands for re-engineering human- oriented Web application systems for use as machine- oriented Web application systems, which are called Web Services. This paper describes a framework named H2W, which can be used for constructing Web Service wrappers from existing, multi-paged Web applications. H2W's contribution is mainly for service extraction, rather than for the widely studied problem of

Michiaki Tatsubori; Kenichi Takahashi

2006-01-01

147

Improving Mobile Application Security via Bridging User Expectations and Application Behaviors  

E-print Network

Improving Mobile Application Security via Bridging User Expectations and Application Behaviors Wei malware out of mobile application markets, exist- ing techniques analyze the security aspects of application behaviors and summarize patterns of these security aspects to determine what applications do

Xie, Tao

148

Dynamic updates for web and cloud applications  

Microsoft Academic Search

The center of mass for newly-released applications is shifting from traditional, desktop or server programs, toward web and cloud computing applications. This shift is favorable to end-users, but puts additional burden on application developers and service providers. In particular, the newly emerging development methodologies, based on dynamic languages and multi-tier setups, complicate tasks such as verification and require end-to-end, rather

Pamela Bhattacharya; Iulian Neamtiu

2010-01-01

149

ReSTful OSGi Web Applications Tutorial  

NASA Technical Reports Server (NTRS)

This slide presentation accompanies a tutorial on the ReSTful (Representational State Transfer) web application. Using Open Services Gateway Initiative (OSGi), ReST uses HTTP protocol to enable developers to offer services to a diverse variety of clients: from shell scripts to sophisticated Java application suites. It also uses Eclipse for the rapid development, the Eclipse debugger, the test application, and the ease of export to production servers.

Shams, Khawaja; Norris, Jeff

2008-01-01

150

Semantic-Web Technology: Applications at NASA  

NASA Technical Reports Server (NTRS)

We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical applications. Indeed there are several ongoing 0 endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific information gathering and integration to aviation safety decision support We provide a brief overview of many applications and ongoing work with the goal of informing the external community of these NASA endeavors.

Ashish, Naveen

2004-01-01

151

Certificate for secure web The Department of computer Science and Artificial Intelligence  

E-print Network

About us Certificate for secure web The Department of computer Science and Artificial Intelligence of Artificial Intelligence, Computer Graphics, Computational Geometry or Coding and Cryptology, among others of the Computation and Artificial Intelligence #12;

Escolano, Francisco

152

Virtual real-time inspection of nuclear material via VRML and secure web pages  

SciTech Connect

Sandia National Laboratories` Straight Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight Line`s efforts is to create a system to securely disseminate this data on the Internet`s World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight Line secure 3-D web page. A discussion of the ``pros and cons`` of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at the following address: http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended.

Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

1997-04-01

153

Serving Embedded Content via Web Applications: Model, Design and Experimentation  

E-print Network

Serving Embedded Content via Web Applications: Model, Design and Experimentation Simon Duquennoy dedicated terminals. A new trend consists in embedding Web servers in small devices, making both access of embedded Web servers, and we introduce a taxonomy of the contents possi- bly served by Web applications

Paris-Sud XI, Université de

154

A Secure Image Transfer Application for the NHSnet Kerry Jean kjean@ee.ucl.ac.uk, Walter Eaves weaves@ee.ucl.ac.uk, John Lam  

E-print Network

A Secure Image Transfer Application for the NHSnet Kerry Jean kjean@ee.ucl.ac.uk, Walter Eaves of Electronic Engineering, University College London Abstract: This paper outlines the application of some of the security technologies investigated in the HARP (Harmonisation for the security of web technologies and a

Haddadi, Hamed

155

A web-service agent-based decision support system for securities exception management  

Microsoft Academic Search

With rising trading volumes and increasing risks in securities transactions, the securities industry is making an effort to shorten the trade lifecycle and minimize transaction risks. While attempting to achieve this, exception management is crucial to pass trade information within the trade lifecycle in a timely and accurate fashion. For a competitive solution to exception management, a web-service-agent-based decision support

Minhong Wang; Huaiqing Wang; Dongming Xu; Kwok Kit Wan; Doug Vogel

2004-01-01

156

Smart Certi cates: Extending X.509 for Secure Attribute Services on the Web  

E-print Network

Smart Certi cates: Extending X.509 for Secure Attribute Services on the Web Joon S. Park and Ravi Sandhu The Laboratory for Information Security Technology Information and Software Engineering Department of an entity, such as a role, access identity, group, or clearance. If attributes are provided integrity

Sandhu, Ravi

157

Toward Web Services Profiles for Trust and Security in Virtual Organisations  

Microsoft Academic Search

The rise in practical Virtual Organisations (VOs) requires secure access to data and interactions between their partners.\\u000a Ad hoc solutions to meet these requirements are possible, but Web services hold out the potential for generic security solutions\\u000a whose cost can be spread across several short lived dynamic VOs. This paper identifies trust and security requirements throughout\\u000a the VO lifecycle and

Alvaro E. Arenas; Ivan Djordjevic; Theo Dimitrakos; Leonid Titkov; Joris Claessens; Christian Geuer-Pollmann; Emil C. Lupu; Nilufer Tuptuk; Stefan Wesner; Lutz Schubert

158

A workflow approach for a token web application specification  

Microsoft Academic Search

In our third year Web Application Development course, there is a traditional assignment, which requires the students design and develop a token web application in ASP.NET. We have been specifying such a token web application assignment in ordinary English. This way is not concise, intuitive, well organised and accurate. Further, it might be ambiguous, incomplete and repetitive. This study tries

Xiaosong Li

159

Using Web Application Construction Frameworks to Protect Against Code Injection Attacks  

E-print Network

. With Web 2.0 existing security problems are further exacerbated by the advent of Ajax technology in applications built on top of popular Ajax development frameworks such as the Dojo Toolkit, prototype.js, and AJAX.NET. Unlike other client-side runtime enforcement proposals, the approach we are advo- cating

Livshits, Ben

160

Web Design Frameworks: An Approach to Improve Reuse in Web Applications  

Microsoft Academic Search

In this paper we introduce Web design frameworks as a conceptual approach to maximize reuse in Web applications. We first discuss the need for building abstract and reusable navigational design structures, exemplifying with different kinds of Web Information Systems. Then, we briefly review the state of the art of object-orient ed application frameworks and present the rationale for a slightly

Daniel Schwabe; Gustavo Rossi; Luiselena Esmeraldo; Fernando Lyardet

2001-01-01

161

WebAppArmor: A Framework for Robust Prevention of Attacks on Web Applications (Invited Paper)  

Microsoft Academic Search

\\u000a As the World Wide Web continues to evolve, the number of web-based attacks that target web applications is on the rise. Attacks\\u000a such as Cross-site Scripting (XSS), SQL Injection and Cross-site Request Forgery (XSRF) are among the topmost threats on the\\u000a Web, and defending against these attacks is a growing concern. In this paper, we describe WebAppArmor, a framework that

V. N. Venkatakrishnan; Prithvi Bisht; Mike Ter Louw; Michelle Zhou; Kalpana Gondi; Karthik Thotta Ganesh

2010-01-01

162

Security Architecture for Web-based Health Insurance Systems  

Microsoft Academic Search

Today, the use of information systems in healthcare has dramatically increased. Some health insurance companies use WWW for patient operations such as opening patient consultation, prescription etc. From the security point of view, generally simple security is applied in order to identify patients and physicians. The lack of security results in exploitation of insurance companies by some of patients and

Mucahit Mutlugun; Ibrahim Sogukpinar

2006-01-01

163

75 FR 30892 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Notice of Filing of...  

Federal Register 2010, 2011, 2012, 2013

...information regarding municipal securities to the MSRB, at no charge...dissemination on the EMMA Web site, the EMMA Web site would display such...the applicable municipal security otherwise displayed on the EMMA Web site. Currently,...

2010-06-02

164

Webformer: A Rapid Application Development Toolkit for Writing Ajax Web Form Applications  

E-print Network

,ytlee,kcyee}@cs.hku.hk Abstract. Web forms are commonly used to capture data on the web. With Asynchronous Javascript and XML on the web. In early days, a web form was presented as a static HTML page, which requires page reload for the web server to perform data validation. The long page reload time made web applications

Cheung, David Wai-lok

165

Method of creating web services from web applications  

Microsoft Academic Search

Web 2.0 is becoming popular among people who are interested in creating or providing more useful services on the Internet. Mashup is one of the most important methods in Web 2.0, which creates services by combining components on the Internet, such as Web services. Mashup enables many people to create various services easily and use services created by many other

Yusuke Nakano; Yoji Yamato; Michiharu Takemoto; Hiroshi Sunaga

2007-01-01

166

76 FR 7884 - Self-Regulatory Organizations; International Securities Exchange, LLC; Order Approving Proposed...  

Federal Register 2010, 2011, 2012, 2013

...Uniform Application for Securities Industry Registration...Depository System (``Web CRD''), and must pass the General Securities Representative examination...already registered in Web CRD must register (i...person is engaged in the securities business of a...

2011-02-11

167

Anomaly Behavior Analysis for Web Page Inspection  

Microsoft Academic Search

As the Internet prevails, people access web services directly via web browsers over the network. However, most websites are not developed with sufficient security consideration. Hackers have taken the advantage of web application vulnerabilities to inject malicious codes into web pages. A victim who visits such a malicious web page will be compromised. Therefore, an efficient malicious web detection method

Chia-Mei Chen; Wan-Yi Tsai; Hsiao-Chung Lin

2009-01-01

168

Management of Network Security Applications Philip C. Hyland  

E-print Network

Management of Network Security Applications Philip C. Hyland Ph.D. Candidate, George Mason reported on management of distributed security applications. This paper reviews several security management projects and related secu- rity research to date. We present a core set of security managed objects for use

Sandhu, Ravi

169

Irradiation applications for homeland security  

NASA Astrophysics Data System (ADS)

In October 2001, first-class mail laced with anthrax was sent to political and media targets resulting in several deaths, illnesses, significant mail-service disruption, and economic loss. The White House Office of Science and Technology Policy established a technical task force on mail decontamination that included three key agencies: National Institute of Standards and Technology with responsibility for radiation dosimetry and coordinating and performing experiments at industrial accelerator facilities; the Armed Forces Radiobiology Research Institute with responsibility for radiobiology; and the US Postal Service with responsibility for radiation-processing quality assurance and quality control. An overview of the anthrax attack decontamination events will be presented as well as expectations for growth in this area and the prospects of other homeland security areas where irradiation technology can be applied.

Desrosiers, Marc F.

2004-09-01

170

Profiling and accelerating string matching algorithms in three network content security applications  

Microsoft Academic Search

The efficiency of string matching algorithms is essential for network con- tent security applications, such as intrusion detection systems, anti-virus sys- tems, and Web content filters. This work reviews typical algorithms and profiles their performance under various situations to study the influence of the number, the length, and the character distribution of the signatures on performance. This profiling can reveal

Po-ching Lin; Zhi-xiang Li; Ying-dar Lin; Yuan-cheng Lai; Frank C. Lin

2006-01-01

171

Bifocals: Analyzing WebView Vulnerabilities in Android Applications  

E-print Network

exposed by the application. This may seem safe, as typically developers use Web- Views to display trustedBifocals: Analyzing WebView Vulnerabilities in Android Applications Erika Chin and David Wagner University of California, Berkeley {emc, daw}@cs.berkeley.edu Abstract. WebViews allow Android developers

Wagner, David

172

Supporting Pattern-based Application Authoring for the Semantic Web  

Microsoft Academic Search

The SWAN approach, presented in this paper, addresses the challenging task of developing Semantic Web Applications, i.e., Web applications that fully and effectively exploit and serve the Semantic Web as their operational environment. It is based on the support of two types of models, semantic domain models and conceptual user interface models, as well as on flexible model mappings. The

Fuchs Michael; Niederée Claudia; Hemmje Matthias

173

An Architecture for the Evolution of Web Applications Paulo Caroli  

E-print Network

a software architecture that is especially useful for managing the evolution of web applications. Web-based systems are a range of applications for which there are no technological standards and new concepts scripts to Java Servlets and to Java Server Pages (JSP). Therefore, the maintenance and evolution of web

Fontoura, Marcus F.

174

Web-Based Resources and Applications: Quality and Influence  

ERIC Educational Resources Information Center

This paper evaluates the quality of two major types of Web resources for K-12 education --information for research, and interactive applications for teaching and learning. It discusses an evaluation on the quality of 1,025 pieces of Web information (articles, research reports, news, and statistics) and 900 Web applications (tutorials, drills,…

Liu, Leping; Johnson, D. Lamont

2005-01-01

175

Video motion detection for physical security applications  

SciTech Connect

Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost effectiveness. In recent years significant advances in image processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Currently Sandia is developing several advanced systems that employ image processing techniques for a broader set of safeguards and security applications. TCATS (Target Cueing and Tracking System) uses a set of powerful, flexible, modular algorithms and software to alarm on purposeful target motion. Custom TCATS hardware optimized for perimeter security applications is currently being evaluated with video input. VISDTA (Video Imaging System for Detection, Tracking, and Assessment) uses some of the same TCATS algorithms and operates with a thermal imager input. In the scan mode, VISDTA detects changes in a scene from the previous image at a given scan point; in the stare mode, VISDTA detects purposeful motion similar to TCATS.

Matter, J.C.

1990-01-01

176

Bluetooth Security in Wearable Computing Applications  

Microsoft Academic Search

Advances in wireless sensor networking technologies have been extended to wearable computing systems and opened a plethora of applications and opportunities in the development and integration of pervasive Bluetooth Technologies with the abundance of existing specialized technologies in monitoring, data collection, and real-time analysis and reporting. Although the Bluetooth framework is acceptably secure, there are still a number of weaknesses

R. Bouhenguel; I. Mahgoub; M. Ilyas

2008-01-01

177

Web-Enabled Scientific Services & Applications (Calculators)  

NSDL National Science Digital Library

Anyone without access to a statistical software package may find this Web site to be a valuable tool. A wide variety of free online utilities are offered, including data and equation plotting, regression analysis, and scientific forecasting. The applications' interfaces are very straightforward, and many options are available for users to input their data and customize the desired output. No explanation of the applications' functions and settings is included. This is not necessarily a problem, however, since it is expected that users will know what kind of statistical analyses they want to perform on their data beforehand.

178

Seaweed : a Web application for designing economic games  

E-print Network

Seaweed is a web application for experimental economists with no programming background to design two-player symmetric games in a visual-oriented interface. Games are automatically published to the web where players can ...

Chilton, Lydia B

2009-01-01

179

SecuBat: a web vulnerability scanner  

Microsoft Academic Search

As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of re- cent security incidences involving the loss of sensitive credit card

Stefan Kals; Engin Kirda; Christopher Kruegel; Nenad Jovanovic

2006-01-01

180

A DIAGRAM APPROACH TO AUTOMATIC GENERATION OF JSP\\/SERVLET WEB APPLICATIONS  

Microsoft Academic Search

We defined diagrams called Web transition diagrams to rep- resent overall behavior of Web applications. Using these diagrams, we can generate server program type Web ap- plications such as CGI-based Web applications, and server page type Web applications such as ASP-based Web appli- cations. The purpose of this paper is to design Web transi- tion diagrams to represent wider class

Kornkamol Jamroendararasame; Tetsuya Suzuki; Takehiro Tokuda

181

From Trusted to Secure: Building and Executing Applications that Enforce System Security  

E-print Network

From Trusted to Secure: Building and Executing Applications that Enforce System Security Boniface in the mainline Linux dis- tributions known as Security Enhanced (SE)Linux [25]. Trusted Solaris [21] and Trusted Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel Systems and Internet Infrastructure Security

Yener, Aylin

182

Dynamically accelerating client-side web applications through decoupled execution  

Microsoft Academic Search

The emergence and wide adoption of web applications have moved the client-side component, often written in JavaScript, to the forefront of computing on the web. Web application developers try to move more computation to the client side to avoid unnecessary network traffic and make the applications more responsive. Therefore, JavaScript applications are becoming larger and more computation intensive. Trace-based just-in-time

Mojtaba Mehrara; Scott A. Mahlke

2011-01-01

183

A Study of CAPTCHAs for Securing Web Services  

E-print Network

Atomizing various Web activities by replacing human to human interactions on the Internet has been made indispensable due to its enormous growth. However, bots also known as Web-bots which have a malicious intend and pretending to be humans pose a severe threat to various services on the Internet that implicitly assume a human interaction. Accordingly, Web service providers before allowing access to such services use various Human Interaction Proof's (HIPs) to authenticate that the user is a human and not a bot. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a class of HIPs tests and are based on Artificial Intelligence. These tests are easier for humans to qualify and tough for bots to simulate. Several Web services use CAPTCHAs as a defensive mechanism against automated Web-bots. In this paper, we review the existing CAPTCHA schemes that have been proposed or are being used to protect various Web services. We classify them in groups and compare them with each other i...

Banday, M Tariq

2011-01-01

184

A Lightweight Authentication Protocol for Web Applications in Mobile Environments  

NASA Astrophysics Data System (ADS)

User's authentication over insecure networks like the Internet is frequently required to be based just on username and password due to the simplicity and the convenience of such a mechanism. A number of password authentication schemes have been proposed in the literature with different robustness against possible attacks. Moreover, the issue of saving power and requiring reduced computation resources without loss of security, is rapidly increasing its importance mainly due to the emergence of ubiquitous (mobile) Web applications, where the user works on wireless devices possibly with limited computation capacities and poor energy autonomy. In this paper we give a significative contribution towards the above direction, by proposing a new authentication scheme requiring neither cryptographic algorithms nor one-way hash functions, as all the methods existing in the literature do, but resisting all the major known attacks, thus improving the state of the art on the authentication schemes in mobile environments.

Buccafurri, Francesco; Lax, Gianluca

185

Virtual Browser: a Web-Level Sandbox to Secure Third-party JavaScript without Sacrificing Functionality  

E-print Network

Virtual Browser: a Web-Level Sandbox to Secure Third-party JavaScript without Sacrificing@u.northwestern.edu, ychen@northwestern.edu ABSTRACT Third-party JavaScript offers much more diversity to Web and its, all the existing works in this area can secure only a subset of third-party JavaScript. At the same

Kuzmanovic, Aleksandar

186

Reliability, Compliance and Security of Web-based Pre/Post-testing  

NSDL National Science Digital Library

Pre/post testing is an important tool for improving science education. Standard in-class administration has drawbacks such as `lost' class time and converting data into electronic format. These are not issues for unproctored web-based administration, but there are concerns about assessment validity, compliance rates, and instrument security. A preliminary investigation compared astronomy students taking pre/post tests on paper to those taking the same tests over the web. The assessments included the Epistemological Beliefs Assessment for Physical Science and a conceptual assessment developed for this study. Preliminary results on validity show no significant difference on scores or on most individual questions. Compliance rates were similar between web and paper on the pretest and much better for web on the posttest. Remote monitoring of student activity during the assessments recorded no clear indication of any copying, printing or saving of questions, and no widespread use of the web to search for answers.

Bonham, Scott W.

2007-11-25

187

Piazza: data management infrastructure for semantic web applications  

Microsoft Academic Search

The Semantic Web envisions a World Wide Web in which data is described with rich semantics and applications can pose complex queries. To this point, researchers have defined new languages for specifying meanings for concepts and developed techniques for reasoning about them, using RDF as the data model. To flourish, the Semantic Web needs to be able to accommodate the

Alon Y. Halevy; Zachary G. Ives; Peter Mork; Igor Tatarinov

2003-01-01

188

A personal agent application for the semantic web Subhash Kumar  

E-print Network

A personal agent application for the semantic web Subhash Kumar , Anugeetha Kunjithapatham, Mithun University of Maryland Baltimore County Baltimore MD 21250 USA Abstract The Semantic Web is a vision agents and in particular personal assistants that can better function and thrive on the Semantic Web than

Finin, Tim

189

3 Ontology-based Information Visualization: Towards Semantic Web Applications  

E-print Network

3 Ontology-based Information Visualization: Towards Semantic Web Applications Christiaan Fluit, Marta Sabou and Frank van Harmelen 3.1 Introduction The Semantic Web is an extension of the current yet unheard of. Rather than being merely a vision, the Semantic Web has significant backing from

van Harmelen, Frank

190

A Framework for Effective Commercial Web Application Development.  

ERIC Educational Resources Information Center

Proposes a framework for commercial Web application development based on prior research in hypermedia and human-computer interfaces. First, its social acceptability is investigated. Next, economic, technical, operational, and organizational viability are examined. For Web-page design, the functionality and usability of Web pages are considered.…

Lu, Ming-te; Yeung, Wing-lok

1998-01-01

191

78 FR 35043 - Aviation Security Advisory Committee Charter Renewal and Request for Applicants  

Federal Register 2010, 2011, 2012, 2013

...Docket Management System (FDMS) Web page at http://www.regulations...the Government Printing Office's Web page at http://www.gpoaccess...html; or (3) Visiting TSA's Security Regulations Web page at...

2013-06-11

192

CRCHD - Patient Navigation Information: Publications, Web Sites, and Applications  

Cancer.gov

CRCHD - Patient Navigation Information: Publications, Web Sites, and Applications  Back to CRCHD Ongoing Research PNP Background Patient Navigation Information Patient Navigation Concept What Are Patient Navigators? Patient Navigation

193

20 CFR 703.203 - Application for security deposit determination; information to be submitted; other requirements.  

Code of Federal Regulations, 2010 CFR

...false Application for security deposit determination; information to be submitted; other... Insurance Carrier Security Deposit Requirements...203 Application for security deposit determination; information to be submitted;...

2010-04-01

194

Rich Component Generation for Web Applications Using Custom Tags  

Microsoft Academic Search

A variety of rich client technologies such as Flash, Flex, OpenLaszlo, JavaScript, AJAX, and Applet have been employed to develop Web applications. They can display flexible and powerful graphical user interface in Web pages and excel the original functions of Web browsers that display HTML documents. This paper presents a rich-component definition method that enables programmers to easily write Web

Takao Shimomura; Kenji Ikeda; Quan Liang Chen; Muneo Takahashi

2007-01-01

195

Consumer trust, perceived security and privacy policy: Three basic elements of loyalty to a web site  

Microsoft Academic Search

Purpose – The purpose of this paper is to analyze the effect of privacy and perceived security on the level of trust shown by the consumer in the internet. It also aims to reveal and test the close relationship between the trust in a web site and the degree of loyalty to it. Design\\/methodology\\/approach – First, there is an explanation

Carlos Flavián; Miguel Guinaliu

2006-01-01

196

Where Did All the Data Go? Internet Security for Web-based Assessments.  

ERIC Educational Resources Information Center

Outlines a series of security steps that might be taken by researchers or organizations that are contemplating Web-based tests and performance assessments. Focuses on what can be done to avoid the loss, compromising, or modification of data collected by or stored through the Internet. (SLD)

Shermis, Mark D.; Averitt, Jason

2002-01-01

197

reCAPTCHA: Human-Based Character Recognition via Web Security Measures  

E-print Network

reCAPTCHA: Human-Based Character Recognition via Web Security Measures Luis von Ahn,* Benjamin Maurer, Colin McMillen, David Abraham, Manuel Blum CAPTCHAs (Completely Automated Public Turing test and has transcribed over 440 million words. A CAPTCHA (1, 2) is a challenge response test used

von Ahn, Luis

198

The Bioverse API and Web Application  

SciTech Connect

The Bioverse is a framework for creating, warehousing and presenting biological information based on hierarchical levels of organisation. The framework is guided by a deeper philosophy of desiring to represent all relationships between all components of biological systems towards the goal of a wholistic picture of organismal biology. Data from various sources is combined into a single repository and a uniform interface is exposed to access it. The power of the approach of the Bioverse is that, due to its inclusive nature, patterns emerge from the acquired data and new predictions are made. The implementation of this repository (beginning with acquisition of source data, processing in a pipeline and concluding with storage in a relational database) and interfaces to the data contained in it, from a programmatic application interface to a user friendly web application, are discussed

Guerquin, Michal; McDermott, Jason E.; Frazier, Zach; Samudrala, Ram

2009-04-20

199

Web Based Training (WEB BT) TES employees can get free training on applications within  

E-print Network

Web Based Training (WEB BT) TES employees can get free training on applications within office applications and more. Each tutorial can last up to 4 hours. TES schedules training time, in the TES Office to scheduling. Registration Criteria · Training must not conflict with your current assignment. (We suggest

Tsien, Roger Y.

