What Makes an Effective Information Security Policy?

It is a well-known fact that the information security policy is one of the most important controls needed within an organization to manage the implementation and ensure the effectiveness of information security. The information security policy is essentially the direction-giving document in an organization and defines the broad boundaries of information security. Furthermore, it indicates management’s commitment to, and support for, information security in an organization and defines the role it has to play in reaching and supporting the organization’s vision and mission.     

如何选择有价值的展览会

在当前的经济形势下,企业在营销方面的投入非常谨慎,正确选择有价值的展会尤为重要.现在各种展会繁多,应接不暇,希望本文对判断展会价值、选择参加合适的展会起到积极有益的作用.文章基于笔者本人多年参展、参观和举办展会的经验而作,读者参加任何展会应根据自有情况和喜好做出自己的判断和选择.     

如何选择有价值的展览会

展览会是展销、采购、业务合作和信息交流、产品品牌和企业形象宣传的平台。现代市场经济体制下,大部分展览会都是由供应方订购场地,搭建展位,向需求方提供产品和技术服务。而需求方作为专业观众与多家供应商洽谈采购。需求方一般为行业内供应链的下游或最终消费品市场供应的上游,供需双方各自为了自己的目的参加展览会。很多大型企业参加展览会可以同时达到多方面目的,既销售产品和技术又采购原料和零部件,既争取当前各项具体业务的发展又谋求长远的品牌战略和企业形象宣传。那么如何选择有价值的展览会呢?这就要看是否能投入少见效多,就要看展览会是否能使参与各方都达到上述参展目标而产生多赢的效果。本文将初步分析展览会的价值构成,供读者选择参加展览参考。     

From Böhm's Theorem to Observational Equivalences: an Informal Account

There are essentially two ways of looking at the computational behaviours of λ-terms. One consists in putting the term within a context (possibly of λ-calculus extensions) and observing some properties (typically termination). The other consists in reducing the term until some meaningful information is obtained: this naturally leads to a tree representation of the information implicitly contained in the original term. The paper is an informal overview of the role played by Böhm's Theorem in these observations of terms.     

A Formal Model for Representation and Querying of Structured Documents

Most documents have a hierarchical structure, which can be made explicit by markup languages such as SGML. In this paper we propose a formal model for representation of hierarchically structured documents, to be used as the basis for document query languages. The model uses a redundant representation of the document elements to simplify the expression of common queries. As an illustration of the power of the model we show how queries might be expressed, both as set-theoretic expressions and in a simple algebra, and outline how queries might be evaluated in a practical system.     

装配空间关系形式表达

装配空间关系形式表达是实现产品装配空间语义查询、分析和装配序列规划的基础.结合机械产品装配的特点,对装配空间的拓扑关系和方向关系进行分析,提出空间拓扑的邻接关系、插入关系和分离关系;基于形态分类学和拓扑集描述逻辑理论,给出装配空间拓扑关系和方向关系相结合的装配空间关系的形式表达;通过三维实体边界几何处理,实现形式表达中原子关系的定义;基于形式表达语义的推理方法,自动建立复杂装配体之间空间关系,并且可以将自动标注的空间关系基于本体的RDF/XML文档输出.最后给出一个注射模装配空间关系自动标注及形式表达的实例,结果表明,文中提出的语义推理方法能较好地实现装配关系的形式表达.     

软件构件表示与检索形式化的研究与进展

1 引言软件复用被认为是提高软件生产效率和软件质量较为现实的途径。尽管软件复用的思想已经提出了30多年,但软件复用的现状离人们最初的设想仍然相距甚远。阻碍大规模软件复用的技术与非技术因素很多,主要的技术因素有构件分类、构件表示、构件检索、构件更改及构件库的管理与维护等。其中,软件构件表示与检索是软件复用获得成功的重要前提。     

What Makes the History of Software Hard

History of commitments constrains choice. Narrow incentives and opportunities motivate choice.—Rob Kling and Walt Scacchi1We never have a clean slate. Whatever new we do must make it possible for people to make a transition from old tools and ideas to new.—Bjarne Stroustrup2Creating software for work in the world has meant translating into computational models the knowledge and practices of the people who have been doing that work without computers. What people know and do reflects their particular historical experience, which also shapes decisions about what can be automated and how. Software thus involves many histories and a variety of sources to be read in new ways.     

