Designing a practical user interface for an expert system shell

Abstract: This paper describes some of the problems encountered in developing a user interface for a commercial expert system. The emphasis is on the practical side of interface implementation while attempting to follow the many guidelines presented in the literature.     

A practical use of cellular neural networks: the stereo-vision problem as an optimisation

A variational way of deriving the relevant parameters of a cellular neural network (CNN) is introduced. The approach exploits the CNN spontaneous internal-energy decrease and is applicable when a given problem can be expressed in terms of an optimisation task. The presented approach is fully mathematical as compared with the typical heuristic search for the correct parameters in the literature on CNNs. This method is practically employed in recovering information on the three-dimensional structure of the environment, through the stereo vision problem. A CNN able to find the conjugate points in a stereogram is fully derived in the proposed framework. Results of computer simulations on several test cases are provided. Received: 1 August 1997 / Accepted: 29 September 1999     

Security services as coping mechanisms: an investigation into user intention to adopt an email authentication service

Email plays an important role in the digital economy but is threatened by increasingly sophisticated cybercrimes. A number of security services have been developed, including an email authentication service designed to cope with email threats. It remains unknown how users perceive and evaluate these security services and consequently form their adoption intention. Drawing on the Technology Acceptance Model and Technology Threat Avoidance Theory, this paper investigates the factors that affect user intention to adopt an email authentication service. Our results show that user intention to adopt an email security service is contingent upon users' perception of risk and evaluation of both internal and external coping strategies. This study contributes to research in security service adoption, service success and design, and information security behaviour.     

Information security strategies: towards an organizational multi-strategy perspective

There considerable advice in both research and practice oriented literature on the topic of information security. Most of the discussion in literature focuses on how to prevent security attacks using technical countermeasures even though there are a number of other viable strategies such as deterrence, deception, detection and response. This paper reports on a qualitative study, conducted in Korea, to determine how organizations implement security strategies to protect their information systems. The findings reveal a deeply entrenched preventive mindset, driven by the desire to ensure availability of technology and services, and a comparative ignorance of exposure to business security risks. Whilst there was some evidence of usage of other strategies, they were also deployed in a preventive capacity. The paper presents a research agenda that calls for research on enterprise-wide multiple strategy deployment with a focus on how to combine, balance and optimize strategies.     

Assessing user interfaces for diverse user groups: Evaluation strategies and defining characteristics

User interface designers are challenged to design for diverse users, including those of different genders, cultures and abilities; however, little research has been directed at this problem. One factor which may inhibit such research is its cost. This paper presents an approach which offers a way to seek out important characteristics of designs in a cost-effective way and reports on the results. In a study reported here, subjects from different nationalities and of both genders evaluated three dialog boxes specifically designed for 'white American women'. 'European adult male intellectuals', and 'English-speaking-internationals'. The dialog boxes were evaluated with conjoint techniques of preference rankings, and factor-analysed adjective ratings. These results showed that female subjects had stronger and more consistent patterns of preferences than the male subjects. All subjects preferred interfaces rated high on an accessibility factor and disliked complex layouts; this effect was even stronger for women. Nationality did not effect ratings. Gender had a stronger effect on the outcome than nationality.     

Assessing user interfaces for diverse user groups: evaluation strategies and defining characteristics

User interface designers are challenged to design for diverse users, including those of different genders, cultures and abilities; however, little research has been directed at this problem. One factor which may inhibit such research is its cost. This paper presents an approach which offers a way to seek out important characteristics of designs in a cost-effective way and reports on the results. In a study reported here, subjects from different nationalities and of both genders evaluated three dialog boxes specifically designed for 'white American women'. 'European adult male intellectuals', and 'English-speaking-internationals'. The dialog boxes were evaluated with conjoint techniques of preference rankings, and factor-analysed adjective ratings. These results showed that female subjects had stronger and more consistent patterns of preferences than the male subjects. All subjects preferred interfaces rated high on an accessibility factor and disliked complex layouts; this effect was even stronger for women. Nationality did not effect ratings. Gender had a stronger effect on the outcome than nationality.     