200

Enforcing Distributed Data Security via Web Services Alfred C. Weaver  

E-print Network

. An authorization web service enforces a dynamic, context-aware access policy. Federation is used to manage trust is the clear wave of the future, provided that such access is reliable, dependable, and authentic. The Internet are acceptable as proof of identity for login. Upon initial access (arrow 1), a user is redirected

Batson, Alan

201

Building Trust Through Secure Web Sites. The Systems Librarian  

ERIC Educational Resources Information Center

Who can be trusted on the Web? These days, with identity theft seemingly rampant, it's more important than ever to take all possible measures to protect privacy and to shield personal information from those who might not have good intentions. Today, librarians also have to take reasonable precautions to ensure that the online services that they…

Breeding, Marshall

2005-01-01

202

How to Make Personalized Web Browsing Simple, Secure, and Anonymous  

E-print Network

.zdnet.com), book stores (e.g., www.amazon.com), car manufacturers (e.g., www.ford.com/us, www.gm.com, www.toyota also provides mechanisms to complete an anonymous e-mail exchange from a web-site to a user, and lters

Matias, Yossi

203

Certificate for secure web Phone: + 34 96 590 3900  

E-print Network

Intelligence #12;Scholarship expert in programming with Web technologies (Published on 11/10/2012) Call and Artificial Intelligence in computing tasks during the 2012-13 academic year. Academic Calendar University. Reservation by inscripcion procedure Scholarship Expert in Design and Creation of Video Games (Published on 18

Escolano, Francisco

204

Security of electronic health records based on Web services  

Microsoft Academic Search

The current healthcare environment has embraced electronic health records (EHRs) as evidenced by the numerous standards both formal and proprietary that have arisen. However, the issues of security and privacy in this new landscape has not been adequately addressed. Legislation has attempted to ameliorate the situation by mandating a minimum level of protection for the healthcare consumer. However, the leading

Jaminda S. Wimalasiri; P. Ray; C. S. Wilson

2005-01-01

205

Power laser application for security glass production  

NASA Astrophysics Data System (ADS)

Modern glass application needs to move from traditional tempering with only average controlled fragmentation of security glass to computerized controlled fragmentation by developing engineered stress profiles in glass article. The new treatment methods of soda-lime float glass using irradiation by power Nd:YAG laser which is moved by robot will be discussed. The transparency of glass for laser wavelength is one of the problems of glass treatment by laser. Noncontact stress control by light scattering will be shown. The two main objectives of this work will be discussed: 1. Glass treatment by power laser beam directed to secure glass production; 2. Control methods of residual stress into float glasses treated by laser.

Abashkin, Vladimir; Achimova, Elena

2009-09-01

206

Power laser application for security glass production  

NASA Astrophysics Data System (ADS)

Modern glass application needs to move from traditional tempering with only average controlled fragmentation of security glass to computerized controlled fragmentation by developing engineered stress profiles in glass article. The new treatment methods of soda-lime float glass using irradiation by power Nd:YAG laser which is moved by robot will be discussed. The transparency of glass for laser wavelength is one of the problems of glass treatment by laser. Noncontact stress control by light scattering will be shown. The two main objectives of this work will be discussed: 1. Glass treatment by power laser beam directed to secure glass production; 2. Control methods of residual stress into float glasses treated by laser.

Abashkin, Vladimir; Achimova, Elena

2010-05-01

207

WebViz: A web browser based application for collaborative analysis of 3D data  

NASA Astrophysics Data System (ADS)

In the age of high speed Internet where people can interact instantly, scientific tools have lacked technology which can incorporate this concept of communication using the web. To solve this issue a web application for geological studies has been created, tentatively titled WebViz. This web application utilizes tools provided by Google Web Toolkit to create an AJAX web application capable of features found in non web based software. Using these tools, a web application can be created to act as piece of software from anywhere in the globe with a reasonably speedy Internet connection. An application of this technology can be seen with data regarding the recent tsunami from the major japan earthquakes. After constructing the appropriate data to fit a computer render software called HVR, WebViz can request images of the tsunami data and display it to anyone who has access to the application. This convenience alone makes WebViz a viable solution, but the option to interact with this data with others around the world causes WebViz to be taken as a serious computational tool. WebViz also can be used on any javascript enabled browser such as those found on modern tablets and smart phones over a fast wireless connection. Due to the fact that WebViz's current state is built using Google Web Toolkit the portability of the application is in it's most efficient form. Though many developers have been involved with the project, each person has contributed to increase the usability and speed of the application. In the project's most recent form a dramatic speed increase has been designed as well as a more efficient user interface. The speed increase has been informally noticed in recent uses of the application in China and Australia with the hosting server being located at the University of Minnesota. The user interface has been improved to not only look better but the functionality has been improved. Major functions of the application are rotating the 3D object using buttons. These buttons have been replaced with a new layout that is easier to understand the function and is also easy to use with mobile devices. With these new changes, WebViz is easier to control and use for general use.

Ruegg, C. S.

2011-12-01

208

Just-in-time Database-Driven Web Applications  

PubMed Central

"Just-in-time" database-driven Web applications are inexpensive, quickly-developed software that can be put to many uses within a health care organization. Database-driven Web applications garnered 73873 hits on our system-wide intranet in 2002. They enabled collaboration and communication via user-friendly Web browser-based interfaces for both mission-critical and patient-care-critical functions. Nineteen database-driven Web applications were developed. The application categories that comprised 80% of the hits were results reporting (27%), graduate medical education (26%), research (20%), and bed availability (8%). The mean number of hits per application was 3888 (SD = 5598; range, 14-19879). A model is described for just-in-time database-driven Web application development and an example given with a popular HTML editor and database program. PMID:14517109

2003-01-01

209

A mobile application framework for the geospatial web  

Microsoft Academic Search

In this paper we present an application framework that leverages geospatial content on the World Wide Web by enabling innovative modes of interaction and novel types of user interfaces on advanced mobile phones and PDAs. We discuss the current development steps involved in building mobile geospatial Web applications and derive three technological pre-requisites for our framework: spatial query operations based

Rainer Simon; Peter Fröhlich

2007-01-01

210

DESIGN WEB GIS APPLICATION FOR ENVIRONMENTAL ELECTRIC FIELD RECORD  

Microsoft Academic Search

The GIS Web technology provides new mechanics to develop tools by engineering application, is a system for capturing, storing, analyzing and managing data and associated attributes which are spatially referenced to the earth. This paper develops a design GIS Web application to environmental electric field record in Bogotá D.C., Colombia, was based on the existing network of Electric Field Machine

J. C. Aponte; D. Aranguren; E. E. Olarte; I. Santoyo; J. Amortegui

211

State-Based Testing of Ajax Web Applications  

Microsoft Academic Search

Ajax supports the development of rich-client Web applications, by providing primitives for the execution of asynchronous requests and for the dynamic update of the page structure and content. Often, Ajax Web applications consist of a single page whose elements are updated in response to callbacks activated asynchronously by the user or by a server message. These features give rise to

Alessandro Marchetto; Paolo Tonella; Filippo Ricca

2008-01-01

212

Developing Offline Web Application Kanda Runapongsa Saikaew  

E-print Network

Script in the background to improve performance #12; JCSSE 2009 13 The Web with AJAX and Gears AJAX and Gears in the web environment and native environment #12; JCSSE 2009 14 AJAX Architecture #12; JCSSE 2009 15

Runapongsa, Kanda

213

GridCertLib: a Single Sign-on Solution for Grid Web Applications and Portals  

Microsoft Academic Search

This paper describes the design and implementation of GridCertLib, a Java library leveraging a Shibboleth-based authentication infrastructure and the SLCS online certificate signing service, to provide short-lived X.509 certificates and Grid proxies. The main use case envisioned for GridCertLib, is to provide seamless and secure access to Grid\\/X.509 certificates and proxies in web applications and portals: when a user logs

Riccardo Murri; Peter Z. Kunszt; Sergio Maffioletti; Valery Tschopp

2011-01-01

214

Improving target acquisition in Web applications with link prediction  

E-print Network

Web application users spend considerable time clicking on hyperlinks and buttons to complete frequent tasks. Individual application developers can optimize their interfaces to improve typical usage; however, no single task ...

Hanna, Roger B

2007-01-01

215

A case study-based comparison of web testing techniques applied to AJAX web applications  

Microsoft Academic Search

Asynchronous Javascript And XML (AJAX) is a recent technology used to develop rich and dynamic Web applications. Different\\u000a from traditional Web applications, AJAX applications consist of a single page whose elements are updated dynamically in response\\u000a to callbacks activated asynchronously by the user or by a server message. On the one hand, AJAX improves the responsiveness\\u000a and usability of a

Alessandro Marchetto; Filippo Ricca; Paolo Tonella

2008-01-01

216

77 FR 74278 - Proposed Information Collection (Internet Student CPR Web Registration Application); Comment Request  

Federal Register 2010, 2011, 2012, 2013

...Information Collection (Internet Student CPR Web Registration Application); Comment Request...information needed to establish an online web registration application. DATES: Written...technology. Title: Internet Student CPR Web Registration Application, VA Form...

2012-12-13

217

Research and design of web application framework based on AJAX  

NASA Astrophysics Data System (ADS)

AJAX is an emerging presentation layer technology of Web, which allows dynamic, fast, and flexible Web application procedures to be built. AJAX can eliminate the dependence on the form in the tradition HTTP communication mode, which can achieve a fast and lightweight asynchronous communication. This paper firstly introduces the work principle of the AJAX technology, and combines the AJAX technology with the Web services technology to design a new Web application framework based on AJAX, to achieve an asynchronous communication of the browser directly with the back-end services.

Zhang, Yan-feng; Liu, San-jun

2013-03-01

218

75 FR 22151 - National Maritime Security Advisory Committee; Vacancies  

Federal Register 2010, 2011, 2012, 2013

...recommendations on national maritime security matters to the Secretary of Homeland Security via the Commandant of the...application form visit NMSAC Web site at http://www.homeport...under Missions>Maritime Security>National Maritime...

2010-04-27

219

AT&TConsulting Application Security Health Check Assessment Bundle  

E-print Network

AT&TConsulting Application Security Health Check Assessment Bundle In today's global marketplace&T Consulting offers the Application Security Health Check Assessment Bundle, which offers a focused review this extended enterprise network, the impact of vulnerable software applications is significantly magnified

Fisher, Kathleen

220

A Web of Things Application Architecture -Integrating the Real-World into the Web  

E-print Network

for a Common Internet of Things Application Architecture Application development with smart things: Requires of Internet of Things applications and bring it closer to non-specialists?» 15.08.2011 4Dominique Guinard [Mot Development in the Internet of Things [flickr.com/photos/docman] #12;Web of Things Application Architecture 15

221

From Web Sites to Web Applications: New Issues for Conceptual Modeling  

Microsoft Academic Search

E-commerce, web-based booking systems, and on-line auction sys- tems are only a few examples that demonstrate how WWW sites are evolving from hypermedia information repositories to hypermedia distributed applica- tions, hereafter web applications. They blend navigation and browsing capabili- ties, common features of hypermedia, with \\

Luciano Baresi; Franca Garzotto; Paolo Paolini

2000-01-01

222

Modeling and Simulation of Incident Management for Homeland Security Applications  

E-print Network

i Modeling and Simulation of Incident Management for Homeland Security Applications DRAFT in the breakout track on Incident Management at the workshop on Homeland Security Modeling & Simulation Organized For discussion at DHS/NIST Workshop on Homeland Security Modeling & Simulation June 14-15, 2011 Proposed matter

Magee, Joseph W.

223

Modelling and Verification of Layered Security Protocols: A Bank Application  

E-print Network

of security aspects has to be integrated into gen­ eral systems development [20, 1] and also take into accountModelling and Verification of Layered Security Protocols: A Bank Application Johannes GrË?unbauer 1 security­critical systems correctly is very di#cult and there are many examples of weaknesses arising

Jurjens, Jan

224

Modelling and Verification of Layered Security Protocols: A Bank Application  

E-print Network

of security aspects has to be integrated into gen- eral systems development [20, 1] and also take into accountModelling and Verification of Layered Security Protocols: A Bank Application Johannes Gr¨unbauer1, Ludwigstrasse 55, D-85399 Hallbergmoos, Germany hollmann@secaron.de Abstract. Designing security

Jurjens, Jan

225

COSC 490 Network Security Annie Lu 1 Authentication Applications  

E-print Network

address of C Kv = secret encryption key shared by AS an V #12;COSC 490 Network Security Annie Lu 11 (mutual authentication) #12;COSC 490 Network Security Annie Lu 14 Kerberos v4 Overview · a basic thirdCOSC 490 Network Security Annie Lu 1 Chapter 4 Authentication Applications #12;COSC 490 Network

Lu, Enyue "Annie"

226

Passive terahertz imaging for security application  

NASA Astrophysics Data System (ADS)

The passive detection is safe for passengers and operators as no radiation. Therefore, passive terahertz (THz) imaging can be applied to human body security check. Imaging in the THz band offers the unique property of being able to identify object through a range of materials. Therefore passive THz imaging is meaningful for security applications. This attribute has always been of interest to both the civil and military marks with applications. We took advantage of a single THz detector and a trihedral scanning mirror to propose another passive THz beam scanning imaging method. This method overcame the deficiencies of the serious decline in image quality due to the movement of the focused mirror. We exploited a THz scanning mirror with a trihedral scanning mirror and an ellipsoidal mirror to streamline the structure of the system and increase the scanning speed. Then the passive THz beam scanning imaging system was developed based on this method. The parameters were set as follows: the best imaging distance was 1.7m, the image height was 2m, the image width was 1m, the minimum imaging time of per frame was 8s, and the minimum resolution was 4cm. We imaged humans with different objects hidden under their clothes, such as fruit knife, belt buckle, mobile phone, screwdriver, bus cards, keys and other items. All the tested stuffs could be detected and recognized from the image.

Guo, Lan-tao; Deng, Chao; Zhao, Yuan-meng; Zhang, Cun-lin

2013-08-01

227

Video performance for high security applications.  

SciTech Connect

The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

Connell, Jack C.; Norman, Bradley C.

2010-06-01

228

75 FR 8088 - Privacy Act of 1974; Department of Homeland Security/ALL-023 Personnel Security Management System...  

Federal Register 2010, 2011, 2012, 2013

...information to carry out national security, law enforcement, immigration...records notice. The Office of the Chief Security Officer is implementing a new web- based personnel and information security application, Integrated...

2010-02-23

229

Study of distributed computing system based on web services  

NASA Astrophysics Data System (ADS)

For the security issues in distributed computing applications, combined with Web Services management system design and implementation, based on the research of Web Services and its security technology, this paper designs a distributed computing test system based on Web Services, in detail describes its key technologies, which further validates the advantages of Web Services technology for the distributed computing in loosely coupled network environment.

Wang, Lu-Feng

2013-03-01

230

A trust-based context-aware access control model for Web-services  

Microsoft Academic Search

A key challenge in Web services security is the design of effective access control schemes that can adequately meet the unique security challenges posed by the Web services paradigm. Despite the recent advances in Web based access control approaches applicable to Web services, there remain issues that impede the development of effective access control models for Web services environment. Amongst

Rafae Bhatti; Elisa Bertino; Arif Ghafoor

2004-01-01

231

A Trust-Based Context-Aware Access Control Model for Web-Services  

Microsoft Academic Search

A key challenge in Web services security is the design of effective access control schemes that can adequately meet the unique security challenges posed by the Web services paradigm. Despite the recent advances in Web based access control approaches applicable to Web services, there remain issues that impede the development of effective access control models for Web services environment. Amongst

Rafae Bhatti; Elisa Bertino; Arif Ghafoor

2005-01-01

232

Secure Distributed Data-Mining and Its Application to Large-Scale Network Measurements  

E-print Network

Secure Distributed Data-Mining and Its Application to Large-Scale Network Measurements Matthew]: Database Applications--data mining General Terms Management, Measurement, Security, Algorithms Keywords Secure Distributed Data-mining, Secure Distributed Summation, Network Measurement, Network Management 1

Roughan, Matthew

233

Creating Web-Based Scientific Applications Using Java Servlets  

NASA Technical Reports Server (NTRS)

There are many advantages to developing web-based scientific applications. Any number of people can access the application concurrently. The application can be accessed from a remote location. The application becomes essentially platform-independent because it can be run from any machine that has internet access and can run a web browser. Maintenance and upgrades to the application are simplified since only one copy of the application exists in a centralized location. This paper details the creation of web-based applications using Java servlets. Java is a powerful, versatile programming language that is well suited to developing web-based programs. A Java servlet provides the interface between the central server and the remote client machines. The servlet accepts input data from the client, runs the application on the server, and sends the output back to the client machine. The type of servlet that supports the HTTP protocol will be discussed in depth. Among the topics the paper will discuss are how to write an http servlet, how the servlet can run applications written in Java and other languages, and how to set up a Java web server. The entire process will be demonstrated by building a web-based application to compute stagnation point heat transfer.

Palmer, Grant; Arnold, James O. (Technical Monitor)

2001-01-01

234

Search-Based Testing of Ajax Web Applications  

Microsoft Academic Search

Ajax is an emerging Web engineering technology that supports advanced interaction features that go beyond Webpage navigation. The Ajax technology is based on asynchronous communication with the Web server and direct manipulation of the GUI, taking advantage of reflection.Correspondingly, new classes of Web faults are associated with Ajax applications.In previous work, we investigated a state-based testing approach, based on semantically

Alessandro Marchetto; Paolo Tonella

2009-01-01

235

An Incremental Approach for Building Accessible and Usable Web Applications  

Microsoft Academic Search

\\u000a Building accessible Web applications is difficult, moreover considering the fact that they are constantly evolving. To make\\u000a matters more critical, an application which conforms to the well-known W3C accessibility standards is not necessarily usable\\u000a for handicapped persons. In fact, the user experience, when accessing a complex Web application, using for example screen\\u000a readers, tends to be far from friendly. In

Nuria Medina-Medina; Juan Burella; Gustavo Rossi; Julián Grigera; Esteban Robles Luna

2010-01-01

236

Web Application Design Using Server-Side JavaScript  

SciTech Connect

This document describes the application design philosophy for the Comprehensive Nuclear Test Ban Treaty Research & Development Web Site. This design incorporates object-oriented techniques to produce a flexible and maintainable system of applications that support the web site. These techniques will be discussed at length along with the issues they address. The overall structure of the applications and their relationships with one another will also be described. The current problems and future design changes will be discussed as well.

Hampton, J.; Simons, R.

1999-02-01

237

Porting Mobile Web Application Engine to the Android Platform  

Microsoft Academic Search

Android which Google released as an open-source mobile phone operating system is a Linux-based platform; it consists of the operating system, middleware, and user interface and application software. xFace is a cross-platform web application engine for mobile Internet. As a global leader in mobile web application engine, xFace has the advantages of versatility, easy to master, universal. It significantly reduces

Yonghong Wu; Jianchao Luo; Lei Luo

2010-01-01

238

A New Web-based Application Optimization Model in Multicore Web Server  

NASA Astrophysics Data System (ADS)

More and more web servers adopt multi-core CPUs to improve performance because of the development of multi-core technology. However, web applications couldn't exploit the potential of multi-core web server efficiently because of traditional processing algorithm of requests and scheduling strategies of threads in O/S. In this paper, a new web-based application optimization model was proposed, which could classify and schedule the dynamic requests and static requests on scheduling core, and process the dynamic requests on the other cores. By this way, a simulation program, which is called SIM, was developed. Experiments have been done to validate the new model, and the results show that the new model can effectively improve the performance of multi-core web servers, and avoid the problems of ping-pong effect.

You, Guohua; Zhao, Ying

239

Secure Web-based Ground System User Interfaces over the Open Internet  

NASA Technical Reports Server (NTRS)

A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

Langston, James H.; Murray, Henry L.; Hunt, Gary R.

1998-01-01

240

Web Applications Design and Maintenance Using Symbolic Model Checking  

Microsoft Academic Search

We present an approach to automatic checking of the correctness of Web applications structure during their lifecycle. The approach adopts the well-established symbolic model checking technique and the associated tool SMV. A formalism allows the designer to describe the model of a Web-based system. Computation Tree Logic (CTL) is adopted as language to define the properties to be verified. The

Eugenio Di Sciascio; Francesco M. Donini; Marina Mongiello; Giacomo Piscitelli

2003-01-01

241

DEVELOPING GIS VISUALIZATION WEB SERVICES FOR GEOPHYSICAL APPLICATIONS  

E-print Network

DEVELOPING GIS VISUALIZATION WEB SERVICES FOR GEOPHYSICAL APPLICATIONS A. Sayar a,b. *, M. Pierce Commission II, WG II/2 KEY WORDS: GIS, Geophysics, Visualization, Internet/Web, Interoperability, Networks Information System (GIS) community. In this paper we will describe our group's efforts to implement GIS

242

Ajax and Firefox: New Web Applications and Browsers  

ERIC Educational Resources Information Center

Alternative browsers are gaining significant market share, and both Apple and Microsoft are releasing OS upgrades which portend some interesting changes in Web development. Of particular interest for language learning professionals may be new developments in the area of Web browser based applications, particularly using an approach dubbed "Ajax."…

Godwin-Jones, Bob

2005-01-01

243

Helping Developers Construct Secure Mobile Applications  

E-print Network

called by the JavaScript. This allows the web page to accessweb pages loaded into WebViews, to determine whether an attacker may be able to inject malicious JavascriptJavaScript in the page [40, 48, 64]. Over 75% of web

Chin, Erika Michelle

2013-01-01

244

Machine intelligence applications to securities production  

SciTech Connect

The production of security documents provides a cache of interesting problems ranging across a broad spectrum. Some of the problems do not have rigorous scientific solutions available at this time and provide opportunities for less structured approaches such as AI. AI methods can be used in conjunction with traditional scientific and computational methods. The most productive applications of AI occur when this marriage of methods can be carried out without motivation to prove that one method is better than the other. Fields such as ink chemistry and technology, and machine inspection of graphic arts printing offer interesting challenges which will continue to intrigue current and future generations of researchers into the 21st century.

Johnson, C.K.

1987-01-01

245

A web-based wireless mobile system design of security and privacy framework for u-Healthcare  

Microsoft Academic Search

The research project aims at designing and implementing a Web based wireless mobile system security and privacy framework that is centered on the concepts of ubiquitous healthcare services provided to the patients in rural or remote areas from distant hospitals. With this system framework, a physician can securely access and carry the patient information from a mobile device, update the

Weider D. Yu; Roopa Gummadikayala; Sriram Mudumbi

2008-01-01

246

Writing Web 2.0 applications for science archives  

NASA Astrophysics Data System (ADS)

Writing these sorts of science archive web applications is now possible because of some significant breakthroughs in web technology over the last four years. The Web browser is no longer a glorified batch processing terminal, but an interactive environment that allows the user to have a similar experience as one might expect with an installed desktop application. Taking advantage of this technology requires a significant amount of UI design and advanced interactions with the web server. There are new levels of sophistication required to effectively develop this sort of web application. The IRSA group (NASA/IPAC Infrared Science Archive) is developing web-based software that equally takes advantage of modern technology and is designed to be reused easily. This way we can add new missions and data sets without a large programming effort while keeping the advanced interface. We can now provide true web-based FITS viewing, data overlays, and interaction without any plugins. Our tabular display allows us to filter, sort, and interact with large amounts data in ways that take advantage of the browser's power. This talk will show how we can us AJAX technology, the Google Web Toolkit (GWT), and Java to develop a data archive that is both well designed and creates a truly interactive experience.