异质信息网络表征学习综述

随着信息技术的快速发展,信息网络无处不在,例如社交网络、学术网络、万维网等.由于网络规模不断扩大以及数据的稀疏性,信息网络的分析方法面临巨大挑战.作为应对网络规模及数据稀疏挑战的有效方法,信息网络表征学习旨在利用网络的拓扑结构、节点内容等信息将节点嵌入到低维的向量空间中,同时保留原始网络固有的结构特征和内容特征,从而使...     

自然灾害应急预案形式化表示技术

自然灾害应急预案描述了应急响应事件处置的领域知识,是高效应急反应的基础.当前应急预案大多以非结构化文本形式存在,不利于应急决策者快速准确地获取应急处置知识,阻碍了信息技术在自然灾害应急管理中的应用.针对这一现状,对文本应急预案内容进行分析,结合应急组织协调联动过程,提出了一种基于本体的自然灾害应急预案形式化表示方法,并通过系统实现来说明本方法的有效性.     

Web信息提取的形式化分析

文章从分析一个实例出发，采用标记索引集的方法建立了一种Web信息提取的形式化模型。该模型是构建包装器的基础，它对于表格化Web信息具有普遍的适应性。     

规划的形式表示技术研究

智能规划是人工智能研究领域中的一个富有挑战性的课题.同时,智能规划问题具有广泛的实际应用背景.而自动规划问题面临的首要问题是规划问题的形式表示问题.本文系统地分析了情景演算,STRIPS,PDDL,HTN等各种规划形式表示技术,比较了各种形式表示技术的优缺点,并指出了进一步研究设计高效智能规划系统的方向.     

The 2005 UbiApp Workshop: What Makes Good Application-Led Research?

Some members of the ubiquitous computing community feel that application-led research needs to make more coherent progress. Their perception is that with few exceptions, such research is neither systematically building on what little new knowledge it has derived so far nor setting specific challenges and benchmarks to guide its progress. In light of these concerns, the 2005 UbiApp workshop's tenet was that ubiquitous computing research could benefit from better metrics for the selection, analysis, and evaluation of applications and common infrastructure. The workshop aimed to identify methodological problems in the way researchers conduct application-led research and to recommend how to address these problems.     

Towards a Formal Account of Reasoning about Evidence: Argumentation Schemes and Generalisations

This paper studies the modelling of legal reasoning about evidence within general theories of defeasible reasoning and argumentation. In particular, Wigmore's method for charting evidence and its use by modern legal evidence scholars is studied in order to give a formal underpinning in terms of logics for defeasible argumentation. Two notions turn out to be crucial, viz. argumentation schemes and empirical generalisations.     

Creating an Effective Information Environment: Management Perspectives and Personnel

For an information environment to be truly effective, its resources must be managed so that they are in synch with the overall organizational goals and strategies. the first part in a two-part series, this article lays the foundation for effective resource management as well as the management of the most important IT resource, its personnel.     

不完备知识下的形式概念表示与计算

从集合的角度来说,知识就是数据集合在某种关系下的划分。如果这个数据集的某些属性值是未知的或丢失了,那么知识就是不完备（incomplete）的。传统形式概念分析是源于完备数据集的（完备知识）。在不完备知识下的概念分析一般说来比完备知识更困难。本文提出了一个新的不完备知识下形式概念表示与计算的方法,这种方法是基于泛化粗糙集理论的,其目的是扩展形式概念分析研究的领域。文中研究了一个基于自反相似关系的粗糙集模型,讨论了基于这种模型的形式概念分析方法。一个实例表明了这种方法的可行性。     

A Formal Methodology for Detecting Managerial Vulnerabilities and Threats in an Enterprise Information System

From information security point of view, an enterprise is considered as a collection of assets and their interrelationships. These interrelationships may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or in the installation of software or in the information assets. As a result, access to one element may enable access to another if they are connected. An enterprise may specify conditions on the access of certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to managerial vulnerabilities in the enterprise information system. These vulnerabilities, if exploited by threats, may cause disruption to the normal functioning of information systems. This paper presents a formal methodology for detection of managerial vulnerabilities of, and threats to, enterprise information systems in linear time.     

Information Flow Certification Using an Intermediate Code Program Representation

This paper describes a compile-time information flow control (IFC) mechanism that certifies secure information flow within the collection of objects accessed by a program. The IFC mechanism is based on the lattice model and certification mechanism of Denning, who proposes the use of the mechanism during the analysis phase of compilation. However, IFC is placed after semantic analysis and before code optimization by ufilizing an intermediate code representation. This reduces the complexity of IFC and allows a degree of language independence. An implentation has been developed for Pascal.