MVX-CFI:一种实用的软件安全主动防御架构

软件安全是网络空间安全中最重要的环节。早期的软件安全解决方案大多是发现安全威胁后再逐一解决的被动防御方案。为了有效应对各类安全威胁,防御方法逐渐从被动过渡到主动。在众多的主动防御方法中,从系统执行架构角度出发构建内生防御能力的软件多变体执行架构技术受到了广泛关注,它通过异构、冗余执行体之间的相对正确性检查发现攻击行为,不依赖于具体安全威胁的特征检测,可实时检测并防御大多数已知、甚至未知安全威胁。然而,该方法面向实际应用部署存在较大的性能瓶颈。控制流完整性（CFI）是一种理想的安全解决方案,但由于其性能损失和兼容性问题也未被广泛采用。本文将两者有效结合提出一种基于多变体执行架构的CFI （MVX-CFI）。MVX-CFI是一种基于执行架构的、动态、透明的CFI实施方法,它能够有效捕获软件整个运行时控制流的走向并发现由攻击等恶意行为引起的非法路径转移。MVX-CFI通过MVX可形式化验证的高可信表决机制在运行时动态建立描述应用程序高频执行路径的控制流子图（Sub-CFG）,并作为检测模型正向反馈到MVX用于辅助检测,减少了传统MVX大量重复的表决工作,提高了MVX的执行性能。Sub-CFG具有在线分离软件执行过程中高频路径和低频路径的能力,这一特性为软件预置后门的检测提供了一种思路。实验评估表明,本文的改进方法提高了原架构的执行效率,同时保证了在安全防御方面的有效性。     

New probabilistic models for managing user’s locations in PCS networks

Personal communication service (PCS) networks enable mobile terminals (MTs) to communicate regardless of their locations. However, in order to guarantee an efficient service delivery, MTs’ real time locations should be perfectly managed. Location management (LM) includes two fundamental processes; registration and paging. The former is concerned with the reporting of the current locations of the MTs, while the latter is used to locate a MT. Both processes incur signaling cost across the wireless channel. The more the location updates, the less the paging signaling cost, thus there is a tradeoff in terms of signaling cost. Due to the scarcity of PCS wireless bandwidth, it is important to reduce that signaling cost. As The blanket paging in current mobile networks wastes a lot of wireless bandwidth, we focus on the subject of paging and try to reduce the paging signaling cost under a predefined delay bound. Our contribution can be summarized as: (i) establishing a family of probability based paging strategies; (ii) introducing a novel topology for PCS registration area, which is called the hot spot topology (HST); (iii) based on HST, a novel LM strategy, which is called “Flower Based Strategy” had been introduced. Experimental results had shown that that the proposed paging strategies substantially lower the signaling cost of paging compared to the blanket one with a negligible increase in paging delay.     

System usage behavior as a proxy for user satisfaction: an empirical investigation

Organizations are increasingly recognizing that user satisfaction with information systems is one of the most important determinants of the success of those systems. However, current satisfaction measures involve an intrusion into the users' worlds, and are frequently deemed to be too cumbersome to be justified financially and practically. This paper describes a methodology designed to solve this contemporary problem. Based on theory which suggests that behavioral observations can be used to measure satisfaction, system usage statistics from an information system were captured around the clock for 6 months to determine users' satisfaction with the system. A traditional satisfaction evaluation instrument, a validated survey, was applied in parallel, to verify that the analysis of the behavioral data yielded similar results. The final results were analyzed statistically to demonstrate that behavioral analysis is a viable alternative to the survey in satisfaction measurement.     

A security policy framework for context-aware and user preferences in e-services

In today’s dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation.     

Evaluating system-based strategies for managing conflict in collaborative concept mapping

This study examined the influence of various conflict management mechanisms embedded into computer‐supported collaborative concept mapping systems on the behaviour and learning of elementary students. Four conflict management mechanisms were compared: an assign design, in which the mapping control was designated to a particular group member; a rotate design, in which the mapping control was rotated among the group members; a give design, in which the child with mapping control could relinquish control to another group member; and an open design, in which every group member simultaneously had mapping control. Ninety‐six fifth and sixth grade Taiwanese students participated in this study. They were arranged into assign, rotate, give, or open three‐member groups to generate collaboratively shared concept maps. Student interactions, attitudes, and achievement were analysed. The results suggest that each conflict management mechanism has a different effect on the elementary students.     

Managing network security: Security education in the information age

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programs has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Behavioural threshold analysis: methodological and practical considerations for applications in information security

ABSTRACT

The application of behavioural threshold analysis to analyse group behaviour in information security presents a unique challenge in terms of the measurement instruments and methodology used to gather relevant attitude data. This paper presents an analysis of the specialised requirements for such a measurement instrument and makes methodological recommendations on the content and especially presentation of information security topics in a measurement instrument for this context. A comparison between existing methods and the specific requirements for threshold analysis is presented and serves as the main rationale for the suggested methodology. The recommended methodology and subsequent measurement instrument were implemented and experimentally tested in case studies to gauge their feasibility. Applications of behavioural threshold analysis in information security that follow the recommended methodology suggested in this article performed satisfactorily and elicits cause for further real-world experimentation.     