Roby, William

2010-07-01

247

On enabling secure applications through off-line biometric identification  

SciTech Connect

In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

1998-04-01

248

Automated replay and failure detection for web applications  

Microsoft Academic Search

User-session-based testing of web applications gathers user sessions to create and continually update test suites based on real user input in the field. To support this approach during maintenance and beta testing phases, we have built an au- tomated framework for testing web-based software that fo- cuses on scalability and evolving the test suite automatically as the application's operational profile

Sara Sprenkle; Emily Gibson; Sreedevi Sampath; Lori L. Pollock

2005-01-01

249

An Object Oriented Approach to Web-Based Application Design  

Microsoft Academic Search

In this paper we discuss the use of an object-oriented approach for web-based applications design, based on a method named Object Oriented Hypermedia Design Method (OOHDM). We first motivate our work discussing the problems encountered while designing large scale, dynamic web-based applications, which combine complex navigation patterns with sophisticated computational behavior. We argue that a method providing systematic guidance to

Daniel Schwabe; Gustavo Rossi

250

Device Independent Web Applications - The Author Once - Display Everywhere Approach  

Microsoft Academic Search

\\u000a Building web applications for mobile and other non-desktop devices using established methods often requires a tremendous development\\u000a effort. One of the major challenges is to find sound software engineering approaches enabling the cost efficient application\\u000a development for multiple devices of varying technical characteristics. A new approach is to single author web content in a\\u000a device independent markup language, which gets

Thomas Ziegert; Markus Lauff; Lutz Heuser

2004-01-01

251

Development of a Web-based financial application System  

NASA Astrophysics Data System (ADS)

The paper describes a technique to develop a web based financial system, following latest technology and business needs. In the development of web based application, the user friendliness and technology both are very important. It is used ASP .NET MVC 4 platform and SQL 2008 server for development of web based financial system. It shows the technique for the entry system and report monitoring of the application is user friendly. This paper also highlights the critical situations of development, which will help to develop the quality product.

Hasan, M. R.; Ibrahimy, M. I.; Motakabber, S. M. A.; Ferdaus, M. M.; Khan, M. N. H.; Mostafa, M. G.

2013-12-01

252

Cloud-enabled Web Applications for Environmental Modelling  

NASA Astrophysics Data System (ADS)

In order to integrate natural and social science, especially in the light of current environmental legislation, efficient management and decision making requires environmental modelling to be easily accessible, portable and flexible. Deploying models as web applications is a feasible solution to some of the above issues. However migrating desktop-based modelling platforms to web based applications is not trivial. The framework in which the models are deployed should comply with worldwide accepted web standards to allow interoperability and ease exchange of information with external sources. Also the chosen models should guarantee a certain degree of flexibility to adapt the modelling exercise to different purposes. In this study we propose an innovative approach to web-modelling, developed as part of the NERC's Environmental Virtual Observatory pilot (EVOp) project for the UK. The proposed approach combines the use of Google Maps APIs to explore available data and the PyWPS implementation of the Open Geospatial Consortium Web Processing Service standard (OGC-WPS) to deploy models implemented in programming languages such as R and Python. As proof-of-concept, a web application was implemented, on the EVOp portal, to assist local communities with local flooding in the Eden catchment in Cumbria (UK). The application simulates the impact of land-use scenarios using the hydrological model Topmodel (Beven and Kirkby, 1979) implemented as a web service using the aforementioned approach. Current developments include the implementation of web applications for diffuse pollution, which adopts the Export Coefficient Model (Jones, 1996), and national flooding which utilises the hydrological model ensemble FUSE (Clark et al., 2008). Topmodel and FUSE are already exposed as stateless OGC-compliant web services. In the future we also aim to produce tools to help manage drought impacts and ecosystem services. The authors would like to thank the valuable contributions of the whole EVOp team.

Vitolo, C.; Buytaert, W.; El-khatib, Y.; Gemmell, A. L.; Reaney, S. M.; Beven, K.

2012-12-01

253

From Trusted to Secure: Building and Executing Applications That Enforce System Security  

Microsoft Academic Search

Commercial operating systems have recently introduced mandatory access controls (MAC) that can be used to ensure system-wide data confidentiality and integrity. These protections rely on restricting the flow of infor- mation between processes based on security levels. The problem is, there are many applications that defy simple classification by security level, some of them essential for system operation. Surprisingly, the

Boniface Hicks; Sandra Rueda; Trent Jaeger; Patrick Drew Mcdaniel

2007-01-01

254

Integrated of Learning Management Systems and Web Applications using Web Services  

Microsoft Academic Search

Modern o-the-shelf learning management systems are mostly based on the Web paradigm. If external learning resources have to be integrated into a course, it stands to reason that Web protocols can be applied as well. But collaboration can be di cult when courses need to access a complex legacy application. This article suggests a exible and easy-to-use approach for a

K. Friesen; N. Mazloumi

2004-01-01

255

Research on OPC UA security  

Microsoft Academic Search

OPC Unified architectures (OPC UA) is a new software interface specification and application framework based on web service for plant automation systems which communicate with each other over the internet. The security issue holds the key to its development for technology feature based on web service. In this paper, the OPC UA security issues are discussed from the two views

Huang Renjie; Liu Feng; Pan Dongbo

2010-01-01

256

Declarative Ajax Web Applications through SQL++ on a Unified Application State  

E-print Network

Declarative Ajax Web Applications through SQL++ on a Unified Application State Yupeng Fu UCSD y4fu by Ajax actions. FORWARD belongs to a novel family of web application frame- works that attack impedance. We show that simple markup is sufficient for creating Ajax displays and for modeling user input

Wang, Deli

257

Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)  

SciTech Connect

Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

Hadley, Mark D.; Clements, Samuel L.

2009-01-01

258

Integrity and Security of the Application Level Active Networks  

Microsoft Academic Search

The advances in programmable networks enforce the importance of ensuring and maintaining the integrity and security of the network and the supporting systems. In the future programmable network scenarios, the threats to integrity and security will rapidly increase as third-party value added service providers and end-users start deploying their customised applications on the operator infrastructure. Here we discuss some typical

Ognjen Prnjat; Temitope Olukemi; Ioannis Liabotis; Lionel Sacks

259

A New Tool for Securing Applications  

E-print Network

) Next-Generation Secure Computing Base (NGSCB) Case study on integration of the two Technical merits Integrity, revenue, and confidentiality attacks are possible against a document in PDF #12;Electronic Legal Forms Security Issues - Integrity PDF - an open format A number of cracks are available PDF documents

Thomborson, Clark

260

Mobile Technologies Applications in Security Systems  

Microsoft Academic Search

On the improvement of the information technologies, the security systems are improving more and more as well, the extent of their integration is increasing too. The efficiency of the integrated security system is subject to the detection time, reaction time, and the time of determination of the location of breach. The reaction time consists of the two components: information transmission

Algimantas Valinevicius; Mindaugas Zilys; Sarunas Kilius

2007-01-01

261

XML: A Door to Automated Web Applications  

Microsoft Academic Search

In Japanese culture, your meishi conveys your place in the company, even in society, as well as your name, phone number, and e-mail address. That is to say, in Japan, business cards matter. They convey complex metadata about the people who carry them. Like people, Web pages come in an abundance of shapes and sizes (and sounds). What makes them

Rohit Khare; Adam Rifkin

1997-01-01

262

Students as Designers of Semantic Web Applications  

ERIC Educational Resources Information Center

This paper draws upon the experience of an interdisciplinary research group in engaging undergraduate university students in the design and development of semantic web technologies. A flexible approach to participatory design challenged conventional distinctions between "designer" and "user" and allowed students to play a role in developing…

Tracy, Fran; Jordan, Katy

2012-01-01

263

Scalable Transactions for Web Applications in the Cloud  

NASA Astrophysics Data System (ADS)

Cloud computing platforms provide scalability and high availability properties for web applications but they sacrifice data consistency at the same time. However, many applications cannot afford any data inconsistency. We present a scalable transaction manager for cloud database services to execute ACID transactions of web applications, even in the presence of server failures. We demonstrate the scalability of our system using a prototype implementation, and show that it scales linearly to at least 40 nodes sustaining a maximum throughput of 7286 transactions per second.

Wei, Zhou; Pierre, Guillaume; Chi, Chi-Hung

264

The essence of command injection attacks in web applications  

Microsoft Academic Search

Web applications typically interact with a back-end database to retrieve persistent data and then present the data to the user as dynamically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by dynamically constructing query strings within a general-purpose programming language, such as Java. This low-level interaction is ad hoc because it

Zhendong Su; Gary Wassermann

2006-01-01

265

The essence of command injection attacks in web applications  

Microsoft Academic Search

Web applications typically interact with a back-end database to re- trieve persistent data and then present the data to the user as dy- namically generated output, such as HTML web pages. However, this interaction is commonly done through a low-level API by dy- namically constructing query strings within a general-purpose pro- gramming language, such as Java. This low-level interaction is

Zhendong Su; Gary Wassermann

2006-01-01

266

Extreme Programming: Rapid Development for Web-Based Applications  

Microsoft Academic Search

As software organizations continue to move toward Web-based systems development, they often assign or outsource such projects to small teams of highly qualified, but often relatively young, developers. Frequently, the developers?? attitude is less than positive toward software engineering practices?aparticularly software process improvement initiatives and metrics collection. Part of the problem is the business context: Web-based applications demand faster time-tomarket

Frank Maurer; Sebastien Martel

2002-01-01

267

Build Web 2.0 application using EGL Build Web 2.0 application using EGL  

E-print Network

the Web page. Client-side JavaScript is important because it makes the Web page more responsive, providing of the page. An extension of client-side JavaScript is Ajax (Asynchronous JavaScript and XML), a technology that permits the runtime invocation of remote code and the subsequent update of a portion of a Web page, even

268

2014 Twelfth Annual Conference on Privacy, Security and Trust (PST) ZARATHUSTRA: Extracting WebInject Signatures  

E-print Network

used to steal banking credentials when the victim is using an online banking service. However applications (e.g., online banking) have no tools that they can possibly use to even mitigate the effect of Web (e.g., online banking website, search engine) are rendered on the browser. This additional code

Cortes, Corinna

269

Remote recordable security Web-based camera server system using index search algorithm  

Microsoft Academic Search

As an existing analog monitoring camera system could save and retrieve data only in a limited space within a short distance, it had many constraints in developing into various application systems. However, on the back of the development of network and computer technologies, a camera monitoring system can be controlled from a remote location by a Web browser without space

Mike Myung-Ok Lee; Chil-Woo Lee

2001-01-01

270

Network accessible security Web-based camera server system using index search algorithm  

Microsoft Academic Search

Existing analog monitoring camera systems can save and retrieve data only in a limited space within a short distance, and they have many constraints preventing their development in various application systems. However, on the back of the development of network and computer technologies, a monitoring camera system can be controlled from a remote location by a Web browser without space

Mike Myung-Ok Lee; Chil-Woo Lee; Young-Cheol Kim

2001-01-01

271

Modeling Web Applications by the Multiple Levels of Integrity Policy  

Microsoft Academic Search

We propose a formal method to validate the reliability of a web application, by modeling interactions among its constituent objects. Modeling exploits the recent “Multiple Levels of Integrity” mechanism which allows objects with dynamically changing reliability to cooperate within the application. The novelty of the method is the ability to describe systems where objects can modify their own integrity level,

Gianluca Amato; Massimo Coppola; Stefania Gnesi; Francesca Scozzari; Laura Semini

2006-01-01

272

Spidergl: a Graphics Library for 3d Web Applications  

NASA Astrophysics Data System (ADS)

The recent introduction of the WebGL API for leveraging the power of 3D graphics accelerators within Web browsers opens the possibility to develop advanced graphics applications without the need for an ad-hoc plug-in. There are several contexts in which this new technology can be exploited to enhance user experience and data fruition, like e-commerce applications, games and, in particular, Cultural Heritage. In fact, it is now possible to use the Web platform to present a virtual reconstruction hypothesis of ancient pasts, to show detailed 3D models of artefacts of interests to a wide public, and to create virtual museums. We introduce SpiderGL, a JavaScript library for developing 3D graphics Web applications. SpiderGL provides data structures and algorithms to ease the use of WebGL, to define and manipulate shapes, to import 3D models in various formats, and to handle asynchronous data loading. We show the potential of this novel library with a number of demo applications and give details about its future uses in the context of Cultural Heritage applications.

Di Benedetto, M.; Corsini, M.; Scopigno, R.

2011-09-01

273

Ultra Lightweight Web Applications: A Single-Page Wiki employing a Partial Ajax Solution  

Microsoft Academic Search

The overloaded term Web 2.0 web site usually connotes an interactive web application that offers features normally associated with free-standing applications running directly under the control of an operating system. Such an interactive web applications, also known as a rich internet application (RIA), run within web browsers and must download XHTML and client-side scripts to control user interactivity. Via a

Michael J Rees

2006-01-01

274

A widget library for creating policy-aware semantic Web applications  

E-print Network

In order to truly reap the benefits of the Semantic Web, there must be adequate tools for writing Web applications that aggregate, view, and edit the widely varying data the Semantic Web makes available. As a step toward ...

Hollenbach, James Dylan

2010-01-01

275

POSH: A generalized CAPTCHA with security applications Waseem S. Daher  

E-print Network

POSH: A generalized CAPTCHA with security applications by Waseem S. Daher Bachelor of Science by . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Arthur C. Smith Chairman, Department Committee on Graduate Theses #12;2 #12;POSH: A generalized CAPTCHA

Goldwasser, Shafi

276

20 CFR 404.611 - How do I file an application for Social Security benefits?  

Code of Federal Regulations, 2010 CFR

... How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... How do I file an application for Social Security benefits? (a)...

2010-04-01

277

20 CFR 404.611 - How do I file an application for Social Security benefits?  

Code of Federal Regulations, 2011 CFR

... How do I file an application for Social Security benefits? 404.611 Section 404.611 Employees' Benefits SOCIAL SECURITY ADMINISTRATION FEDERAL... How do I file an application for Social Security benefits? (a)...

2011-04-01

278

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.  

Code of Federal Regulations, 2011 CFR

... Applications and other forms used in Social Security Administration programs. 422...Section 422.501 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION... Applications and other forms used in Social Security Administration programs....

2011-04-01

279

20 CFR 422.501 - Applications and other forms used in Social Security Administration programs.  

Code of Federal Regulations, 2010 CFR

... Applications and other forms used in Social Security Administration programs. 422...Section 422.501 Employees' Benefits SOCIAL SECURITY ADMINISTRATION ORGANIZATION... Applications and other forms used in Social Security Administration programs....

2010-04-01

280

17 CFR 242.609 - Registration of securities information processors: form of application and amendments.  

Code of Federal Regulations, 2010 CFR

... false Registration of securities information processors: form of application...609 Registration of securities information processors: form of application...for the registration of a securities information processor shall be...

2010-04-01

281

Suggestions for Social Security Disability Applicants  

MedlinePLUS

... and specialty. How much will an attorney cost? Fee Agreement Before the attorney can charge you for ... and your attorney must sign and file a fee agreement with the Social Security Administration. Your attorney ...

282

Securing a web-based teleradiology platform according to German law and "best practices".  

PubMed

The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data. PMID:19745407

Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

2009-01-01

283

EMBEDDEDSYSTEMS Medinet is a Web-based  

E-print Network

of the necessary requirements for telemedicine appli- cations. More security is required for patient data than ON THE WORLD WIDE WEB The first Web-based telemedicine applications have demonstrated that the Web offers- works. Today's telemedicine applications have two main network requirements: they must enable

Abrardo, Andrea

284

75 FR 63884 - Self-Regulatory Organizations; Municipal Securities Rulemaking Board; Order Approving Proposed...  

Federal Register 2010, 2011, 2012, 2013

...regarding municipal securities to the MSRB...dissemination on the EMMA Web site, the EMMA...applicable municipal security otherwise displayed on the EMMA Web site. Currently...the EMMA public Web site would offer...investors in municipal securities given the...

2010-10-18

285

Web application for detailed real-time database transaction monitoring for CMS condition data  

NASA Astrophysics Data System (ADS)

In the upcoming LHC era, database have become an essential part for the experiments collecting data from LHC, in order to safely store, and consistently retrieve, a wide amount of data, which are produced by different sources. In the CMS experiment at CERN, all this information is stored in ORACLE databases, allocated in several servers, both inside and outside the CERN network. In this scenario, the task of monitoring different databases is a crucial database administration issue, since different information may be required depending on different users' tasks such as data transfer, inspection, planning and security issues. We present here a web application based on Python web framework and Python modules for data mining purposes. To customize the GUI we record traces of user interactions that are used to build use case models. In addition the application detects errors in database transactions (for example identify any mistake made by user, application failure, unexpected network shutdown or Structured Query Language (SQL) statement error) and provides warning messages from the different users' perspectives. Finally, in order to fullfill the requirements of the CMS experiment community, and to meet the new development in many Web client tools, our application was further developed, and new features were deployed.

de Gruttola, Michele; Di Guida, Salvatore; Innocente, Vincenzo; Pierro, Antonio

2012-12-01

286

Web Services Provide Access to SCEC Scientific Research Application Software  

NASA Astrophysics Data System (ADS)

Web services offer scientific communities a new paradigm for sharing research codes and communicating results. While there are formal technical definitions of what constitutes a web service, for a user community such as the Southern California Earthquake Center (SCEC), we may conceptually consider a web service to be functionality provided on-demand by an application which is run on a remote computer located elsewhere on the Internet. The value of a web service is that it can (1) run a scientific code without the user needing to install and learn the intricacies of running the code; (2) provide the technical framework which allows a user's computer to talk to the remote computer which performs the service; (3) provide the computational resources to run the code; and (4) bundle several analysis steps and provide the end results in digital or (post-processed) graphical form. Within an NSF-sponsored ITR project coordinated by SCEC, we are constructing web services using architectural protocols and programming languages (e.g., Java). However, because the SCEC community has a rich pool of scientific research software (written in traditional languages such as C and FORTRAN), we also emphasize making existing scientific codes available by constructing web service frameworks which wrap around and directly run these codes. In doing so we attempt to broaden community usage of these codes. Web service wrapping of a scientific code can be done using a "web servlet" construction or by using a SOAP/WSDL-based framework. This latter approach is widely adopted in IT circles although it is subject to rapid evolution. Our wrapping framework attempts to "honor" the original codes with as little modification as is possible. For versatility we identify three methods of user access: (A) a web-based GUI (written in HTML and/or Java applets); (B) a Linux/OSX/UNIX command line "initiator" utility (shell-scriptable); and (C) direct access from within any Java application (and with the correct API interface from within C++ and/or C/Fortran). This poster presentation will provide descriptions of the following selected web services and their origin as scientific application codes: 3D community velocity models for Southern California, geocoordinate conversions (latitude/longitude to UTM), execution of GMT graphical scripts, data format conversions (Gocad to Matlab format), and implementation of Seismic Hazard Analysis application programs that calculate hazard curve and hazard map data sets.

Gupta, N.; Gupta, V.; Okaya, D.; Kamb, L.; Maechling, P.

2003-12-01

287

SIGMA WEB INTERFACE FOR REACTOR DATA APPLICATIONS  

SciTech Connect

We present Sigma Web interface which provides user-friendly access for online analysis and plotting of the evaluated and experimental nuclear reaction data stored in the ENDF-6 and EXFOR formats. The interface includes advanced browsing and search capabilities, interactive plots of cross sections, angular distributions and spectra, nubars, comparisons between evaluated and experimental data, computations for cross section data sets, pre-calculated integral quantities, neutron cross section uncertainties plots and visualization of covariance matrices. Sigma is publicly available at the National Nuclear Data Center website at http://www.nndc.bnl.gov/sigma.

Pritychenko,B.; Sonzogni, A.A.

2010-05-09

288

Filtergraph: An interactive web application for visualization of astronomy datasets  

NASA Astrophysics Data System (ADS)

Filtergraph is a web application being developed and maintained by the Vanderbilt Initiative in Data-intensive Astrophysics (VIDA) to flexibly and rapidly visualize a large variety of astronomy datasets of various formats and sizes. The user loads a flat-file dataset into Filtergraph which automatically generates an interactive data portal that can be easily shared with others. From this portal, the user can immediately generate scatter plots of up to five dimensions as well as histograms and tables based on the dataset. Key features of the portal include intuitive controls with auto-completed variable names, the ability to filter the data in real time through user-specified criteria, the ability to select data by dragging on the screen, and the ability to perform arithmetic operations on the data in real time. To enable seamless data visualization and exploration, changes are quickly rendered on screen and visualizations can be exported as high quality graphics files. The application is optimized for speed in the context of large datasets: for instance, a plot generated from a stellar database of 3.1 million entries renders in less than 2 s on a standard web server platform. This web application has been created using the Web2py web framework based on the Python programming language. Filtergraph is free to use at http://filtergraph.vanderbilt.edu/.

Burger, Dan; Stassun, Keivan G.; Pepper, Joshua; Siverd, Robert J.; Paegert, Martin; De Lee, Nathan M.; Robinson, William H.

2013-08-01

289

A Measurement Ontology Generalizable for Emerging Domain Applications on the Semantic Web  

E-print Network

1 A Measurement Ontology Generalizable for Emerging Domain Applications on the Semantic Web Henry M;2 A Measurement Ontology Generalizable for Emerging Domain Applications on the Semantic Web Abstract This paper introduces a measurement ontology for applications to semantic Web applications, specifically for emerging

Dalkilic, Mehmet

290

Doloto: Code Splitting for Network-Bound Web 2.0 Applications  

E-print Network

Doloto: Code Splitting for Network-Bound Web 2.0 Applications Benjamin Livshits Microsoft Research Emre Kiciman Microsoft Research Abstract Modern Web 2.0 applications, such as GMail, Live Maps distributed Web 2.0 applications developers move code to the client, but for an application to be responsive

Livshits, Ben

291

FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications  

Microsoft Academic Search

The complexity of the client-side components of web applications has exploded with the increase in popularity of web 2.0 applications. Today, traditional desktop ap- plications, such as document viewers, presentation tools and chat applications are commonly available as online JavaScript applications. Previous research on web vulnerabilities has primarily concentrated on flaws in the server-side components of web applications. This paper

Prateek Saxena; Steve Hanna; Pongsin Poosankam; Dawn Song

292

17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.  

Code of Federal Regulations, 2013 CFR

... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

2013-04-01

293

17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.  

Code of Federal Regulations, 2012 CFR

... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

2012-04-01

294

17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.  

Code of Federal Regulations, 2011 CFR

... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

2011-04-01

295

17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.  

... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

2014-04-01

296

17 CFR 240.15Ca2-1 - Application for registration as a government securities broker or government securities dealer.  

Code of Federal Regulations, 2010 CFR

... false Application for registration as a government securities broker or government securities dealer. 240.15Ca2-1 Section...Securities Exchange Act of 1934 Registration of Government Securities Brokers and Government...

2010-04-01

297

Framework for Supporting Web-Based Collaborative Applications  

NASA Astrophysics Data System (ADS)

The article proposes an intelligent framework for supporting Web-based applications. The framework focuses on innovative use of existing resources and technologies in the form of services and takes the leverage of theoretical foundation of services science and the research from services computing. The main focus of the framework is to deliver benefits to users with various roles such as service requesters, service providers, and business owners to maximize their productivity when engaging with each other via the Web. The article opens up with research motivations and questions, analyses the existing state of research in the field, and describes the approach in implementing the proposed framework. Finally, an e-health application is discussed to evaluate the effectiveness of the framework where participants such as general practitioners (GPs), patients, and health-care workers collaborate via the Web.

Dai, Wei

298

Web-based electronic patient records for collaborative medical applications.  

PubMed

We developed a web-based system to interactively display electronic patient records (EPR), such as DICOM images, graphics, and structure reports and therapy records, for intranet and internet collaborative medical applications. This system has three major components, a C/S (client/server) architecture for EPR data acquisition and authoring, and a Web B/S architecture for data delivering. The Web viewer of this system integrates multi-media display modules and remote control module together to provide interactive EPR display and manipulation functions for collaborative applications. We have successfully used this system two times to provide teleconsultation for severe acute respiratory syndrome (SARS) patients in Shanghai Infection Hospital and Xinhua Hospital. During the consultation, both the physicians in infection control area and the experts outside the control area could use this system interactively to manipulate and navigate the EPR objects of the SARS patients to facilitate a more precise diagnosis. This paper gives a new approach to create and manage image-based EPR from actual patient records, and also presents a novel method to use Web technology and DICOM standard to build an open architecture for collaborative medical applications. The system can be used for both intranet and internet medical applications such as tele-diagnosis, teleconsultation, and distant learning. PMID:15755531

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Chen, Xiaomeng; Meng, Lili; Lian, Ping

2005-01-01

299

Domain-specific web services for scientific application developers  

Microsoft Academic Search

Many scientists today routinely conduct simulations and run models using high performance computing (HPC) resources provided by national, regional and campus grid infrastructures, either directly logging into such resources or indirectly via web portals and other application client software, i.e. science gateways. Science gateways have proven to be an effective way of bringing HPC resources to a much larger user

Han Zhang; Jungha Woo; Lan Zhao; David Braun; Carol X. Song; Madhavan Lakshminarayanan

2010-01-01

300

Recommending Improvements to Web Applications using Quality-Driven Heuristic  

E-print Network

Recommending Improvements to Web Applications using Quality-Driven Heuristic Search Stephane on quality. Second, quality improvement will generally be the result of applying a combination of available of any improvement process, quality models do not allow, by themselves, to determine what specific

Montréal, Université de

301

Extending the Performance Models of Web Applications with Queueing Algorithm  

Microsoft Academic Search

Distributed systems and web applications play an important role in computer science nowadays. The most common consideration is performance, because these systems have to provide cost-effective and high-availability services in the long term, thus, they have to be scaled to meet the expected load. Performance measurements can be the base for performance modeling and prediction. With the help of performance

Ágnes Bogárdi-Mészöly; Tihamér Levendovszky; Hassan Charaf

302

Performance, scalability and reliability issues in web applications  

Microsoft Academic Search

Purpose – The primary purpose of this paper is to present a comprehensive strategy for performance, reliability and scalability (PSR) testing of multi-tier web applications. Design\\/methodology\\/approach – The strategy for PSR testing is presented primarily through examination of the intangible knowledge base in the PSR testing field. The paper also draws on relevant recent work conducted in the area of

Lakshmi S. Iyer; Babita Gupta; Nakul Johri

2005-01-01

303

Advanced Web Programming for Scientific and Educational Applications  

Microsoft Academic Search

The Center for Advanced Educational Technology at the University of Tennessee is involved extensively in the development of state-of-the-art technology for scientific web sites, accessible and portable scientific visualization, and networked databases for scientific educational applications. These are being developed using primarily Flash Actionscript, Java, and cascading style sheets on the client side, PHP and Java middleware, and SQL databases.

Brett Petrusek; Reuben Budiardja; Mike Guidry

2004-01-01

304

Statically Locating Web Application Bugs Caused by Asynchronous Calls  

E-print Network

@cs.purdue.edu ABSTRACT Ajax becomes more and more important for web applications that care about client side user. As client side Ajax code is often wrapped in server-side scripts, we also develop a technique that extracts, Reliability, Experimentation Keywords JavaScript, Ajax, Static Analysis, Automatic Debugging 1. INTRODUCTION

Zhang, Xiangyu

305

Invariant-Based Automatic Testing of Modern Web Applications  

E-print Network

Society, Arie van Deursen, Member, IEEE Computer Society, and Danny Roest Abstract-- AJAX-based Web 2 more error- prone and harder to test. We propose a method for testing AJAX applications automatically AJAX-specific faults that can occur in such states (related to, e.g., DOM validity, error messages

Mesbah, Ali

306

ESES\\/signature and its applications for secure data exchange  

Microsoft Academic Search

More and more devices including PCs, PDAs, mobile phones, and various kinds of appliances are being connected to the network and many people are trying to use them for network applications such as e-commerce. One of the most important requirements for a network application is the security of data exchanged through the network. XML has been widely accepted as a

Jae Seung Lee; Ki Young Moon; Seung Won Sohn

2002-01-01

307

Collaborative Knowledge Discovery & Marshalling for Intelligence & Security Applications  

SciTech Connect

This paper discusses the Knowledge Encapsulation Framework, a flexible, extensible evidence-marshalling environment built upon a natural language processing pipeline and exposed to users via an open-source semantic wiki. We focus our discussion on applications of the framework to intelligence and security applications, specifically, an instantiation of the KEF environment for researching illicit trafficking in nuclear materials.

Cowell, Andrew J.; Jensen, Russell S.; Gregory, Michelle L.; Ellis, Peter C.; Fligg, Alan K.; McGrath, Liam R.; O'Hara, Kelly A.; Bell, Eric B.

2010-05-24

308

Security and privacy in RFID and applications in telemedicine  

Microsoft Academic Search

Radio frequency identification systems have many applications in manufacturing, supply chain management, inventory control, and telemedicine. In an RFID system, products and objects are given RFID tags to identify themselves. However, security and privacy issues pose significant challenges on these systems. In this article we first briefly introduce RFID systems. Then two RFID applications in telemedicine are proposed: studying supply

Yang Xiao; Xuemin Shen; BO Sun; Lin Cai

2006-01-01

309

Secure Hamming Distance Based Computation and Its Applications  

Microsoft Academic Search

This paper examines secure two-party computation of functions which depend only on the Hamming distance of the inputs of the\\u000a two parties. We present efficient protocols for computing these functions. In particular, we present protocols which are secure\\u000a in the sense of full simulatability against malicious adversaries.\\u000a \\u000a We show different applications of this family of functions, including a protocol we

Ayman Jarrous; Benny Pinkas

2009-01-01

310

Reverse Engineering of Web Applications: A  

E-print Network

Martin1 Lawson Archer2 1 The University of Liverpool, Department of Computer Science, Ashton street APPLICATIONS: A TECHNICAL REVIEW Reshma Patel1 , Frans Coenen1 , Russell Martin1 , Lawson Archer2 1 Department into a platform where differing applications are able to handle complex transactions, thereby providing

Atkinson, Katie

311

CAPTCHA has been widely deployed by commer-cial web sites as a security technology for purposes  

E-print Network

Abstract CAPTCHA has been widely deployed by commer- cial web sites as a security technology for purposes such as anti-spam. A common approach to evaluat- ing the robustness of CAPTCHA is the use of ma is difficult for computers, since the strength of CAPTCHAs stems exactly from the difficulty computers have

Newcastle upon Tyne, University of

312

An Object Oriented Approach to Web-Based Applications Design  

Microsoft Academic Search

In this paper we discuss the use of an object-oriented approach forweb-based applications design, based on a method named Object OrientedHypermedia Design Method (OOHDM).We first motivate our work discussing the problems encounteredwhile designing large scale, dynamic web-based applications, which combinecomplex navigation patterns with sophisticated computational behavior. Weargue that a method providing systematic guidance to design is needed. Next,we introduce OOHDM,

Daniel Schwabe; Gustavo Rossi

1998-01-01

313

Advanced Web Programming for Scientific and Educational Applications  

NASA Astrophysics Data System (ADS)

The Center for Advanced Educational Technology at the University of Tennessee is involved extensively in the development of state-of-the-art technology for scientific web sites, accessible and portable scientific visualization, and networked databases for scientific educational applications. These are being developed using primarily Flash Actionscript, Java, and cascading style sheets on the client side, PHP and Java middleware, and SQL databases. We shall present a variety of application examples in astronomy, astrophysics, and physics.

Petrusek, Brett; Budiardja, Reuben; Guidry, Mike

2004-11-01

314

Page 1 of 19 L. Jean Camp & J. Duncan, "Conducting an Ethical Study of Web Traffic", 5th Workshop on Cyber Security  

E-print Network

of Web Traffic", 5th Workshop on Cyber Security Experimentation and Test, A USENIX Security Symposium Workshop, (Bellevue, WA) 6 August 2012. Conducting an Ethical Study they might opt out of the study (while also increasing their security) through the use of a VPN. While we had

Camp, L. Jean

315

Web Application Development Lifecycle for Small Medium-Sized Enterprises (SMEs) (Short Paper)  

Microsoft Academic Search

Software engineering has proven to be very important for standard software development. But, can Web applications be engineered as well? Currently, J2EE, Apache\\/Perl\\/PDP\\/MySQL and .NET have been universally accepted as Web application development technology, but there is no universal accepted methodology for Web application development process. Web application needs to be engineered by moving focus from technology to process. In

Wei Huang; Ru Li; Carsten Maple; Hongji Yang; David Foskett; Vince Cleaver

2008-01-01

316

Web-based Exercise #4: GIS Applications.  

NSDL National Science Digital Library

Justin Shepard, San Diego State University Geography Department Summary Introduce various GIS applications and usefulness in different specialty areas. The strength is that it provides an overview of GIS ...

Shepard, Justin

317

Rigorous and Automatic Testing of Web Applications Xiaoping Jia and Hongming Liu  

E-print Network

Rigorous and Automatic Testing of Web Applications Xiaoping Jia and Hongming Liu School of Computer, jordan}@cs.depaul.edu ABSTRACT As web applications become more and more prevalent, the quality assurance of web applications has become more and more important. Due to the complexity of the underlying

Jia, Xiaoping

318

Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications  

E-print Network

. INTRODUCTION A JavaScript web application is in essence an HTML page with JavaScript code and other resourcesModeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications Simon Holm Møller* Aarhus University amoeller@cs.au.dk ABSTRACT Developers of JavaScript web applications have

Møller, Anders

319

Code Splitting for Network Bound Web 2.0 Applications Benjamin Livshits  

E-print Network

Code Splitting for Network Bound Web 2.0 Applications Benjamin Livshits Microsoft Research Chen Ding, University of Rochester Abstract Modern Web 2.0 applications such as Gmail, Live Maps, My improve the perceived client-side performance for a range of Web 2.0 applications is to per- form

Livshits, Ben

320

TOKEN: Trustable Keystroke-Based Authentication for Web-Based Applications on Smartphones  

NASA Astrophysics Data System (ADS)

Smartphones are increasingly being used to store personal information as well as to access sensitive data from the Internet and the cloud. Establishment of the identity of a user requesting information from smartphones is a prerequisite for secure systems in such scenarios. In the past, keystroke-based user identification has been successfully deployed on production-level mobile devices to mitigate the risks associated with naïve username/password based authentication. However, these approaches have two major limitations: they are not applicable to services where authentication occurs outside the domain of the mobile device - such as web-based services; and they often overly tax the limited computational capabilities of mobile devices. In this paper, we propose a protocol for keystroke dynamics analysis which allows web-based applications to make use of remote attestation and delegated keystroke analysis. The end result is an efficient keystroke-based user identification mechanism that strengthens traditional password protected services while mitigating the risks of user profiling by collaborating malicious web services.

Nauman, Mohammad; Ali, Tamleek

321

Decorator Pattern with XML in web application  

Microsoft Academic Search

Reusability and adapting to the changing software requirements are some of the challenges faced by software engineering community. In order to achieve these goals, application of Deign Patterns in software design is a proven practice. Choosing a Design Pattern and applying it to the correct software requirements needs experience and better understanding of each of the patterns In this paper,

Vijay K Kerji

2011-01-01

322

Information-Flow-Based Access Control for Web Browsers  

NASA Astrophysics Data System (ADS)

The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.

Yoshihama, Sachiko; Tateishi, Takaaki; Tabuchi, Naoshi; Matsumoto, Tsutomu

323

Multmedia sightseeing 4 U --what web services can do for personalized multimedia applications  

E-print Network

and extending web ser- vice technology for a personalized multimedia service. Our multimedia web serviceMultmedia sightseeing 4 U -- what web services can do for personalized multimedia applications ABSTRACT Offering multimedia on the web today still means to use im- ages in HTML pages, embed streaming

Boll, Susanne

324

Integrating geolocation into electronic finance applications for additional security  

Microsoft Academic Search

People are increasingly using the web to conduct business. It is, therefore, important that users of services such as online banking have confidence in such services. Frameworks such as Google Gears now have the ability to determine the physical location of a person in real time. This geographical information can be very useful in e-finance applications. If we know the

Kevin Curran; Jonathan Orr

2011-01-01

325

Accessing multimedia content from mobile applications using semantic web technologies  

NASA Astrophysics Data System (ADS)

We describe the ideas and results of an applied research project that aims at leveraging the expressive power of semantic web technologies as a server-side backend for mobile applications that provide access to location and multimedia data and allow for a rich user experience in mobile scenarios, ranging from city and museum guides to multimedia enhancements of any kind of narrative content, including e-book applications. In particular, we will outline a reusable software architecture for both server-side functionality and native mobile platforms that is aimed at significantly decreasing the effort required for developing particular applications of that kind.

Kreutel, Jörn; Gerlach, Andrea; Klekamp, Stefanie; Schulz, Kristin

2014-02-01

326

Application of homomorphism to secure image sharing  

NASA Astrophysics Data System (ADS)

In this paper, we present a new approach for sharing images between l players by exploiting the additive and multiplicative homomorphic properties of two well-known public key cryptosystems, i.e. RSA and Paillier. Contrary to the traditional schemes, the proposed approach employs secret sharing in a way that limits the influence of the dealer over the protocol and allows each player to participate with the help of his key-image. With the proposed approach, during the encryption step, each player encrypts his own key-image using the dealer's public key. The dealer encrypts the secret-to-be-shared image with the same public key and then, the l encrypted key-images plus the encrypted to-be shared image are multiplied homomorphically to get another encrypted image. After this step, the dealer can safely get a scrambled image which corresponds to the addition or multiplication of the l + 1 original images ( l key-images plus the secret image) because of the additive homomorphic property of the Paillier algorithm or multiplicative homomorphic property of the RSA algorithm. When the l players want to extract the secret image, they do not need to use keys and the dealer has no role. Indeed, with our approach, to extract the secret image, the l players need only to subtract their own key-image with no specific order from the scrambled image. Thus, the proposed approach provides an opportunity to use operators like multiplication on encrypted images for the development of a secure privacy preserving protocol in the image domain. We show that it is still possible to extract a visible version of the secret image with only l-1 key-images (when one key-image is missing) or when the l key-images used for the extraction are different from the l original key-images due to a lossy compression for example. Experimental results and security analysis verify and prove that the proposed approach is secure from cryptographic viewpoint.

Islam, Naveed; Puech, William; Hayat, Khizar; Brouzet, Robert

2011-09-01

327

Muon Fluence Measurements for Homeland Security Applications  

SciTech Connect

This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

2010-08-10

328

A Framework to Author Educational Interactions for Geographical Web Applications  

Microsoft Academic Search

This paper focuses on the production of authoring tools that teachers may use to prototype interactive geographical web applications.\\u000a We present some computational models and a toolset that we designed to address some needs of teachers trying to make use of\\u000a particular localized documents called “travel stories”. Our research challenge is to enable teachers to design interaction\\u000a scenarios for such

Thierry Nodenot; Philippe Lopistéguy; Christophe Marquesuzaà

2009-01-01

329

Laser power beaming for defense and security applications  

NASA Astrophysics Data System (ADS)

Laser power beaming - transmitting electric power without wires via laser - has been demonstrated for kilowatt power levels and kilometer distances. This paper reviews the demonstrated and projected capabilities and limitations of laser power beaming, and analyzes the requirements for several application areas relevant to defense and security: unmanned aerial vehicles (UAVs), communications relays, sensor networks, and field unit or forward base power.

Nugent, Thomas J., Jr.; Kare, Jordin T.

2011-05-01

330

Custom electronic nose with potential homeland security applications  

Microsoft Academic Search

Detailed in this work is the design and development of a handheld electronic nose nose with an array of conducting polymer composite film sensors interfaced to a Compaq iPAQ. The device has potential applications in homeland security, such as screening people packages, luggage and vehicles at key locations such as airports or government buildings, for the prevention of terrorist attacks.

K. I. Arshak; C. Cunniffe; E. G. Moore; L. M. Cavanagh

2006-01-01

331

Mobile RFID Applications and Security Konidala M. Divyan, Kwangjo Kim  

E-print Network

Mobile RFID Applications and Security Challenges Konidala M. Divyan, Kwangjo Kim InformationDong, Daejeon 305732, Republic of Korea {divyan, kkj}@icu.ac.kr Abstract. With mobile RFID technology, handheld portable devices like mobile phones and PDAs, also behave as RFID readers and RFID tags. As RFID readers

Kim, Kwangjo

332

SECURE MANAGEMENT OF KEYS IN CRYPTOGRAPHIC APPLICATIONS: GUIDANCE FOR ORGANIZATIONS  

E-print Network

their security requirements. A cryptographic algorithm and a key are used to provide a number of cryptographic by strong cryptographic algorithms. The Information Technology Laboratory of the National Institute for selecting appropriate cryptographic algorithms and for managing the cryptographic keys. Part 3, Application

333

Active MMW multi-parametric imaging technique for security applications  

Microsoft Academic Search

Active millimeter wave (MMW) imaging is currently being considered as a technology that can essentially contribute to security applications in both outdoor and indoor scenarios. Proposed novel active quasi-optical imaging technique being based on multi-parametric encoded illumination of observed scenes adds principally new possibilities for imaging of the scenes. The technique allows to reveal multiple distinctive features of threat objects

Leonid V. Volkov; Alexander I. Voronko; N. L. Berendakova

2008-01-01

334

Fully Simulatable Quantum-Secure Coin-Flipping and Applications  

E-print Network

to generate a long random bit-string. In particular, no fully simulatable constant-round coin-flip protocolFully Simulatable Quantum-Secure Coin-Flipping and Applications Carolin Lunemann and Jesper Buus propose a coin-flip protocol which yields a string of strong, random coins and is fully simulatable

335

AppsPlayground: Automatic Security Analysis of Smartphone Applications  

E-print Network

3 968 f· Large scale measurements 3,968 apps from Android Market (Google Play) ­ 946 leak some ­ Google Play has over 700,000 apps This number is constantly increasing­ This number is constantlyAppsPlayground: Automatic Security Analysis of Smartphone Applications Vaibhav Rastogi, Yan Chen

Chen, Yan

336

Planar Microoptical Systems for Correlation and Security Applications  

NASA Astrophysics Data System (ADS)

In this chapter we focussed on the potential of microoptically integrated systems for security applications. Adopting the concept of planar-integrated free-space optics we demonstrated a variety of systems architectures of optical correlators which are usefull for this area of applications. The experiments with microoptical systems clearly show that optical systems for applications in homeland security can be miniaturized and integrated to extremely compact and rugged devices with state-of-the-art microoptics and lithographic technology. Especially the planar interfaces of PIFSO offer the chance for hybrid integration of a variety of devices such as opto-electronics or micromechanics. Thus, in combination with further technological improvement, the door seems to be open for real-world applications.

Sinzinger, Stefan; Jahns, Jürgen; Daria, Vincent R.; Glückstad, Jesper

337

Research and application of web development based on ASP.NET 2.0+Ajax  

Microsoft Academic Search

Ajax is a new concept of web application development proposed in 2005. It is the acronym of Asynchronous JavaScript and XML. Once Ajax appeared, it is rapidly applied to the fields of Web development. Ajax application is different from the traditional Web development model, using asynchronous interaction. The client unnecessarily waits while the server processes the data submitted. So the

H. Wang; J. Yang

2008-01-01

338

A Framework with Tools for Designing Web-based Geographic Applications  

E-print Network

A Framework with Tools for Designing Web-based Geographic Applications The Nhan Luong, Sébastien models. In order to create Web-based geographic applica- tions and overcome these design problems, we. In this paper, we propose a framework for designing Web- based geographic applications. This framework

Paris-Sud XI, Université de

339

A Visual Architectural Approach to Maintaining Web Applications Ahmed E. Hassan and Richard C. Holt  

E-print Network

A Visual Architectural Approach to Maintaining Web Applications Ahmed E. Hassan and Richard C. Holt aeehassa@plg.uwaterloo.ca September 4, 2002 #12;Abstract Web applications are complex software systems which contain a rich structure with many relations between their components. Web developers are faced

Holt, Richard C.

340

Extracting RESTful Services from Web Applications Bipin Upadhyaya, Foutse Khomh, Ying Zou  

E-print Network

Extracting RESTful Services from Web Applications Bipin Upadhyaya, Foutse Khomh, Ying Zou.upadhyaya, foutse.khomh, ying.zou}@queensu.ca Abstract-- The Web contains large amount of information and services primarily intended for human users. A Web application offers high user experience and responsiveness. A user

Zou, Ying

341

A GATE-LEVEL POWER SIMULATOR A WORLD WIDE WEB APPLICATION  

E-print Network

PPP: A GATE-LEVEL POWER SIMULATOR A WORLD WIDE WEB APPLICATION Alessandro Bogliolo Luca Benini-Level Power Simulator A World Wide Web Application Alessandro Bogliolo Luca Benini Giovanni De Micheli Bruno are required at any level of abstraction to steer the design process. PPP is a Web-based integrated environment

De Micheli, Giovanni

342

Using Web 2.0 for Stakeholder Analysis: StakeSource and its Application in Ten  

E-print Network

Chapter 10 Using Web 2.0 for Stakeholder Analysis: StakeSource and its Application in Ten projects with many stakeholders. This paper investigates the use of Web 2.0 technologies on the application of StakeSource in practice. StakeSource is a Web 2.0 tool that uses social networking

Finkelstein, Anthony

343

Migrating Multi-page Web Applications to Single-page AJAX Interfaces  

Microsoft Academic Search

Recently, a new web development technique for creating interactive web\\u000aapplications, dubbed AJAX, has emerged. In this new model, the single-page web\\u000ainterface is composed of individual components which can be updated\\/replaced\\u000aindependently. With the rise of AJAX web applications classical multi-page web\\u000aapplications are becoming legacy systems. If until a year ago, the concern\\u000arevolved around migrating legacy systems

Ali Mesbah; Arie Van Deursen

2007-01-01

344

Study of risk based on web software testing  

NASA Astrophysics Data System (ADS)

Web-based test systems that have particular difficulties and challenges, The article points out a Web application system security risk, through the analysis of the implementation issues involved Web-based testing, proposed workflow based on Web test, And how to choose the risk of the process by adding a detailed study, Discussed the security, performance, accuracy, compatibility, reliability and other details of the risk factors. These risks need for Web application testing program be established in order to make better Web-based test plan.