Managing Network Security — Part 3: Network security as a control issue

The movement toward a highly distributed environment has been reflected in a highly distributed management control process. This management process often consists of virtual organizations —vorgs. Infosec vorgs rule by consensus, good will, moral persuasion and strategic placement and planning. They derive their power from momentum, the weight of their aggregate force within the organization, and the strength of their champion. Infosec vorgs provide management with control by providing an ability to effect large-scale changes, providing an ability to collect and aggregate information from the entire organization, and providing expertise to analyse and make prudent decisions based on that information.     

A practical key management scheme for access control in a user hierarchy

In a user hierarchy we say that a security class is subordinate to another security class if the former has a lower security privilege than the latter. To implement such a hierarchical structure, it is often desirable to allow the user of each security class to derive the keys of its subordinating classes. This problem has been extensively studied but the existing solutions have various drawbacks. In this paper, we present a practical solution to this problem, which is an efficient key management scheme that needs only a reasonable amount of extra storage. It is secure because illegal key derivations are prevented, and key replacements do not reveal information about the relationship between the old key and the new key. It is also very flexible in that it supports convenient topological changes and membership updates. Furthermore, it provides a solution to the ex-member problem, that has been ignored in many existing research works.     

Incorporating user preferences in ant colony optimization for the next release problem

The selection of which requirements should be implemented in the next software release is an important and complex task in the software development process, considering the presence of budget constraints and other conflicting aspects. In this context, search based software engineering, has the main objective of applying automatic search methods to solve complex software engineering problems. However, most of these methods do not consider human expertise during the search, especially due to the difficulty in mathematically modeling the user's preferences. Consequently, the user can present some resistance or place little confidence in the final results, given that his/her knowledge and domain expertise was not properly considered in the solution construction. This paper aims at proposing an interactive model for the next release problem using ant colony optimization, where the user can define which requirements he/she would like to include or not in the next release. Employing humans and a simulator, an empirical study was performed that considers real-world and artificial instances. The achieved results demonstrate that the loss of score was, on average, 12% when it was compared with a solution with no human intervention. On the other hand, the algorithm generates solutions that have more than 80% of the met preferences, as defined by the users. Furthermore, the results showed that ACO can be an interesting choice as an interactive search engine, given the low quantity of interactions that are required to reach good solutions.     

A practical divide-and-conquer algorithm for the rectangle intersection problem

We reconsider the problem of finding all pairwise intersections in a set of isooriented rectangles. It has been shown previously that time- and space-optimal solutions for this problem can be obtained using either the line-sweep or the divide-and-conquer paradigm. In this paper we concentrate on some practical aspects of a divide-and-conquer solution. We develop a divide-and-conquer algorithm which solves the problem directly rather than by solving two subproblems, treats special cases elegantly, and has a simple implementation. It has been noted recently that in practical applications the usual assumption that all input data fit into main memory (at the same time) is often unrealistic. This implies that algorithms with sublinear internal space requirements are needed. In the second part of this paper we show that the divide-and-conquer approach supports space-saving techniques very well. If, for instance, any vertical cross section through the set of n rectangles intersects at most c rectangles [in practice this often holds for c = O(√n)], then our algorithm can easily be modified to run in O(c) internal space and still optimal time. Another modification permits to run the algorithm completely or partly externally. That is, the internal space requirements can be selected to be O(m), for 1 ⩽ m ⩽ n, without increasing the asymptotic time complexity or requiring “too many” disk accesses. This means that the problem can be solved efficiently even on a very small computer.     

Learning machiavellian strategies for manipulation in Stackelberg security games

This paper suggests a new approach for repeated Stackelberg security games (SSGs) based on manipulation. Manipulation is a strategy interpreted by the Machiavellianism social behavior theory, which consists on three main concepts: view, tactics, and immorality. The world is conceptualized by manipulators and manipulated (view). Players employ Machiavelli’s tactics and Machiavellian intelligence in order to manipulate attacker/defender situations. The immorality plays a fundamental role in these games, defenders are able to not be attached to a conventional moral in order to achieve their goals. We consider a security game model involving manipulating defenders and manipulated attackers engaged cooperatively in a Nash game and at the same time restricted by a Stackelberg game. The resulting game is non-cooperative bargaining game. The cooperation is represented by the Nash bargaining solution. We propose an analytical formula for solving the manipulation game, which arises as the maximum of the quotient of two Nash products. The role of the players in the Stackelberg security game are determined by the weights of the players for the Nash bargaining approach. We consider only a subgame perfect equilibrium where the solution of the manipulation game is a Strong Stackelberg Equilibrium (SSE). We employ a reinforcement learning (RL) approach for the implementation of the immorality. A numerical example related to developing a strategic schedule for the efficient use of resources for patrolling in a smart city is handled using a class of homogeneous, ergodic, controllable, and finite Markov chains for showing the usefulness of the method for security resource allocation.