Wang, Xin

2013-03-01

345

X-ray imaging for security applications  

NASA Astrophysics Data System (ADS)

The X-ray screening of luggage by aviation security personnel may be badly hindered by the lack of visual cues to depth in an image that has been produced by transmitted radiation. Two-dimensional "shadowgraphs" with "organic" and "metallic" objects encoded using two different colors (usually orange and blue) are still in common use. In the context of luggage screening there are no reliable cues to depth present in individual shadowgraph X-ray images. Therefore, the screener is required to convert the 'zero depth resolution' shadowgraph into a three-dimensional mental picture to be able to interpret the relative spatial relationship of the objects under inspection. Consequently, additional cognitive processing is required e.g. integration, inference and memory. However, these processes can lead to serious misinterpretations of the actual physical structure being examined. This paper describes the development of a stereoscopic imaging technique enabling the screener to utilise binocular stereopsis and kinetic depth to enhance their interpretation of the actual nature of the objects under examination. Further work has led to the development of a technique to combine parallax data (to calculate the thickness of a target material) with the results of a basis material subtraction technique to approximate the target's effective atomic number and density. This has been achieved in preliminary experiments with a novel spatially interleaved dual-energy sensor which reduces the number of scintillation elements required by 50% in comparison to conventional sensor configurations.

Evans, J. Paul

2004-01-01

346

Secure Access ID Lookup Use Secure Access to login to all Enterprise  

E-print Network

-bill, financial aid, etc. Online Web Tutorials iSiS Self-Service offers online Web Tutorials and Video ScreencastsSecure Access ID Lookup Use Secure Access to login to all Enterprise Applications including iSiS and UMass Lowell Office 365 Exchange Online student email accounts. 1. Navigate to http://www.isis

Massachusetts at Lowell, University of

347

Secure Access ID Lookup Use Secure Access to login to all Enterprise  

E-print Network

-bill, financial aid, etc. Online Web Tutorials iSiS Self-Service offers online Web Tutorials and Video ScreencastsSecure Access ID Lookup Use Secure Access to login to all Enterprise Applications including iSiS at http://www.isis.uml.edu. 2. Under the section titled "Getting Started for the First Time" select

Massachusetts at Lowell, University of

348

Secure web-based access to radiology: forms and databases for fast queries  

NASA Astrophysics Data System (ADS)

Currently, Web-based access to mini-PACS or similar databases commonly utilizes either JavaScript, Java applets or ActiveX controls. Many sites do not permit applets or controls or other binary objects for fear of viruses or worms sent by malicious users. In addition, the typical CGI query mechanism requires several parameters to be sent with the http GET/POST request, which may identify the patient in some way; this in unacceptable for privacy protection. Also unacceptable are pages produced by server-side scripts which can be cached by the browser, since these may also contain sensitive information. We propose a simple mechanism for access to patient information, including images, which guarantees security of information, makes it impossible to bookmark the page, or to return to the page after some defined length of time. In addition, this mechanism is simple, therefore permitting rapid access without the need to initially download an interface such as an applet or control. In addition to image display, the design of the site allows the user to view and save movies of multi-phasic data, or to construct multi-frame datasets from entire series. These capabilities make the site attractive for research purposes such as teaching file preparation.

McColl, Roderick W.; Lane, Thomas J.

2002-05-01

349

A strategy for the development of secure telemedicine applications.  

PubMed Central

Healthcare applications based on computer-supported collaboration technologies have the potential to improve the quality of care delivered to patients. Such applications can help overcome barriers to quality healthcare in the small, scattered populations of rural areas enabling telemedicine to be a part of the practice of medicine. However the growing concern about the potential for abuse through disclosure of personal health information to unauthorized parties has restricted the deployment and adoption of these potentially valuable tools. The authors, who built ARTEMIS--an Intranet healthcare collaboration facility, now describe their approach to develop secure telemedicine applications for rural healthcare practitioners. PMID:9357645

Raman, R. S.; Reddy, R.; Jagannathan, V.; Reddy, S.; Cleetus, K. J.; Srinivas, K.

1997-01-01

350

Practical Pocket PC Application w/Biometric Security  

NASA Technical Reports Server (NTRS)

I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

Logan, Julian

2004-01-01

351

Potential National Security Applications of Nuclear Resonance Fluorescence Methods  

SciTech Connect

The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

2009-06-09

352

Numerically Efficient Water Quality Modeling and Security Applications  

E-print Network

NUMERICALLY EFFICIENT WATER QUALITY MODELING AND SECURITY APPLICATIONS A Dissertation by ANGELICA VANESSA MANN Submitted to the O ce of Graduate Studies of Texas A&M University in partial ful llment of the requirements for the degree... of DOCTOR OF PHILOSOPHY Approved by: Chair of Committee, Carl D. Laird Committee Members, Sergiy I. Butenko Juergen Hahn Katy C. Kao Department Head, Muhammad N. Karim May 2013 Major Subject: Chemical Engineering Copyright 2013 Angelica Vanessa Mann...

Mann, Angelica

2013-02-04

353

Evaluating Security Mechanisms in Peer-to-Peer Applications  

Microsoft Academic Search

Many different kinds of peer-to-peer applications are in use today. Some allow inter-person communication, such as video and text messaging, while others provide data sharing capabilities. Some also function as large virtual computers, providing distributed compute services to a central source. One major difficulty in developing these systems is the selection of an appropriate security mechanism from the wide array

Manish Parashar; Manish Agarwal; Steele Arbeeny; Viraj Bhat; Rangini Chowdhury

354

Specification and Verification of Multi-user Data-Driven Web Applications  

NASA Astrophysics Data System (ADS)

We propose a model for multi-user data-driven communicating Web applications. An arbitrary number of users may access the application concurrently through Web sites and Web services. A Web service may have an arbitrary number of instances. The interaction between users and Web application is data-driven. Synchronous communication is done by shared access to the database and global application state. Private information may be stored in a local state. Asynchronous communication is done by message passing. A version of first-order linear time temporal logic (LTL-FO) is proposed to express behavioral properties of Web applications. The model is used to formally specify a significant fragment of an e-business application. Some of its desirable properties are expressed as LTL-FO formulas. We study a decision problem, namely whether the model satisfies an LTL-FO formula. We show the undecidability of the unrestricted verification problem and discuss some restrictions that ensure decidability.

Marcus, Monica

355

A Survey on Web-based AR Applications  

E-print Network

Due to the increase of interest in Augmented Reality (AR), the potential uses of AR are increasing also. It can benefit the user in various fields such as education, business, medicine, and other. Augmented Reality supports the real environment with synthetic environment to give more details and meaning to the objects in the real word. AR refers to a situation in which the goal is to supplement a user's perception of the real-world through the addition of virtual objects. This paper is an attempt to make a survey of web-based Augmented Reality applications and make a comparison among them.

Parhizkar, Behrang; Lashkari, Arash Habibi; Bartaripou, Mohammad Mehdi; Babae, Hossein Reza

2011-01-01

356

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications  

NASA Astrophysics Data System (ADS)

The Third Generation Partnership Project (3GPP) standardisation group currently discusses advanced applications of mobile networks such as Machine-to-Machine (M2M) communication. Several security issues arise in these contexts which warrant a fresh look at mobile networks’ security foundations, resting on smart cards. This paper contributes a security/efficiency analysis to this discussion and highlights the role of trusted platform technology to approach these issues.

Meyerstein, Mike; Cha, Inhyok; Shah, Yogendra

357

Application of web-GIS approach for climate change study  

NASA Astrophysics Data System (ADS)

Georeferenced datasets are currently actively used in numerous applications including modeling, interpretation and forecast of climatic and ecosystem changes for various spatial and temporal scales. Due to inherent heterogeneity of environmental datasets as well as their huge size which might constitute up to tens terabytes for a single dataset at present studies in the area of climate and environmental change require a special software support. A dedicated web-GIS information-computational system for analysis of georeferenced climatological and meteorological data has been created. It is based on OGC standards and involves many modern solutions such as object-oriented programming model, modular composition, and JavaScript libraries based on GeoExt library, ExtJS Framework and OpenLayers software. The main advantage of the system lies in a possibility to perform mathematical and statistical data analysis, graphical visualization of results with GIS-functionality, and to prepare binary output files with just only a modern graphical web-browser installed on a common desktop computer connected to Internet. Several geophysical datasets represented by two editions of NCEP/NCAR Reanalysis, JMA/CRIEPI JRA-25 Reanalysis, ECMWF ERA-40 Reanalysis, ECMWF ERA Interim Reanalysis, MRI/JMA APHRODITE's Water Resources Project Reanalysis, DWD Global Precipitation Climatology Centre's data, GMAO Modern Era-Retrospective analysis for Research and Applications, meteorological observational data for the territory of the former USSR for the 20th century, results of modeling by global and regional climatological models, and others are available for processing by the system. And this list is extending. Also a functionality to run WRF and "Planet simulator" models was implemented in the system. Due to many preset parameters and limited time and spatial ranges set in the system these models have low computational power requirements and could be used in educational workflow for better understanding of basic climatological and meteorological processes. The Web-GIS information-computational system for geophysical data analysis provides specialists involved into multidisciplinary research projects with reliable and practical instruments for complex analysis of climate and ecosystems changes on global and regional scales. Using it even unskilled user without specific knowledge can perform computational processing and visualization of large meteorological, climatological and satellite monitoring datasets through unified web-interface in a common graphical web-browser. This work is partially supported by the Ministry of education and science of the Russian Federation (contract #8345), SB RAS project VIII.80.2.1, RFBR grant #11-05-01190a, and integrated project SB RAS #131.

Okladnikov, Igor; Gordov, Evgeny; Titov, Alexander; Bogomolov, Vasily; Martynova, Yuliya; Shulgina, Tamara

2013-04-01

358

GCOOS Web Applications for Recreational Boaters and Fishermen  

NASA Astrophysics Data System (ADS)

Spatial and temporal information on the ecology of marine species and encompassing oceanographic environment is vital to the development of effective strategies for marine resource management and biodiversity conservation. Assembling data and generating products is a time-consuming and often laborious part of the workflow required of fisheries specialists, resource managers, marine scientists and other stakeholder groups for effective fishery management and marine spatial planning. Workflow costs for all groups can be significantly reduced through the use of interoperable networked data systems. The Gulf of Mexico Coastal Ocean Observing System Regional Association (GCOOS-RA) is one of 11 RAs comprising the non-Federal part of the U.S. Integrated Ocean Observing System (IOOS). The RAs serve the region’s needs for data and information: by working with data providers to offer their data in standardized ways following IOOS guidance, by gathering stakeholders’ needs and requirements, and by producing basic products or facilitating product-generation by others to meet those needs. The GCOOS Data Portal aggregates regional near real-time data and serves these data through standardized service interfaces suitable for automated machine access or in formats suitable for human consumption. The related Products Portal generates products in graphical displays for humans and in standard formats for importing into common software packages. Web map applications are created using ArcGIS server RESTful service, publicly available Open Geospatial Consortium (OGC) Web Map Service (WMS) layers, and Web Coverage Service (WCS). Use of standardize interfaces allows us to construct seamless workflows that carry data from sensors through to products in an automated fashion. As a demonstration of the power of interoperable standards-based systems we have developed tailored product web pages for recreational boaters and fishermen. This is a part of an ongoing project to provide an interactive tool for decision support in the Gulf of Mexico.

Kobara, S.; Howard, M. K.; Simoniello, C.; Jochens, A. E.; Gulf Of Mexico Coastal Ocean Observing System Regional Association (Gcoos-Ra)

2010-12-01

359

Developing web-based and parallelized biostatistics/bioinformatics applications: ADaCGH  

E-print Network

Developing web-based and parallelized biostatistics/bioinformatics applications: ADaCGH as a case: end user's needs Bioinformatics/biostatistics needs Accessible, user-friendly, applications: end user's needs Bioinformatics/biostatistics needs Accessible, user-friendly, applications

Díaz-Uriarte, Ramón

360

WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation  

Microsoft Academic Search

Many software systems have evolved to include a Web-based component that makes them available to the public via the Internet and can expose them to a variety of Web-based attacks. One of these attacks is SQL injection, which can give attackers unrestricted access to the databases that underlie Web applications and has become increasingly frequent and serious. This paper presents

William G. J. Halfond; Alessandro Orso; Panagiotis Manolios

2008-01-01

361

WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation  

E-print Network

WASP: Protecting Web Applications Using Positive Tainting and Syntax-Aware Evaluation William G Society Abstract--Many software systems have evolved to include a Web-based component that makes them available to the public via the Internet and can expose them to a variety of Web-based attacks. One

Manolios, Panagiotis "Pete"

362

On the Use of Social Networks in Web Services: Application to the Discovery Stage  

Microsoft Academic Search

This chapter discusses the use of social networks in Web services with focus on the discovery stage that characterizes the life cycle of these Web services. Other stages in this life cycle include description, publication, invocation, and composition. Web services are software applications that end users or other peers can invoke and compose to satisfy different needs such as hotel

Zakaria Maamar; Leandro Krug Wives; Khouloud Boukadi

2010-01-01

363

End-User Visual Design of Web-Based Interactive Applications Making Use of Geographical Information  

E-print Network

End-User Visual Design of Web-Based Interactive Applications Making Use of Geographical Information (called WIND - Web INteraction Design) that focuses on both designers' creativity and model executability Environment providing designers with visual functionality. Keywords: Interaction Design, Semantic Web

Paris-Sud XI, Université de

364

A Static Analysis Approach for Automatic Generating Test Cases for Web Applications  

Microsoft Academic Search

Software testing is a challenging work and Web application testing may be even more challenging owing to its dynamic behaviors and heterogeneous representations. In this paper, we propose a static analysis approach to automatically generate test cases for Web application. In our approach, application source code is analyzed to extract interfaces which are composed of input parameters with domain information

Minghui Wang; Jie Yuan; Huaikou Miao; Gemiao Tan

2008-01-01

365

The Effect of Web-Based Project Applications on Students' Attitudes towards Chemistry  

ERIC Educational Resources Information Center

Students perform intensive web-based applications during their education. One of these is project-based application. In this study, the effect of web based project applications on students' attitudes towards chemistry has been investigated. 42 students attending Hacettepe University, Faculty of Education, and Department of Chemistry Education have…

Morgil, Inci; Gungor Seyhan, Hatice; Ural Alsan, Evrim; Temel, Senar

2008-01-01

366

A Generic Toolkit for Converting Web Applications Into High-Interaction Honeypots  

Microsoft Academic Search

In this paper, we present the design and implementation of a generic toolkit for turning arbitrary PHP web applications into high interaction honeypots in an automated fashion. We demonstrate the wide applicability of this approach by applying it to four popular existing web applications. Moreover, we show the eectiveness of our system by using it to analyze 70 actual attacks

Michael Muter; Felix Freiling; Thorsten Holz; Jeanna Matthews

367

Network-Based Learning and Assessment Applications on the Semantic Web  

ERIC Educational Resources Information Center

Today's Web applications are already "aware" of the network of computers and data on the Internet, in the sense that they perceive, remember, and represent knowledge external to themselves. However, Web applications are generally not able to respond to the meaning and context of the information in their memories. As a result, most applications are…

Gibson, David

2005-01-01

368

17 CFR 249.1001 - Form SIP, for application for registration as a securities information processor or to amend such...  

Code of Federal Regulations, 2010 CFR

...application for registration as a securities information processor or to amend such...Registration of, and Reporting by Securities Information Processors § 249.1001...application for registration as a securities information processor or to amend...

2010-04-01

369

An ethernet/IP security review with intrusion detection applications  

SciTech Connect

Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

Laughter, S. A.; Williams, R. D. [Dept. of Electrical and Computer Engineering, Univ. of Virginia, Box 400743, 351 McCormick Rd., Charlottesville, VA 22904-4743 (United States)

2006-07-01

370

Trusted Computing: Security and Applications Eimear Gallery and Chris J. Mitchell  

E-print Network

Trusted Computing: Security and Applications Eimear Gallery and Chris J. Mitchell Information applications of the technology are then discussed. 1 #12;Keywords: trusted computing, computer security, trust 1 Introduction Trusted computing (TC) is a security technology that has become ubiqui- tous almost

Mitchell, Chris

371

Security against Hardware Trojan through a Novel Application of Design Obfuscation  

E-print Network

The issue of Trust is an emerging problem in semicon- ductor integrated circuit (IC) security [1Security against Hardware Trojan through a Novel Application of Design Obfuscation Rajat Subhra in safety-critical applications is a major threat to national security. In this work, we propose a novel

Bhunia, Swarup

372

Meta4: a web application for sharing and annotating metagenomic gene predictions using web services  

PubMed Central

Whole-genome shotgun metagenomics experiments produce DNA sequence data from entire ecosystems, and provide a huge amount of novel information. Gene discovery projects require up-to-date information about sequence homology and domain structure for millions of predicted proteins to be presented in a simple, easy-to-use system. There is a lack of simple, open, flexible tools that allow the rapid sharing of metagenomics datasets with collaborators in a format they can easily interrogate. We present Meta4, a flexible and extensible web application that can be used to share and annotate metagenomic gene predictions. Proteins and predicted domains are stored in a simple relational database, with a dynamic front-end which displays the results in an internet browser. Web services are used to provide up-to-date information about the proteins from homology searches against public databases. Information about Meta4 can be found on the project website1, code is available on Github2, a cloud image is available, and an example implementation can be seen at PMID:24046776

Richardson, Emily J.; Escalettes, Franck; Fotheringham, Ian; Wallace, Robert J.; Watson, Mick

2013-01-01

373

Uniform Tag-based Rich Component Generation for Web Application Development  

Microsoft Academic Search

A variety of rich client technologies such as Flash, Flex, OpenLaszlo, JavaScript, AJAX, and Applet have been employed to develop Web applications. They can display flexible and powerful graphical user interface in Web pages and excel the original functions of Web browsers that display HTML documents. This paper presents a rich-component definition method that enables programmers to easily write Web

Quan Liang Chen; Takao Shimomura; Kenji Ikeda

2007-01-01

374

Lock-free consistency control for web 2.0 applications  

Microsoft Academic Search

Online collaboration and sharing is the central theme of many web-based services that create the so-called Web 2.0 phenomena. Using the Internet as a computing platform, many Web 2.0 applications set up mirror sites to provide large-scale availability and to achieve load balance. However, in the age of Web 2.0, where every user is also a writer and publisher, the

Jiangming Yang; Haixun Wang; Ning Gu; Yiming Liu; Chunsong Wang; Qiwei Zhang

2008-01-01

375

Haystack: A Platform for Authoring End User Semantic Web Applications  

Microsoft Academic Search

The Semantic Web promises to open innumerable opportunities for automation and information retrieval by standardizing the protocols for meta- data exchange. However, just as the success of the World Wide Web can be at- tributed to the ease of use and ubiquity of Web browsers, we believe that the unfolding of the Semantic Web vision depends on users getting powerful

Dennis Quan; David Huynh; David R. Karger

2003-01-01

376

Security Technologies for Open Networking Environments (STONE)  

SciTech Connect

Under this project SETECS performed research, created the design, and the initial prototype of three groups of security technologies: (a) middleware security platform, (b) Web services security, and (c) group security system. The results of the project indicate that the three types of security technologies can be used either individually or in combination, which enables effective and rapid deployment of a number of secure applications in open networking environments. The middleware security platform represents a set of object-oriented security components providing various functions to handle basic cryptography, X.509 certificates, S/MIME and PKCS No.7 encapsulation formats, secure communication protocols, and smart cards. The platform has been designed in the form of security engines, including a Registration Engine, Certification Engine, an Authorization Engine, and a Secure Group Applications Engine. By creating a middleware security platform consisting of multiple independent components the following advantages have been achieved - Object-oriented, Modularity, Simplified Development, and testing, Portability, and Simplified extensions. The middleware security platform has been fully designed and a preliminary Java-based prototype has been created for the Microsoft Windows operating system. The Web services security system, designed in the project, consists of technologies and applications that provide authentication (i.e., single sign), authorization, and federation of identities in an open networking environment. The system is based on OASIS SAML and XACML standards for secure Web services. Its topology comprises three major components: Domain Security Server (DSS) is the main building block of the system Secure Application Server (SAS) Secure Client In addition to the SAML and XACML engines, the authorization system consists of two sets of components An Authorization Administration System An Authorization Enforcement System Federation of identities in multi-domain scenarios is supported by a set of security engines that represent the core of the Federated Identities Management Server, which is also an extension of the Domain Security Server. The Federated Identity Management server allows users to federate their identities or terminate the federation between the service provider and the identity provider. At the service provider web site, the users are offered a list of identity providers to which they can choose to federate their identities. After users federate their identity, they can perform Single Sign-On protocol in an environment of federated domains. The group security system consists of a number of security technologies under a unified architecture, which supports creation of secure groups and execution of secure group transactions and applications in an open networking environment. The system is based on extensions of the GSAKMP standard for group key distribution and management. The Top layer is the Security Infrastructure with the Security Management and Administration System components and protocols that provide security functions common to all secure network applications The Middle layer is the Secure Group Protocols and Applications layer, consisting of the Policy and Group Key Distribution Server and Web-based (thin) Client. The Bottom layer is the supporting Middleware Security Platform, the cryptographic platform already described above. The group security system is designed to perform the functions necessary to create secure groups and enable secure group applications. Specifically, the system can manage group roles, create and disseminate a group security policy, perform authentication and authorization of users using PKI certificates and Web services security, generate group keys, and recover from compromises. In accordance with the GSAKMP standard, the group security system must perform all the required group life-cycle functions: group definition, group establishment, group maintenance, and group removal. The group security system has been designed to support four roles: The Security Domain Ad

Muftic, Sead

2005-03-31

377

StreamStats: A Water Resources Web Application  

USGS Publications Warehouse

Streamflow statistics, such as the 1-percent flood, the mean flow, and the 7-day 10-year low flow, are used by engineers, land managers, biologists, and many others to help guide decisions in their everyday work. For example, estimates of the 1-percent flood (the flow that is exceeded, on average, once in 100 years and has a 1-percent chance of being exceeded in any year, sometimes referred to as the 100-year flood) are used to create flood-plain maps that form the basis for setting insurance rates and land-use zoning. This and other streamflow statistics also are used for dam, bridge, and culvert design; water-supply planning and management; water-use appropriations and permitting; wastewater and industrial discharge permitting; hydropower facility design and regulation; and the setting of minimum required streamflows to protect freshwater ecosystems. In addition, researchers, planners, regulators, and others often need to know the physical and climatic characteristics of the drainage basins (basin characteristics) and the influence of human activities, such as dams and water withdrawals, on streamflow upstream from locations of interest to understand the mechanisms that control water availability and quality at those locations. Knowledge of the streamflow network and downstream human activities also is necessary to adequately determine whether an upstream activity, such as a water withdrawal, can be allowed without adversely affecting downstream activities. Streamflow statistics could be needed at any location along a stream. Most often, streamflow statistics are needed at ungaged sites, where no streamflow data are available to compute the statistics. At U.S. Geological Survey (USGS) streamflow data-collection stations, which include streamgaging stations, partial-record stations, and miscellaneous-measurement stations, streamflow statistics can be computed from available data for the stations. Streamflow data are collected continuously at streamgaging stations. Streamflow measurements are collected systematically over a period of years at partial-record stations to estimate peak-flow or low-flow statistics. Streamflow measurements usually are collected at miscellaneous-measurement stations for specific hydrologic studies with various objectives. StreamStats is a Web-based Geographic Information System (GIS) application (fig. 1) that was created by the USGS, in cooperation with Environmental Systems Research Institute, Inc. (ESRI)1, to provide users with access to an assortment of analytical tools that are useful for water-resources planning and management. StreamStats functionality is based on ESRI's ArcHydro Data Model and Tools, described on the Web at http://support.esri.com/index.cfm?fa=downloads.dataModels.filteredGateway&dmid=15. StreamStats allows users to easily obtain streamflow statistics, basin characteristics, and descriptive information for USGS data-collection stations and user-selected ungaged sites. It also allows users to identify stream reaches that are upstream and downstream from user-selected sites, and to identify and obtain information for locations along the streams where activities that may affect streamflow conditions are occurring. This functionality can be accessed through a map-based user interface that appears in the user's Web browser (fig. 1), or individual functions can be requested remotely as Web services by other Web or desktop computer applications. StreamStats can perform these analyses much faster than historically used manual techniques. StreamStats was designed so that each state would be implemented as a separate application, with a reliance on local partnerships to fund the individual applications, and a goal of eventual full national implementation. Idaho became the first state to implement StreamStats in 2003. By mid-2008, 14 states had applications available to the public, and 18 other states were in various stages of implementation.

Ries, Kernell G.; Guthrie, John G.; Rea, Alan H.; Steeves, Peter A.; Stewart, David W.

2008-01-01

378

Supporting Case-Based Learning in Information Security with Web-Based Technology  

ERIC Educational Resources Information Center

Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security

He, Wu; Yuan, Xiaohong; Yang, Li

2013-01-01

379

Terahertz wave opto-mechanical scanner for security application  

NASA Astrophysics Data System (ADS)

This paper describes a new opto-mechanical scanner that is hopeful for terahertz imaging in security applications. The target of using this scanner is portal screening of personnel for high-resolution imaging of concealed threat objects. It is not only applied to active terahertz imaging but also applied to passive Terahertz imaging. Terahertz wave can penetrate many materials that are opaque to visible and infrared light, such as plastics, cardboard, textiles and so on. So the terahertz imaging technology has a potential to be applicable in security inspection at airports, stations and other public place. Now, the most terahertz imaging system works at point to point mechanical scan pattern. The speed of this raster scan is too slow to apply in practical field. 2-D terahertz array detector can be applied to real time imaging. But at present their cost is prohibitively high. Fortunately low cost, high performance, opto-mechanically scanner is able to meet the current requirements. An opto-mechanical scanner should be able to rapidly scan a 2-D image of the scene. It also should have high optical efficiency so that an image system can achieve the required thermal sensitivity with the minimum number of receivers. These ensure that it can easily operate at any wavelength, and be active or passive. The opto-mechanically scanning can meets these requirements and is being developed into a high performance, low-cost prototype system that will meet the future needs for terahertz security.

Deng, Chao; Zheng, Yongju; Zhang, Cunlin

2010-11-01

380

Web-Based Recruitment: Effects of Information, Organizational Brand, and Attitudes Toward a Web Site on Applicant Attraction  

Microsoft Academic Search

Recruitment theory and research show that objective characteristics, subjective considerations, and critical contact send signals to prospective applicants about the organization and available opportunities. In the generating applicants phase of recruitment, critical contact may consist largely of interactions with recruitment sources (e.g., newspaper ads, job fairs, organization Web sites); however, research has yet to fully address how all 3 types

David G. Allen; Raj V. Mahto; Robert F. Otondo

2007-01-01

381

Secure Semantic Service Oriented Information Grid for Cyber Physical System and Applications  

Microsoft Academic Search

This paper describes our approach to designing a secure information grid for cyber physical systems and applications. We discuss access control and accountability for such semantic grid as well as secure infrastructure and storage issues.

Bhavani Thuraisingham; Sajal Das; Yonghe Liu; Elisa Bertino; Lorenzo Martino

382

Web Robots and Web Mining  

NSDL National Science Digital Library

Manually indexing the World Wide Web is obviously an impossible task, and it is even a daunting challenge for automated techniques. Web content mining is a general term used to describe these techniques, which are intended for information categorization and filtering. Web robots serve a variety of purposes, including indexing; and they can be useful or, in some cases, harmful. Web usage mining, on the other hand, is used to determine how a Web site's structure and organization effect the way users navigate the site.The Web Robots Pages (1) is an excellent starting place to learn about these automated programs. Several hundred robots are documented in a database, and a selection of papers considers proper ethics and guidelines for using robots, among other things. An article on Web mining and its subclasses is given on DM Review (2). It describes the basics of Web analysis and outlines many benefits Web mining can offer. A course homepage on Web data mining from DePaul University (3) offers a broad selection of reading material on the subject. Mostly consisting of research papers and journal articles, the documents range from general applications to specific theories and case studies. Two computer scientists from Polytechnic University propose a robust, distributed Web crawler (another term for Web robot), intended for large-scale network interaction (4). The twelve page paper begins with the motivation for the project, and continues with a full description of the system architecture and implementation. The November 2002 issue of Computer magazine featured an article on Data Mining for Web Intelligence (5). It points out that today's Internet is lacking in many key aspects, and that Web mining will play an important role in the development of improved search engines and automatic document classification. A short poster presentation from the 2002 International World Wide Web Conference (6) introduces GeniMiner, a Web search strategy based on a genetic algorithm. GeniMiner operates on the premise of finding a nearly optimal solution in order to minimize manual analysis of the search results. KDnuggets (7) is a free, biweekly newsletter on data and Web mining. In recent issues, special attention has been given to the Total Information Awareness project, which is investigating ways of mining the Web and email for possible information about terrorist activity. Web robots are occasionally used for malicious purposes, namely to automatically register for free email or participate in online polls. A technology that was developed to counter these robots involved using a blurred or distorted word to gain access, which could easily be read by a human but would be impossible for a robot to read. In a press release from the University of California at Berkeley (8), researchers have discovered a way to allow Web robots to crack this security system. The article describes how it was accomplished and provides motivation for more advanced security measures.

Leske, Cavin.

2003-01-01

383

The research of network database security technology based on web service  

NASA Astrophysics Data System (ADS)

Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

2013-03-01

384

Intelligent Facial Recognition Systems: Technology advancements for security applications  

SciTech Connect

Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

Beer, C.L.

1993-07-01

385

A Streamflow Statistics (StreamStats) Web Application for Ohio  

USGS Publications Warehouse

A StreamStats Web application was developed for Ohio that implements equations for estimating a variety of streamflow statistics including the 2-, 5-, 10-, 25-, 50-, 100-, and 500-year peak streamflows, mean annual streamflow, mean monthly streamflows, harmonic mean streamflow, and 25th-, 50th-, and 75th-percentile streamflows. StreamStats is a Web-based geographic information system application designed to facilitate the estimation of streamflow statistics at ungaged locations on streams. StreamStats can also serve precomputed streamflow statistics determined from streamflow-gaging station data. The basic structure, use, and limitations of StreamStats are described in this report. To facilitate the level of automation required for Ohio's StreamStats application, the technique used by Koltun (2003)1 for computing main-channel slope was replaced with a new computationally robust technique. The new channel-slope characteristic, referred to as SL10-85, differed from the National Hydrography Data based channel slope values (SL) reported by Koltun (2003)1 by an average of -28.3 percent, with the median change being -13.2 percent. In spite of the differences, the two slope measures are strongly correlated. The change in channel slope values resulting from the change in computational method necessitated revision of the full-model equations for flood-peak discharges originally presented by Koltun (2003)1. Average standard errors of prediction for the revised full-model equations presented in this report increased by a small amount over those reported by Koltun (2003)1, with increases ranging from 0.7 to 0.9 percent. Mean percentage changes in the revised regression and weighted flood-frequency estimates relative to regression and weighted estimates reported by Koltun (2003)1 were small, ranging from -0.72 to -0.25 percent and -0.22 to 0.07 percent, respectively.

Koltun, G.F.; Kula, Stephanie P.; Puskas, Barry M.

2006-01-01

386

Advancements in web-database applications for rabies surveillance  

PubMed Central

Background Protection of public health from rabies is informed by the analysis of surveillance data from human and animal populations. In Canada, public health, agricultural and wildlife agencies at the provincial and federal level are responsible for rabies disease control, and this has led to multiple agency-specific data repositories. Aggregation of agency-specific data into one database application would enable more comprehensive data analyses and effective communication among participating agencies. In Québec, RageDB was developed to house surveillance data for the raccoon rabies variant, representing the next generation in web-based database applications that provide a key resource for the protection of public health. Results RageDB incorporates data from, and grants access to, all agencies responsible for the surveillance of raccoon rabies in Québec. Technological advancements of RageDB to rabies surveillance databases include 1) automatic integration of multi-agency data and diagnostic results on a daily basis; 2) a web-based data editing interface that enables authorized users to add, edit and extract data; and 3) an interactive dashboard to help visualize data simply and efficiently, in table, chart, and cartographic formats. Furthermore, RageDB stores data from citizens who voluntarily report sightings of rabies suspect animals. We also discuss how sightings data can indicate public perception to the risk of racoon rabies and thus aid in directing the allocation of disease control resources for protecting public health. Conclusions RageDB provides an example in the evolution of spatio-temporal database applications for the storage, analysis and communication of disease surveillance data. The database was fast and inexpensive to develop by using open-source technologies, simple and efficient design strategies, and shared web hosting. The database increases communication among agencies collaborating to protect human health from raccoon rabies. Furthermore, health agencies have real-time access to a wide assortment of data documenting new developments in the raccoon rabies epidemic and this enables a more timely and appropriate response. PMID:21810215

2011-01-01

387

78 FR 12337 - Published Privacy Impact Assessments on the Web  

Federal Register 2010, 2011, 2012, 2013

...updated July 18, 2011. ESTA is a web-based application and screening...activities. HSIN is a user- driven, web-based, information-sharing...Security Information Network 3.0 Shared Spaces. Component: OPS...activities. HSIN is a user-driven, web- based,...

2013-02-22

388

Trust But Verify: Authorization for Web Services Christian Skalka  

E-print Network

Authorization, Access Control Logic, Web Ser- vices 1. INTRODUCTION Web services promise a new era of exibility in an open and exible manner, bringing tremen- dous power to applications on the web. However, this ex- ibility poses signicant challenges to security. Traditional access control for distributed systems

Skalka, Christian

389

The Handicap Principle for Trust in Computer Security, the Semantic Web and Social Networking  

NASA Astrophysics Data System (ADS)

Communication is a fundamental function of life, and it exists in almost all living things: from single-cell bacteria to human beings. Communication, together with competition and cooperation,arethree fundamental processes in nature. Computer scientists are familiar with the study of competition or 'struggle for life' through Darwin's evolutionary theory, or even evolutionary computing. They may be equally familiar with the study of cooperation or altruism through the Prisoner's Dilemma (PD) game. However, they are likely to be less familiar with the theory of animal communication. The objective of this article is three-fold: (i) To suggest that the study of animal communication, especially the honesty (reliability) of animal communication, in which some significant advances in behavioral biology have been achieved in the last three decades, should be on the verge to spawn important cross-disciplinary research similar to that generated by the study of cooperation with the PD game. One of the far-reaching advances in the field is marked by the publication of "The Handicap Principle: a Missing Piece of Darwin's Puzzle" by Zahavi (1997). The 'Handicap' principle [34][35], which states that communication signals must be costly in some proper way to be reliable (honest), is best elucidated with evolutionary games, e.g., Sir Philip Sidney (SPS) game [23]. Accordingly, we suggest that the Handicap principle may serve as a fundamental paradigm for trust research in computer science. (ii) To suggest to computer scientists that their expertise in modeling computer networks may help behavioral biologists in their study of the reliability of animal communication networks. This is largely due to the historical reason that, until the last decade, animal communication was studied with the dyadic paradigm (sender-receiver) rather than with the network paradigm. (iii) To pose several open questions, the answers to which may bear some refreshing insights to trust research in computer science, especially secure and resilient computing, the semantic web, and social networking. One important thread unifying the three aspects is the evolutionary game theory modeling or its extensions with survival analysis and agreement algorithms [19][20], which offer powerful game models for describing time-, space-, and covariate-dependent frailty (uncertainty and vulnerability) and deception (honesty).

Ma, Zhanshan (Sam); Krings, Axel W.; Hung, Chih-Cheng

390

Using Science Driven Technologies for the Defense and Security Applications  

NASA Technical Reports Server (NTRS)

For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

2004-01-01

391

WEB APPLICATION FOR TIMETABLE PLANNING IN THE HIGHER TECHNICAL COLLEGE OF INDUSTRIAL AND TELECOMMUNICATIONS ENGINEERING  

Microsoft Academic Search

The aim of this paper is to show a Web application developed in the University of Cantabria which allows for timetable management in an Engineering school with the peculiarity of having been developed using Informix Web datablade. First, the proposed Informix architecture to manage complex data is described; next, our project as application case is showed and finally, the experience

Marta E. Zorrilla Pantaleón; Eduardo Mora Monte; José Luis Crespo Fidalgo

392

Performance Factors in ASP.NET Web Applications with Limited Queue Models  

Microsoft Academic Search

Distributed systems and Web applications play an important role in computer science nowadays. The most common consideration is performance, because these systems must provide services with low response time, high availability, and certain throughput level. The performance of a Web application is affected by several factors. The goal of our work is to analyze how some of them affect the

A. Bogardi-Meszoly; T. Levendovszky; H. Charaf

2006-01-01

393

Formal Structured Specification for Web Application Xiaoping Jia,Hongming Liu,Lizhang Qin  

E-print Network

-end. A wide variety of technologies have been developed for web applications, including CGI, JSP, PHP, and ASP.NET methods which is often declared as a formal specifica- tion language and which is gaining widespread accep the use of formal methods in the specification of web application testing. We propose an approach

Jia, Xiaoping

394

Deploying an ASP.NET Web Application to a Hosting Provider  

E-print Network

#12;Deploying an ASP.NET Web Application to a Hosting Provider using Visual Studio Tom Dykstra Summary: This series of tutorials shows you how to make an ASP.NET web application available over-By-Step Applies to: ASP.NET 4.0 and earlier, Visual Studio 2010 Source: ASP.NET site (link to source content) E

Hunt, Galen

395

JSMeter: Comparing the Behavior of JavaScript Benchmarks with Real Web Applications  

E-print Network

JSMeter: Comparing the Behavior of JavaScript Benchmarks with Real Web Applications Paruj {livshits,zorn}@microsoft.com Abstract JavaScript is widely used in web-based applications and is increasingly popular with developers. So-called browser wars in recent years have focused on JavaScript

Livshits, Ben

396

A Framework for Automated Testing of JavaScript Web Applications  

E-print Network

A Framework for Automated Testing of JavaScript Web Applications Shay Artzi IBM Research artzi practice in testing JavaScript web applications requires man- ual construction of test cases, which is difficult and tedious. We present a framework for feedback-directed automated test genera- tion for JavaScript

Møller, Anders

397

Abmash: Mashing Up Legacy Web Applications by Automated Imitation of Human Actions  

E-print Network

Abmash: Mashing Up Legacy Web Applications by Automated Imitation of Human Actions Alper Ortac of such legacy web applications by automatically imitating human interactions with them. By automatically. Furthermore, the integration programs are easy to write since they deal with end-user, visual user

Paris-Sud XI, Université de

398

The Reusability Evaluation of a Domain-Specific Web Application Framework  

Microsoft Academic Search

Web application is used in various business fields on Internet and intranets. It is an efficient way to develop Web application on the base of a framework. In this paper, a domain specific framework for reservation is developed based on a mee- ting room reservation system. Then, the framework is applied to two other types of reservation systems, online book

ZHOU FENG; TAKESHI CHUSHO

2009-01-01

399

Teachers' Characteristics and Information Application Strategies of the World Wide Web.  

ERIC Educational Resources Information Center

This study investigated the use of the World Wide Web for instruction by fourth grade teachers. Identifies teacher characteristics, information-seeking strategies, and instructional application strategies, and reports that Web-knowledgeable teachers utilized reflexive application strategies and higher-level learning activities for teaching.…

Chen, Li-Ling; Huntsberger, John

2001-01-01

400

Composable M&S web Services for Netcentric Applications  

E-print Network

Service-oriented architectures promise easier integration of functionality in the form of web services into operational systems than is the case with interface-driven system-oriented approaches. Although the Extensible Markup Language (XML) enables a new level of interoperability among heterogeneous systems, XML alone does not solve all interoperability problems users contend with when integrating services into operational systems. To manage the basic challenges of service interoperation, we developed the Levels of Conceptual Interoperability Model (LCIM) to enable a layered approach and gradual solution improvements. Furthermore, we developed methods of model-based data engineering (MBDE) for semantically consistent service integration as a first step. These methods have been applied in the U.S. in collaboration with industry resulting in proofs of concepts. The results are directly applicable in a net-centric and net-enabled environment.

Andreas Tolk; Charles D. Turnitsa; Saikou Y. Diallo; Leslie S. Winters

2006-01-01

401

Developing a Web-based GIS Application for Earthquake Mapping   

E-print Network

The fast technical progress of web-based GIS has enabled visualising complex geographical phenomena for the interested public. This research paper analyses the development of a global earthquake web map which allows the visualisation of significant...

Boermel, Christian

2012-11-29

402

Model-based, event-driven programming paradigm for interactive web applications  

E-print Network

Applications are increasingly distributed and event-driven. Advances in web frameworks have made it easier to program standalone servers and their clients, but these applications remain hard to write. A model-based programming ...

Milicevic, Aleksandar

403

Interactive 3D Graphics Applications Embedded in Web Pages  

Microsoft Academic Search

As Internet and the World Wide Web (WWW) are becoming more and more popular, there is an increasing demand for new web services and developments. In particular, there is a need of new technologies (often referred to as Web3D) to create and manipulate interactive three-dimensional (3D) environments on the Web. A major problem in this subject is the lack of

Francisco Luengo; Mariela Contreras; Aurely Leal; Andrés Iglesias

2007-01-01

404

A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications  

NASA Astrophysics Data System (ADS)

Contact lists, Emails, SMS or custom applications on a professional smartphone could hold very confidential or sensitive information. What could happen in case of theft or accidental loss of such devices? Such events could be detected by the separation between the smartphone and a Bluetooth companion device. This event should typically block the applications and delete personal and sensitive data. Here, a solution is proposed based on a secured framework application running on the mobile phone as a rich client connected to a security server. The framework offers strong and customizable authentication and secured connectivity. A security server manages all security issues. User applications are then loaded via the framework. User data can be secured, synchronized, pushed or pulled via the framework. This contribution proposes a convenient although secured environment based on a client-server architecture using external authentications. Several features of the proposed system are exposed and a practical demonstrator is described.

Badan, Stephen; Probst, Julien; Jaton, Markus; Vionnet, Damien; Wagen, Jean-Frédéric; Litzistorf, Gérald

405

An Adaptive Web Server Application Cristina Hava Muntean  

E-print Network

the user satisfaction and the server performance are improved. KEYWORDS: Web server performance, customer on the improvements that bring both a better Web server performance and a greater increase in customer satisfaction satisfaction with a site. Firstly, some adaptive solutions allow the customization of the Web sites according

Murphy, John

406

Application of Data Mining in Web PreFetching  

Microsoft Academic Search

To speed up fetching Web pages, we give an intelligent technology of Web pre-fetching. We use a simplified WWW data model to represent the data in the cache of a Web browser to mine the association rules. We store these rules in a knowledge base so as to predict the user's actions. Intelligent agents are responsible for mining the users'

Baowen Xu; Weifeng Zhang; William Song; Hongji Yang; Chih-hung Chang

2000-01-01

407

Web Data Extraction, Applications and Techniques: A Survey Emilio Ferraraa,  

E-print Network

as a key tool to perform data analysis in Business and Competitive Intelligence systems as well a large amount of structured data continuously generated and disseminated by Web 2.0, Social Media at the Enterprise level and at the Social Web level. At the Enterprise level, Web Data Extraction techniques emerge

Ferrara, Emilio

408

Spatio-temporal Similarity of Web User Session Trajectories and Applications in Dark Web Research  

Microsoft Academic Search

\\u000a Trajectory similarity of moving objects resembles path similarity of user click-streams in web usage mining. By analyzing\\u000a the URL path of each user, we are able to determine paths that are very similar and therefore effective caching strategies\\u000a can be applied. In recent years, World Wide Web has been increasingly used by terrorists to spread their ideologies and web\\u000a mining

Sajimon Abraham; P. Sojan Lal

409

Perceptions of Accounting Practitioners and Educators on E-Business Curriculum and Web Security Issues  

ERIC Educational Resources Information Center

This research examines, through survey administration, the perceptions of accounting practitioners and educators with respect to the multi-faceted security issues of e-commerce payment systems as well as e-business curriculum issues. Specific security issues explored include misuse/theft of personal and credit card information, spam e-mails,…

Ragothaman, Srinivasan; Lavin, Angeline; Davies, Thomas

2007-01-01

410

Security applications of a remote electric-field sensor technology  

NASA Astrophysics Data System (ADS)

A new generation of electric field sensors developed at the University of Sussex is enabling an alternative to contact voltage and non-contact magnetic field measurements. We have demonstrated the capability of this technology in a number of areas including ECG through clothing, remote off-body ECG, through wall movement sensing and electric field imaging. Clearly, there are many applications for a generic sensor technology with this capability, including long term vital sign monitoring. The non-invasive nature of the measurement also makes these sensors ideal for man/machine and human/robot interfacing. In addition, there are obvious security and biometric possibilities since we can obtain physiological data remotely, without the knowledge of the subject. This is a clear advantage if such systems are to be used for evaluating the psychological state of a subject. In this paper we report the results obtained with a new version of the sensor which is capable of acquiring electrophysiological signals remotely in an open unshielded laboratory. We believe that this technology opens up a new area of remote biometrics which could have considerable implications for security applications. We have also demonstrated the ability of EPS to function in closely-packed one and two dimensional arrays for real-time imaging.

Prance, Robert J.; Harland, Christopher J.; Prance, Helen

2008-10-01

411

InkTag: Secure Applications on an Untrusted Operating System  

PubMed Central

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

2014-01-01

412

Efficient Integration of Web Services in Ambient-aware Sensor Network Applications  

Microsoft Academic Search

Sensor webs are heterogeneous collections of sensor devices that collect information and interact with the environ- ment. They consist of wireless sensor networks that are ensembles of small, smart, and cheap sensing and computing devices that permeate the environment as well as high-bandwidth rich sensors such as satellite imaging systems, meteorological stations, air quality stations, and security cameras. Emergency response,

Isaac Amundson; Manish Kushwaha; Xenofon D. Koutsoukos; Sandeep Neema; Janos Sztipanovits

2006-01-01

413

Application of telecom planar lightwave circuits for homeland security sensing  

NASA Astrophysics Data System (ADS)

Over the past decade, a massive effort has been made in the development of planar lightwave circuits (PLCs) for application in optical telecommunications. Major advances have been made, on both the technological and functional performance front. Highly sophisticated software tools that are used to tailor designs to required functional performance support these developments. In addition extensive know-how in the field of packaging, testing, and failure mode and effects analysis (FMEA) has been built up in the struggle for meeting the stringent Telcordia requirements that apply to telecom products. As an example, silica-on-silicon is now a mature technology available at several industrial foundries around the world, where, on the performance front, the arrayed-waveguide grating (AWG) has evolved into an off-the-shelf product. The field of optical chemical-biological (CB) sensors for homeland security application can greatly benefit from the advances as described above. In this paper we discuss the currently available technologies, device concepts, and modeling tools that have emerged from the telecommunications arena and that can effectively be applied to the field of homeland security. Using this profound telecom knowledge base, standard telecom components can readily be tailored for detecting CB agents. Designs for telecom components aim at complete isolation from the environment to exclude impact of environmental parameters on optical performance. For sensing applications, the optical path must be exposed to the measurand, in this area additional development is required beyond what has already been achieved in telecom development. We have tackled this problem, and are now in a position to apply standard telecom components for CB sensing. As an example, the application of an AWG as a refractometer is demonstrated, and its performance evaluated.

Veldhuis, Gert J.; Elders, Job; van Weerden, Harm; Amersfoort, Martin

2004-03-01

414

Keeping the Web in Web 2.0 An HCI Approach to Designing Web  

E-print Network

Keeping the Web in Web 2.0 An HCI Approach to Designing Web Applications CHI 2007 Course Notes.....................................................................................................................................1 1. Web Application UI versus Desktop Application UI..............................................................................................................................2 3. Examples of State Management in Web Applications

Tomkins, Andrew

415

WEBSCAT: A web application for the analysis of electromagnetic scattering from small particles  

NASA Astrophysics Data System (ADS)

Development of an online web application to simulate and display plane wave scattering from small particles is presented. In particular, the computation of angular variation of the scattering properties (scattering matrix elements, scattering coefficients, single scattering albedo etc.) of particulate matter by using the Mie theory and the T-matrix method was incorporated in the application. Comparison of the results generated by using the web application with other reported benchmark results has shown that the web application is accurate and reliable for electromagnetic scattering computations.

Gogoi, Ankur; Rajkhowa, Pritom; P. Saikia, Gunjan; Ahmed, Gazi A.; Choudhury, Amarjyoti

2014-10-01

416

Security of Electronic Business Applications - Structure and Quantification  

Microsoft Academic Search

The rapid growth of the commercial use of the Internet goes along with a rising need for security for both customer and merchant. As many parties and different systems are involved, security becomes a complicated issue. There- fore, the need for definition, structuring, and quantification of security arises. This paper proposes a structured approach to analyze security measures and to

Konstantin Knorr; Susanne Röhrig

2000-01-01

417

A Proxy-Based Infrastructure for Web Application Sharing and Remote Collaboration on Web Pages  

Microsoft Academic Search

When people collaborate remotely, the WWW is part of the shared resources they use together. However, web pages do not offer support for collabo- rative interaction such as viewing or influencing another user's browsing session - additional software needs to be installed for these features. In this paper, we present UsaProxy 2, an HTTP proxy that allows the same web

Richard Atterer; Albrecht Schmidt; Monika Wnuk

2007-01-01

418

Development of a Secure Mobile GPS Tracking and Management System  

ERIC Educational Resources Information Center

With increasing demand of mobile devices and cloud computing, it becomes increasingly important to develop efficient mobile application and its secured backend, such as web applications and virtualization environment. This dissertation reports a systematic study of mobile application development and the security issues of its related backend. …

Liu, Anyi

2012-01-01

419

Evaluation of a metal shear web selectively reinforced with filamentary composites for space shuttle application  

NASA Technical Reports Server (NTRS)

A final program summary is reported for test and evaluation activities that were conducted for space shuttle web selection. Large scale advanced composite shear web components were tested and analyzed to evaluate application of advanced composite shear web construction to a space shuttle orbiter thrust structure. The shear web design concept consisted of a titanium-clad + or - 45 deg boron/epoxy web laminate stiffened with vertical boron-epoxy reinforced aluminum stiffeners and logitudinal aluminum stiffening. The design concept was evaluated to be efficient and practical for the application that was studied. Because of the effects of buckling deflections, a requirement is identified for shear buckling resistant design to maximize the efficiency of highly-loaded advanced composite shear webs.

Laakso, J. H.; Straayer, J. W.

1974-01-01

420

A dialogue-based web application enhances personalized access to healthcare professionals – an intervention study  

PubMed Central

Background In today’s short stay hospital settings the contact time for patients is reduced. However, it seems to be more important for the patients that the healthcare professionals are easy to get in contact with during the whole course of treatment, and to have the opportunity to exchange information, as a basis for obtaining individualized information and support. Therefore, the aim was to explore the ability of a dialogue-based application to contribute to accessibility of the healthcare professionals and exchangeability of information. Method An application for online written and asynchronous contacts was developed, implemented in clinical practice, and evaluated. The qualitative effect of the online contact was explored using a Web-based survey comprised of open-ended questions. Results Patients valued the online contacts and experienced feelings of partnership in dialogue, in a flexible and calm environment, which supported their ability to be active partners and feelings of freedom and security. Conclusion The online asynchronous written environment can contribute to accessibility and exchangeability, and add new possibilities for dialogues from which the patients can benefit. The individualized information obtained via online contact empowers the patients. The Internet-based contacts are a way to differentiate and expand the possibilities for contacts outside the few scheduled face-to-face hospital contacts. PMID:22947231

2012-01-01

421

Security Aspects of an Enterprise-Wide Network Architecture.  

ERIC Educational Resources Information Center

Presents an overview of two projects that concern local area networks and the common point between networks as they relate to network security. Discusses security architectures based on firewall components, packet filters, application gateways, security-management components, an intranet solution, user registration by Web form, and requests for…

Loew, Robert; Stengel, Ingo; Bleimann, Udo; McDonald, Aidan

1999-01-01

422

Security Threats and Solutions for Application Server of IP Multimedia Subsystem (IMS-AS)  

Microsoft Academic Search

In this paper we will explore security threats and attacks possibility and security solution for Application Server of IP Multimedia Subsystem(IMS-AS). The SIP Application Server is an important entity of IP Multimedia Subsystem (IMS) because applications providing value added services are deployed on the Application Server. The SIP Application Server is triggered by Serving Call State Control Function (S-CSCF) which

Muhammad Sher; Shaoke Wu; Thomas Magedanz

423

Application of Web2.0 in Knowledge Management: A Survey from Enterprises  

Microsoft Academic Search

The purpose of this investigation was to understand the application status of Web2.0 technology in Enterprise Knowledge Management. The investigation inquired nearly one hundred employees with questionnaires randomly, and then analyzed the result. It showed that not a few enterprises had already been aware of the role that Web2.0 technologies played in Knowledge Management. However, how to use Web2.0 into

Liyong Wan; Rui Zeng; Sisi Hu

2010-01-01

424

The application research of airport security information management system on the field of civil aviation security  

Microsoft Academic Search

The airport security information management system (ASIMS) has been playing very important role in preventing aircrafts from hijacking, terrorism attacks and other acts of unlawful interference. The system is designed to integrate a variety of security information of an airport into an organic body by analyzing and mining data collected form the security checkpoints and stored in central server database

Wu Wei

2009-01-01

425

76 FR 4079 - Information Technology (IT) Security  

Federal Register 2010, 2011, 2012, 2013

...meet the NASA System Security Certification Program, and provide a Web site link within a contract...available at the NASA IT Security Policy Web site at: http...policy located in the IT Security Web site at...

2011-01-24

426

76 FR 22625 - Reporting of Security Issues  

Federal Register 2010, 2011, 2012, 2013

...html; or (3) Visiting TSA's Security Regulations Web page at http://www.tsa.gov...their report to anyone who uses the ``Security Issues'' Web form on the TSA Web site to submit security concerns (people who contact TSA...

2011-04-22

427

Design and performance evaluation of web-based medical image display system for PACS applications  

NASA Astrophysics Data System (ADS)

During the past several years, the using the Web technology and Web server as a means to access PACS image data are being considered and implemented with different technologies architectures. Here, we presented our design and implementation about developing component-based image display module, and then, gave a method to integrate this image display processing (DP) component into a Web-based image distribution server to enable users using Web browsers to access, view and manipulate PACS images. First, we designed the component software architecture of the image display. Second, we developed a Web-based PACS image distribution server based on component architecture, and integrated the DP components and other three PACS components into the Web architecture. Third, we added the new interface supporting http communication to the DP component by using the WinINet API (application program interface) developed by Microsoft, so that, the DP component can be plug-in to Web browsers to interact with the component-based Web server to display and manipulate DICOM images sent from any PACS archiving server. The performance evaluation on the diagnostic display workstation and the component-based Web server shows that the image distribution and display performance from the Web server to browser clients is similar with that of the image loading and displaying procedure of the diagnostic workstation, as more browser clients accessing to the Web server at same time.

Sun, Jianyong; Zhang, Jianguo; Huang, Yongbin; Tang, Shan; Huang, H. K.

2003-05-01

428

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey  

PubMed Central

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs. PMID:22368458

Kumar, Pardeep; Lee, Hoon-Jae

2012-01-01

429

Situating CoWeb: a scholarship of application  

Microsoft Academic Search

Since 1998, we have been developing and researching CoWeb, a version of Wiki designed to support collaborative learning. In\\u000a this article, we summarize our results of situating CoWeb across the academic landscape of Georgia Tech. In architecture,\\u000a CoWeb enabled faculty to serve more students in a design-based course. In English composition, a comparison study demonstrated\\u000a significant learning benefits without incurring

Jochen Rick; Mark Guzdial

2006-01-01

430

Web 2.0 applications in top Chinese university libraries  

Microsoft Academic Search

Purpose – This paper aims to explore the status and construction pattern of Web 2.0 technologies employed in top Chinese university libraries, their functionalities and features. Design\\/methodology\\/approach – A combination of online survey and content analysis methodology is applied to a sample of 38 top Chinese university libraries' web sites. The Web 2.0 tools are categorized by generally accepted standards

Zhiping Han; Yan Quan Liu

2010-01-01

431

Highly-Interactive and User-Friendly Web Application for People with Diabetes  

E-print Network

Highly-Interactive and User-Friendly Web Application for People with Diabetes Francois Andry, Larry. One Waters Park Drive ­ Suite 280 San Mateo, CA 94403, USA Abstract ­ LifeSensor Diabetes is a module that is coupled with a web-based personal health record (PHR) for patients with type 2 diabetes. In this paper we

Andry, François

432

Enabling Real Estate Businesses on the Web: From E-Business Model to The Application Services  

E-print Network

Enabling Real Estate Businesses on the Web: From E-Business Model to The Application Services Anderson was ex-CEO for Internet Media Woks! #12;2 Enabling Real Estate Businesses on the Web: From E system for real estate businesses, is designed in corporate with the e-business ideas. Keywords

Lin, Zhangxi

433

LemonAid: Selection-Based Crowdsourced Contextual Help for Web Applications  

E-print Network

(i.e., "add a photo" vs. "insert an image"). While search engine algorithms can be used to mitigateLemonAid: Selection-Based Crowdsourced Contextual Help for Web Applications Parmit K. Chilana 98195 USA {pchilana, ajko, wobbrock}@uw.edu ABSTRACT Web-based technical support such as discussion

Wobbrock, Jacob O.

434

Towards a Better Comprehensibility of Web Applications: Lessons Learned from Reverse Engineering Experiments  

Microsoft Academic Search

The rapid diffusion of the Internet has triggered a growing request for new Web sites and Web applications (WA). Due to the pressing market demand, new WAs are usually developed in a very short time, while existing WAs are modified frequently and quickly. In these conditions, well-known software engineering principles are not usually applied, and well-defined software processes and methodologies

Giuseppe A. Di Lucca; Anna Rita Fasolino; Porfirio Tramontana

2002-01-01

435

Internet as Clinical Information System: Application Development Using the World Wide Web  

Microsoft Academic Search

Clinical computing application development at Columbia–Presbyterian Medical Center has been limited by the lack of a flexible programming environment that supports multiple client user platforms. The World Wide Web offers a potential solution, with its multifunction servers, multiplatform clients, and use of standard protocols for displaying information. The authors are now using the Web, coupled with their own local clinical

James J Cimino; Socrates A Socratous; Paul D Clayton

1995-01-01

436

Application specific vs. standard Web service interfaces for the vertical integration of fieldbus  

E-print Network

Application specific vs. standard Web service interfaces for the vertical integration of fieldbus approaches for developing Web service inter- faces for the vertical integration of TTP/A fieldbus systems describing fieldbus systems. In contrast standardised interfaces such as OPC XML DA only al- low lower levels

Turau, Volker

437

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications  

E-print Network

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications Davide properly checked or sanitized the input values prior to their use. Past research on vulnerability analysis of the sanitization process. Thus, whenever a web ap- plication applies some sanitization routine to potentially

Kruegel, Christopher

438

An Immunological Model of Distributed Detection and Its Application to Computer Security  

E-print Network

An Immunological Model of Distributed Detection and Its Application to Computer Security By Steven vii #12;#12;An Immunological Model of Distributed Detection and Its Application to Computer Security By Steven Andrew Hofmeyr Doctor of Philosophy Computer Science May 1999 #12;#12;An Immunological Model

Forrest, Stephanie

439

Design and Applications of a Secure and Decentralized Distributed Hash Table  

E-print Network

, creating many fake identities is cheap; (2) an attacker can subvert periodic routing table maintenanceDesign and Applications of a Secure and Decentralized Distributed Hash Table by Christopher T and Applications of a Secure and Decentralized Distributed Hash Table by Christopher T. Lesniewski-Laas Submitted

440

Dynamic programming model estimates of Social Security Disability Insurance application timing  

Microsoft Academic Search

This paper develops a dynamic programming model of the Social Security Disability Insurance (SSDI) application timing decision. We estimate the time to application from the point at which a health condition first begins to affect the kind or amount of work that a currently employed person can do. We use Health and Retirement Study (HRS) and restricted access Social Security

Richard V. Burkhauser; J. S. Butler; Gulcin Gumus

2004-01-01

441

Displaying R spatial statistics on Google dynamic maps with web applications created by Rwui  

PubMed Central

Background The R project includes a large variety of packages designed for spatial statistics. Google dynamic maps provide web based access to global maps and satellite imagery. We describe a method for displaying directly the spatial output from an R script on to a Google dynamic map. Methods This is achieved by creating a Java based web application which runs the R script and then displays the results on the dynamic map. In order to make this method easy to implement by those unfamiliar with programming Java based web applications, we have added the method to the options available in the R Web User Interface (Rwui) application. Rwui is an established web application for creating web applications for running R scripts. A feature of Rwui is that all the code for the web application being created is generated automatically so that someone with no knowledge of web programming can make a fully functional web application for running an R script in a matter of minutes. Results Rwui can now be used to create web applications that will display the results from an R script on a Google dynamic map. Results may be displayed as discrete markers and/or as continuous overlays. In addition, users of the web application may select regions of interest on the dynamic map with mouse clicks and the coordinates of the region of interest will automatically be made available for use by the R script. Conclusions This method of displaying R output on dynamic maps is designed to be of use in a number of areas. Firstly it allows statisticians, working in R and developing methods in spatial statistics, to easily visualise the results of applying their methods to real world data. Secondly, it allows researchers who are using R to study health geographics data, to display their results directly onto dynamic maps. Thirdly, by creating a web application for running an R script, a statistician can enable users entirely unfamiliar with R to run R coded statistical analyses of health geographics data. Fourthly, we envisage an educational role for such applications. PMID:22998945

2012-01-01

442

Satellite services for disaster management and security applications  

NASA Astrophysics Data System (ADS)

Advantages of communications satellites are the inherent broadcast capability, high bandwidth, reliability and flexibility in network expansion. Small transportable terminals can be made operational very quickly. Recent developments in communications and computer technology allow to provide low-cost equipment, which is affordable even in developing countries. Communications satellites can also play an important role in case of emergencies or natural disasters. The combination of satellite communications and navigation can support new services for emergency teams. At the Institute of Applied Systems Technology and the Institute of Communication Networks and Satellite Communications highly transportable terminals have been developed, both for star and mesh network topologies. A fully meshed VSAT system is used for symmetrical links. For other applications, which do not require high return link capacity an asymmetrical system is an efficient solution. It uses low-cost DVB technology for the forward link and satellite phones with data capability on the return link. Novel multicast protocols allow to use these asymmetrical links in an efficient way. The paper describes the different systems and their applications in disaster management and security applications. Emphasis is put on transfer of remote sensing images and voice over IP (VoIP) as well as videoconference services.

Koudelka, Otto; Schrotter, P.

2007-06-01

443

Photonics applications and web engineering: WILGA May 2013  

NASA Astrophysics Data System (ADS)

Traditional WILGA Symposia are held two times a year since 1998. Each year the WILGA May edition gathers around 300 young researchers active in advanced photonics and electronics systems. The paper, as each year, presents a digest of chosen technical work results shown by young researchers from different technical universities from this country during the SPIE-IEEE Wilga 2013 Symposium on Photonics and Web Engineering. Topical tracks of the symposium embraced, among others, nanomaterials and nanotechnologies for photonics, sensory and nonlinear optical fibers, object oriented design of hardware, photonic metrology, optoelectronics and photonics applications, photonics-electronics codesign, optoelectronic and electronic systems for astronomy and high energy physics experiments, CMS, ITER, JET - Joint European Torus, BRITE nanosatellite, and pi-of-the sky experiments development. The symposium is an annual summary in the development of numerable Ph.D. theses carried out in this and neighboring countries in the area of advanced electronic and photonic systems. It is also a great occasion for SPIE, IEEE, OSA and PSP students and young researchers to meet together in a large group spanning the whole country with guests from this part of Europe. A digest of Wilga references is presented [1-225].

Romaniuk, Ryszard S.

2013-10-01

444

How Secure Are FPGAs in Cryptographic Applications? (Long Version) #  

E-print Network

to custom hardware, and only limited physical security, # This research was partially sponsored by the German Federal O#ce for Information Security (BSI). #12; especially with respect to key storage [Sch96

445

How Secure Are FPGAs in Cryptographic Applications? (Long Version)  

E-print Network

compared to custom hardware, and only limited physical security, This research was partially sponsored by the German Federal Office for Information Security (BSI). #12;especially with respect to key storage [Sch96

446

Introduction to the Application of Web-Based Surveys.  

ERIC Educational Resources Information Center

This paper discusses some basic assumptions and issues concerning web-based surveys. Discussion includes: assumptions regarding cost and ease of use; disadvantages of web-based surveys, concerning the inability to compensate for four common errors of survey research: coverage error, sampling error, measurement error and nonresponse error; and…

Timmerman, Annemarie

447

Data Mining for Web-Enabled Electronic Business Applications  

Microsoft Academic Search

Web-enabled electronic business is generating massive amounts of data on customer purchases, browsing patterns, usage times, and preferences at an increasing rate. Data mining techniques can be applied to all the data being collected for obtaining useful information. This chapter attempts to present issues associated with data mining for Web-enabled electronic- business.

Richi Nayak

448

Registre de services Web pour le développement d'applications  

Microsoft Academic Search

Systems of organizations are more and more based on Service-Oriented Architecture (AOS) since the elementary services can be reused and shared. In order to adopt the AOS concept, the Web services are mainly used. The standards of description (WSDL) and communication (SOAP) of Web services being approved, only standard methods of search and selection are long in emerging. These processes

Céline Lopez-velasco; Marlène Villanova-oliver; Jérôme Gensel; Hervé Martin

2007-01-01

449

SecurityFocus  

NSDL National Science Digital Library

This news service from SecurityFocus is an excellent resource to learn about important computer security warnings and alerts. The Web site keeps track of many widely used software applications, while reporting known vulnerabilities as they are found. Viruses and worms are another key topic that receives significant attention. Several columns offer expert advice and tips to efficiently use and understand software for different platforms. Government security is covered in the news section, discussing federal practices and legislation related to the national network infrastructure. Because the articles have such a broad scope, the material can be useful for both home and business users.

1999-01-01

450

Electronic Business Technology and its Security Problems  

Microsoft Academic Search

This paper discusses two main ideas, Electronic Business Technology and its Security Problems. E-Business relies upon a wide range of technologies. Here we examine the more vital technologies for electronic Business. Included Networks, E-mail, The Word Wide Web etc. On the Internet many electronic Business applications can be used today, but most of them provide only weak security or even

Yi Huang; Xinqiang Ma

2010-01-01

451

World Wide WebWWWDeep Web Web Deep Web  

E-print Network

Deep Web Web World Wide WebWWWDeep Web Web Deep Web Deep Web Deep Web Deep Web Deep Web 1 World Wide Web [1] Web 200,000TB Web Web Web Internet Web Web Web "" Surface Web Deep Web Surface Web 21.3% Surface Web Deep Web [2] Deep Web Web Crawler Deep Web 1 Web

452

Application-Oriented Confidentiality and Integrity Dynamic Union Security Model Based on MLS Policy  

NASA Astrophysics Data System (ADS)

We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.

Xue, Mingfu; Hu, Aiqun; He, Chunlong

453

On the Use of Social Networks in Web Services: Application to the Discovery Stage  

NASA Astrophysics Data System (ADS)

This chapter discusses the use of social networks in Web services with focus on the discovery stage that characterizes the life cycle of these Web services. Other stages in this life cycle include description, publication, invocation, and composition. Web services are software applications that end users or other peers can invoke and compose to satisfy different needs such as hotel booking and car rental. Discovering the relevant Web services is, and continues to be, a major challenge due to the dynamic nature of these Web services. Indeed, Web services appear/disappear or suspend/resume operations without prior notice. Traditional discovery techniques are based on registries such as Universal Description, Discovery and Integration (UDDI) and Electronic Business using eXtensible Markup Language (ebXML). Unfortunately, despite the different improvements that these techniques have been subject to, they still suffer from various limitations that could slow down the acceptance trend of Web services by the IT community. Social networks seem to offer solutions to some of these limitations but raise, at the same time, some issues that are discussed in this chapter. The contributions of this chapter are three: social network definition in the particular context of Web services; mechanisms that support Web services build, use, and maintain their respective social networks; and social networks adoption to discover Web services.

Maamar, Zakaria; Wives, Leandro Krug; Boukadi, Khouloud

454

Host Fingerprinting and Tracking on the Web:Privacy and Security Implications  

Microsoft Academic Search

Many web services aim to track clients as a basis for analyzing their behavior and providing personalized services. Despite much debate regarding the collection of client information, there have been few quantitative studies that analyze the effectiveness of host-tracking and the associated privacy risks. In this paper, we perform a large-scale study to quantify the amount of information revealed by

Ting-Fang Yen; Yinglian Xie; Fang Yu; Roger Peng Yu; Mart ´ õn Abadi

2012-01-01

455

Recent trends in print portals and Web2Print applications  

NASA Astrophysics Data System (ADS)

For quite some time now, the printing business has been under heavy pressure because of overcapacity, dropping prices and the delocalization of the production to low income countries. To survive in this competitive world, printers have to invest in tools that, on one hand, reduce the production costs and, on the other hand, create additional value for their customers (print buyers). The creation of customer portals on top of prepress production systems allowing print buyers to upload their content, approve the uploaded pages based on soft proofs (rendered by the underlying production system) and further follow-up the generation of the printed material, has been illustrative in this respect. These developments resulted in both automation for the printer and added value for the print buyer. Many traditional customer portals assume that the printed products have been identified before they are presented to the print buyer in the portal environment. The products are, in this case, typically entered by the printing organization in a so-called MISi system after the official purchase order has been received from the print buyer. Afterwards, the MIS system then submits the product to the customer portal. Some portals, however, also support the initiation of printed products by the print buyer directly. This workflow creates additional flexibility but also makes things much more complex. We here have to distinguish between special products that are defined ad-hoc by the print buyer and standardized products that are typically selected out of catalogs. Special products are most of the time defined once and the level of detail required in terms of production parameters is quite high. Systems that support such products typically have a built-in estimation module, or, at least, a direct connection to an MIS system that calculates the prices and adds a specific mark-up to calculate a quote. Often, the markup is added by an account manager on a customer by customer basis; in this case, the ordering process is, of course, not fully automated. Standardized products, on the other hand, are easily identified and the cost charged to the print buyer can be retrieved from predefined price lists. Typically, higher volumes will result in more attractive prices. An additional advantage of this type of products is that they are often defined such that they can be produced in bulk using conventional printing techniques. If one wants to automate the ganging, a connection must be established between the on-line ordering and the production planning system. (For digital printing, there typically is no need to gang products since they can be produced more effectively separately.) Many of the on-line print solutions support additional features also available in general purpose e-commerce sites. We here think of the availability of virtual shopping baskets, the connectivity with payment gateways and the support of special facilities for interfacing with courier services (bar codes, connectivity to courier web sites for tracking shipments etc.). Supporting these features also assumes an intimate link with the print production system. Another development that goes beyond the on-line ordering of printed material and the submission of full pages and/or documents, is the interactive, on-line definition of the content itself. Typical applications in this respect are, e.g., the creation of business cards, leaflets, letter heads etc. On a more professional level, we also see that more and more publishing organizations start using on-line publishing platforms to organize their work. These professional platforms can also be connected directly to printing portals and thus enable extra automation. In this paper, we will discuss for each of the different applications presented above (traditional Print Portals, Web2Print applications and professional, on-line publishing platforms) how they interact with prepress and print production systems and how they contribute to the improvement of the overall operations of a printing organization.

Tuijn, Chris

2009-01-01

456

A Web application to improve emotional awareness in high-functioning autistics  

E-print Network

The web application built here is based on the idea of presenting scenarios to users, using text, and having the users choose likely emotions that match the scenarios. Taken for granted by most neurotypical people, ...

Sonuyi, Temitope O

2006-01-01

457

C# - Connecting a Mobile Application to Oracle Server via Web Services  

E-print Network

This article is focused on mobile development using Visual Studio 2005, web services and their connection to Oracle server, willing to help programmers to realize simple and useful mobile applications.

Ilea, Daniela

2009-01-01

458

OSP with Jython Web Start application - step-by-step guide  

NSDL National Science Digital Library

A description of how to build Java Web Start applications using the OSP library. Integrates the OpenSourcePhysics .jar library files and the Python classes generated by Jython during compiling time with jythonc.

2008-11-13

459

Research Article MyLabStocks: a web-application to manage molecular  

E-print Network

Research Article MyLabStocks: a web-application to manage molecular biology materials Florent easily be extended to handle other types of stocks and it can be installed on any server architecture. MyLabStocks

Paris-Sud XI, Université de

460

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices  

PubMed Central

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

2014-01-01

461

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.  

PubMed

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

Park, Chang-Seop

2014-01-01

462

AMP: a science-driven web-based application for the TeraGrid  

NASA Astrophysics Data System (ADS)

The Asteroseismic Modeling Portal (AMP) provides a web-based interface for astronomers to run and view simulations that derive the properties of Sun-like stars from observations of their pulsation frequencies. In this paper, we describe the architecture and implementation of AMP, highlighting the lightweight design principles and tools used to produce a functional fully-custom web-based science application in less than a year. Targeted as a TeraGrid science gateway, AMP's architecture and implementation are intended to simplify its orchestration of TeraGrid computational resources. AMP's web-based interface was developed as a traditional standalone database-backed web application using the Python-based Django web development framework, allowing us to leverage the Django framework's capabilities while cleanly separating the user interface development from the grid interface development. We have found this combination of tools flexible and effective for rapid gateway development and deployment.

Woitaszek, M.; Metcalfe, T.; Shorrock, I.

463

76 FR 8755 - Privacy Act of 1974; Department of Homeland Security/ALL-032 Official Passport Application and...  

Federal Register 2010, 2011, 2012, 2013

...1974; Department of Homeland Security/ALL--032 Official Passport Application and...Department of Homeland Security/ ALL--032 Official Passport Application and...Washington, DC 20528. Instructions: All submissions received must include the...

2011-02-15

464

Application of the JDL data fusion process model for cyber security  

NASA Astrophysics Data System (ADS)

A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

Giacobe, Nicklaus A.

2010-04-01

465

TransPeer: adaptive distributed transaction monitoring for Web2.0 applications  

Microsoft Academic Search

In emerging Web2.0 applications such as virtual worlds or social networking websites, the number of users is very important (tens of thousands), hence the amount of data to manage is huge and dependability is a crucial issue. The large scale prevents from using centralized approaches or locking\\/two-phase-commit approach. Moreover, Web2.0 applications are mostly interactive, which means that the response time

Idrissa Sarr; Hubert Naacke; Stéphane Gançarski

2010-01-01

466

A Secure Web-based Global Management System For Firewall\\/VPN Devices  

Microsoft Academic Search

A firewall is a security device placed between a private network and a public network such as the Internet. It is designed to protect the private network resources from unauthorized user access. Today, various firewalls are widely used in many places (e.g., Internet data centers, company headquarters, branch office, telecommuters' homes). What is desperately needed is a management system that

Mi-Joung Choi; James W. Hong

2001-01-01

467

SessionJuggler: Secure Web Login From an Untrusted Terminal Using Session Hijacking  

E-print Network

by users of an insecure terminal and WiFi network, password theft has arguably the greatest consequence Keywords Mobile, session hijacking, secure login, cookies 1. INTRODUCTION It is well known that password pages, further putting users at risk by sending passwords in the clear. Among the risks encountered

Boneh, Dan

468

Modulated digital images for biometric and other security applications  

NASA Astrophysics Data System (ADS)

There are, in general, two ways for an observer to deal with light that is incorrect in some way (e.g. which is partially out of focus). One approach is to correct the error (e.g. by using a lens to selectively bend the light). Another approach employs selective masking to block those portions of the light which are unwanted (e.g. out of focus). The principle of selective masking is used in a number of important industries. However it has not found widespread application in the field of optical security devices. This work describes the selective masking, or modulation, of digital images as a means of creating documents and transparent media containing overt or covert biometric and other images. In particular, we show how animation effects, flash-illumination features, color-shifting patches, information concealment devices, and biometric portraiture in various settings can be incorporated in transparent media like plastic packaging materials, credit cards, and plastic banknotes. We also demonstrate the application of modulated digital images to the preparation of optically variable diffractive foils which are readily customized to display biometric portraits and information. Selective masking is shown to be an important means of creating a diverse range of effects useful in authentication. Such effects can be readily and inexpensively produced without the need, for example, to fabricate lenses on materials which may not be conducive in this respect.

McCarthy, Lawry D.; Lee, Robert A.; Swiegers, Gerhard F.

2004-06-01

469

Applications of shape analysis to domestic and international security.  

SciTech Connect

The rapidly growing area of cooperative international security calls for pervasive deployment of smart sensors that render valuable information and reduce operational costs and errors. Among the sensors used, vision sensors are by far the most versatile, tangible, and rich in the information they provide about their environment. On the flip side, they are also the most complex to analyze automatically for the extraction of high-level information. The ability to process imagery in a useful manner requires at least partial functional emulation of human capabilities of visual understanding. Of all visual cues available in image data, shape is perhaps the most important for understanding the content of an image. In this paper we present an overview of ongoing research at LANL on geometric shape analysis. The objective of our research is to develop a computational framework for multiscale characterization, analysis, and recognition of shapes. This framework will enable the development of a comprehensive and connected body of mathematical methods and algorithms, based on the topological, metrical, and morphological properties of shapes. We discuss its potential applications to automated surveillance, monitoring, container tracking and inspection, weapons dismantlement, and treaty verification. The framework will develop a geometric filtering scheme for extracting semantically salient shape features. This effort creates a paradigm for solving shape-related problems in Pattern Recognition, Computer Vision, and Image Understanding in a conceptually cohesive and algorithmically amenable manner. The research aims to develop an advanced image analysis capability at LANL for solving a wide range of problems in automated facility surveillance, nuclear materials monitoring, treaty verification, and container inspection and tracking. The research provides the scientific underpinnings that will enable us to build smart surveillance cameras, with a direct practical impact on LANL's capabilities in domestic and international safeguards and security.

Prasad, Lakshman; Skourikhine, A. N. (Alexei N.); Doak, J. E. (Justin E.)

2002-01-01

470

49 CFR 1552.23 - Security awareness training programs.  

Code of Federal Regulations, 2013 CFR

...including applicable information in the TSA Information Publication “Security Guidelines for General Aviation Airports...aviation aircraft contained on the TSA Web site; and (iv) Any new TSA guidelines or recommendations concerning...

2013-10-01

471

49 CFR 1552.23 - Security awareness training programs.  

Code of Federal Regulations, 2011 CFR

...including applicable information in the TSA Information Publication “Security Guidelines for General Aviation Airports...aviation aircraft contained on the TSA Web site; and (iv) Any new TSA guidelines or recommendations concerning...

2011-10-01

472

49 CFR 1552.23 - Security awareness training programs.  

Code of Federal Regulations, 2012 CFR

...including applicable information in the TSA Information Publication “Security Guidelines for General Aviation Airports...aviation aircraft contained on the TSA Web site; and (iv) Any new TSA guidelines or recommendations concerning...

2012-10-01

473

49 CFR 1552.23 - Security awareness training programs.  

...including applicable information in the TSA Information Publication “Security Guidelines for General Aviation Airports...aviation aircraft contained on the TSA Web site; and (iv) Any new TSA guidelines or recommendations concerning...

2014-10-01

474

49 CFR 1552.23 - Security awareness training programs.  

Code of Federal Regulations, 2010 CFR

...including applicable information in the TSA Information Publication “Security Guidelines for General Aviation Airports...aviation aircraft contained on the TSA Web site; and (iv) Any new TSA guidelines or recommendations concerning...

2010-10-01

475

Data cleaning approaches in Web2.0 VGI application  

Microsoft Academic Search

As the Web provide a more flexible and sophisticated platform for information dissemination and exchanging, the idea that allow user to add and upload geospatial-related data in GIS-enabled online site to promote the geographic information sharing in public is becoming a new research topic in GIS. There are some real-world Web sites already partially implement VGI thought like wikimapia.org and

Xinlin Qian; Liping Di; Deren Li; Pingxiang Li; Lite Shi; Liefei Cai

2009-01-01

476

Do-It-Yourself Database-Driven Web Applications Keith Kowalzcykowski  

E-print Network

.com belongs to the emerging space of Do-It-Yourself (DIY), custom, hosted, database-driven web application applications customized to their organizations' data and process needs. The hoped-for outcome of DIY platformsPoint enabled us to do them ourselves. Generally DIY platforms provide an application design facility (also

Petropoulos, Michalis

477

Security Considerations for Modern Web-Based Maintenance or Remote Sensing System  

Microsoft Academic Search

In an ever-increasing competitive environment, companies must maintain the quality of their production and services. Hence,\\u000a machinery or equipment that is critical to production and providing services must be maintained with minimum downtime or a\\u000a near zero-break down rate. The concept of Web-based maintenance helps to detect faulty equipment at an early stage without\\u000a the constraints of distance. It provides

Alan N. Cheuk; Peter W. Tse

478

TermExtractor: a Web Application to Learn the Shared Terminology of Emergent Web Communities  

Microsoft Academic Search

In the Semantic Web era, many techniques have been proposed to capture the explicit knowledge of a virtual community, and represent this knowledge in a structured form often referred to as domain ontology. One of the first steps of the ontology-building task is to collect a vocabulary of domain relevant terms. We designed a high-performing technique to automatically extract the

F. Sclano; P. Velardi

2007-01-01

479

Secure authentication protocol for Internet applications over CATV network  

NASA Astrophysics Data System (ADS)

An authentication protocol is proposed in this paper to implement secure functions which include two way authentication and key management between end users and head-end. The protocol can protect transmission from frauds, attacks such as reply and wiretap. Location privacy is also achieved. A rest protocol is designed to restore the system once when systems fail. The security is verified by taking several security and privacy requirements into consideration.

Chin, Le-Pond

1998-02-01

480

Development of a web application for water resources based on open source software  

NASA Astrophysics Data System (ADS)

This article presents research and development of a prototype web application for water resources using latest advancements in Information and Communication Technologies (ICT), open source software and web GIS. The web application has three web services for: (1) managing, presenting and storing of geospatial data, (2) support of water resources modeling and (3) water resources optimization. The web application is developed using several programming languages (PhP, Ajax, JavaScript, Java), libraries (OpenLayers, JQuery) and open source software components (GeoServer, PostgreSQL, PostGIS). The presented web application has several main advantages: it is available all the time, it is accessible from everywhere, it creates a real time multi-user collaboration platform, the programing languages code and components are interoperable and designed to work in a distributed computer environment, it is flexible for adding additional components and services and, it is scalable depending on the workload. The application was successfully tested on a case study with concurrent multi-users access.

Delipetrev, Blagoj; Jonoski, Andreja; Solomatine, Dimitri P.

2014-01-01

481

Foundational Security Principles for Medical Application Platforms* (Extended Abstract)  

PubMed Central

We describe a preliminary set of security requirements for safe and secure next-generation medical systems, consisting of dynamically composable units, tied together through a real-time safety-critical middleware. We note that this requirement set is not the same for individual (stand-alone) devices or for electronic health record systems, and we must take care to define system-level requirements rather than security goals for components. The requirements themselves build on each other such that it is difficult or impossible to eliminate any one of the requirements and still achieve high-level security goals. PMID:25599096

Vasserman, Eugene Y.; Hatcliff, John

2014-01-01

482

NASA guidelines for assuring the adequacy and appropriateness of security safeguards in sensitive applications  

NASA Technical Reports Server (NTRS)

The Office of Management and Budget (OMB) Circular A-71, transmittal Memorandum No. 1, requires that each agency establish a management control process to assure that appropriate administrative, physical and technical safeguards are incorporated into all new computer applications. In addition to security specifications, the management control process should assure that the safeguards are adequate for the application. The security activities that should be integral to the system development process are examined. The software quality assurance process to assure that adequate and appropriate controls are incorporated into sensitive applications is also examined. Security for software packages is also discussed.

Tompkins, F. G.

1984-01-01

483

Section Course Term Credits Room Day Time 132D ALS4932 Fall 1 WEB WEB WEB  

E-print Network

Section Course Term Credits Room Day Time 132D ALS4932 Fall 1 WEB WEB WEB 1G73 FNR3131C Fall 3 DEGREE APPLICATIONS DUE September 13th CLASSES END December 4th WEB WEB WEB WEB Forest Operations Sager WEB Capinera WEB Turf and Ornamental Entomology Buss WEB Bennet Capinera Lutz STAFF Mac

Watson, Craig A.

484

Probing a Self-Developed Aesthetics Measurement Application (SDA) in Measuring Aesthetics of Mandarin Learning Web Page Interfaces  

E-print Network

This article describes the accurateness of our application namely Self-Developed Aesthetics Measurement Application (SDA) in measuring the aesthetics aspect by comparing the results of our application and users' perceptions in measuring the aesthetics of the web page interfaces. For this research, the positions of objects, images element and texts element are defined as objects in a web page interface. Mandarin learning web pages are used in this research. These learning web pages comprised of main pages, learning pages and exercise pages, on the first author's E-portfolio web site. The objects of the web pages were manipulated in order to produce the desired aesthetic values. The six aesthetics related elements used are balance, equilibrium, symmetry, sequence, rhythm, as well as order and complexity. Results from the research showed that the ranking of the aesthetics values of the web page interfaces measured of the users were congruent with the expected perceptions of our designed Mandarin learning web pag...

Zain, Jasni Mohamad; Goh, Yingsoon

2011-01-01

485

Advanced applications to security of IR smart microbolometers  

NASA Astrophysics Data System (ADS)

Advanced IR emitters and sensors are under development for high detection probability, low false alarm rate and identification capability of toxic gases. One of the most reliable technique to identify the gas species is Spectroscopy, especially in the infrared spectral range, where most of existing toxic compounds exhibit their stronger roto-vibrational absorption bands. Following the results obtained from simulations and analysis of expected absorption spectra, a compact non dispersive infrared multi-spectral system has been designed and developed for security applications. It utilizes a few square millimeters thermal source, a novel design multipass cell, and a smart architecture microbolometric sensor array coupled to a linear variable spectral filter to perform toxic gases detection and identification. This is done by means of differential absorption spectroscopic measurements in the spectral range of the LWIR (Long Wavelength Infrared) spectral region. Preliminary tests for sensitivity and selectivity are undergoing using mixtures of ammonia and ethylene. Detection capability down to tens of ppm has been demonstrated. Possible improvements owing to open path sensor or hollow-fiber based sensor implementation are also presented for future systems evolution.

Corsi, C.; Liberatore, N.; Mengali, S.; Mercuri, A.; Viola, R.; Zintu, D.

2007-10-01

486

Application of wireless sensor system on security network  

NASA Astrophysics Data System (ADS)

In this research we developed wireless sensor system for security application. We have used geophone to detect seismic signals which are generated by footsteps. Geophones are resonant devices. Therefore, vibration on the land can generate seismic waveforms which could be very similar to the signature by footstep. The signals from human footstep have weak signals to noise ratio and the signal strength is subject to the distance between the sensor and human. In order to detect weak signals from footstep, we designed and fabricated 2-stage amplification circuit which consists of active and RC filters and amplifiers. The bandwidth of filter is 0.7Hz-150Hz and the gain of amplifier is set to 1000. The wireless sensor system also developed to monitor the sensing signals at the remote place. The wireless sensor system consists of 3 units; a wireless sensor unit, a wireless receiver unit, and a monitoring unit. The wireless sensor unit transmits amplified signals from geophone with Zigbee, and the wireless receiver unit which has both Zigbee and Wi-Fi module receives signals from the sensor unit and transmits signals to the monitoring system with Zigbee and Wi-Fi, respectively. By using both Zigbee and Wi-Fi, the wireless sensor system can achieve the low power consumption and wide range coverage.

Oh, Sechang; Kwon, Hyeokjun; Yoon, Hargsoon; Varadan, Vijay K.

2010-04-01

487

Laser-induced breakdown spectroscopy in industrial and security applications  

SciTech Connect

Laser-induced breakdown spectroscopy (LIBS) offers rapid, localized chemical analysis of solid or liquid materials with high spatial resolution in lateral and depth profiling, without the need for sample preparation. Principal component analysis and partial least squares algorithms were applied to identify a variety of complex organic and inorganic samples. This work illustrates how LIBS analyzers can answer a multitude of real-world needs for rapid analysis, such as determination of lead in paint and children's toys, analysis of electronic and solder materials, quality control of fiberglass panels, discrimination of coffee beans from different vendors, and identification of generic versus brand-name drugs. Lateral and depth profiling was performed on children's toys and paint layers. Traditional one-element calibration or multivariate chemometric procedures were applied for elemental quantification, from single laser shot determination of metal traces at {approx}10 {mu}g/g to determination of halogens at 90 {mu}g/g using 50-shot spectral accumulation. The effectiveness of LIBS for security applications was demonstrated in the field by testing the 50-m standoff LIBS rasterizing detector.

Bol'shakov, Alexander A.; Yoo, Jong H.; Liu Chunyi; Plumer, John R.; Russo, Richard E.

2010-05-01

488

Security  

ERIC Educational Resources Information Center

Anytime, anywhere, learning provides opportunities to create digital learning environments for new teaching styles and personalized learning. As part of making sure the program is effective, the safety and security of students and assets are essential--and mandated by law. The Children's Internet Protection Act (CIPA) addresses Internet content…

Technology & Learning, 2008

2008-01-01

489

NUPlans Web Commitments  

E-print Network

NUPlans Web Commitments Job Aid CommitmentsNUPlansWebV1.1 Last Updated 4/14/2013 - mac © 2013 Northwestern University FMS705 NUPlans Web 1 of 3 Commitments in NUPlans Web Commitments are a form of revenue of commitment funds. The process is facilitated in NUPlans Web. Note: security access is required to view

Shull, Kenneth R.

490

Design and Implementation of Security Camera Control Application for Mobile Phones  

Microsoft Academic Search

In recent years, due to the rise in crime, growing numbers of governments, companies, and schools are equipping their facilities with security cameras to deter crime and to investigate crimes that have happened. In this study, we investigate a distributed application that provides an efficient access method for security cameras placed in various areas. Peer-to-peer is a suitable technology for

Takeshi Kato; Tomoyuki Osano; Norihiro Ishikawa

2009-01-01

491

Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems  

E-print Network

Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems David enabling the flexibility and independence of a multi-market environment. We propose Meteor as a security- plication (Meteorite) to demonstrate the technical feasibility of our proposal. The Meteor approach provides

Van Oorschot, Paul

492

Rule 144: The Applicability of the Restricted Securities Requirements to Colleges and Universities  

ERIC Educational Resources Information Center

The Federal Securities and Exchange Commission's new Rule 144 applicable to public transactions in restricted securities is reviewed with the conclusion that maximum benefits to colleges and universities can be obtained only after various areas of uncertainty engendered by the Rule are clarified by the Commission. (JT)

Hopkins, Bruce R.

1973-01-01

493

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.  

PubMed

Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content and explain why they are ineffectual. We then present NoFrak, a capability-based defense against fracking attacks. NoFrak is platform-independent, compatible with any framework and embedded browser, requires no changes to the code of the existing hybrid apps, and does not break their advertising-supported business model. PMID:25485311

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-02-01

494

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks  

PubMed Central

Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content and explain why they are ineffectual. We then present NoFrak, a capability-based defense against fracking attacks. NoFrak is platform-independent, compatible with any framework and embedded browser, requires no changes to the code of the existing hybrid apps, and does not break their advertising-supported business model. PMID:25485311

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-01-01

495

Modeling and Simulation of Healthcare Systems for Homeland Security Applications  

E-print Network

ACKNOWLEDGMENTS The U.S. Department of Homeland Security Science and Technology Directorate sponsored> ... ... Principal Project Staff Charles McLean, National Institute of Standards and Technology, Gaithersburg, MD Y by U.S. Department of Homeland Security And National Institute of Standards and Technology #12;ii

Magee, Joseph W.

496

Extending a Conceptual Modelling Approach to Web Application Design  

Microsoft Academic Search

Abstract This article presents OO-HMethod, an extension of the OOMethod conceptual modelling approach to address the particulars associated with the design of web interfaces. It is based on the OO-Method class diagram, which captures the statics of the system. The design of the interface appearance and the navigation paths are driven by the user navigation requirements. To achieve its goal,

Jaime Gómez; Cristina Cachero; Oscar Pastor

2000-01-01

497

Adaptation of web pages and images for mobile applications  

NASA Astrophysics Data System (ADS)

In this paper, we introduce our new visualization service which presents web pages and images on arbitrary devices with differing display resolutions. We analyze the layout of a web page and simplify its structure and formatting rules. The small screen of a mobile device is used much better this way. Our new image adaptation service combines several techniques. In a first step, border regions which do not contain relevant semantic content are identified. Cropping is used to remove these regions. Attention objects are identified in a second step. We use face detection, text detection and contrast based saliency maps to identify these objects and combine them into a region of interest. Optionally, the seam carving technique can be used to remove inner parts of an image. Additionally, we have developed a software tool to validate, add, delete, or modify all automatically extracted data. This tool also simulates different mobile devices, so that the user gets a feeling of how an adapted web page will look like. We have performed user studies to evaluate our web and image adaptation approach. Questions regarding software ergonomics, quality of the adapted content, and perceived benefit of the adaptation were asked.

Kopf, Stephan; Guthier, Benjamin; Lemelson, Hendrik; Effelsberg, Wolfgang

2009-02-01

498

CaTTS: Calendar Types and Constraints for Web Applications  

Microsoft Academic Search

Data referring to cultural calendars such as the widespread Gregorian dates but also dates after the Chinese, Hebrew, or Islamic calendars as well as data referring to professional calendars like fiscal years or teaching terms are omnipresent on the Web. Formalisms such as XML Schema have acknowledged this by offering a rather extensive set of Gregorian dates and times as

Franccois Bry; Frank-Andr'e Rieß; Stephanie Spranger

2005-01-01

499

Web 2.0 Technologies: Applications for Community Colleges  

ERIC Educational Resources Information Center

The current generation of new students, referred to as the Millennial Generation, brings a new set of challenges to the community college. The influx of these technologically sophisticated students, who interact through the social phenomenon of Web 2.0 technology, bring expectations that may reshape institutions of higher learning. This chapter…

Bajt, Susanne K.

2011-01-01

500

A survey of the application of Web 2.0 in Australasian university libraries  

Microsoft Academic Search

Purpose – This paper aims to provide an overall picture of the application of Web 2.0 technologies in Australasian university libraries. The focus of the research was what types of Web 2.0 technologies were applied in such libraries as well as their purposes and features. Design\\/methodology\\/approach – Content analysis was used in terms of quantitative approach. A checklist as the

Nguyen Cuong Linh

2008-01-01