From POTS to PANS: a commentary on the evolution to Internettelephony

A PSTN phone can generate only a small set of signaling events and tones, and cannot receive or process signaling of any sophistication. Packet phones, on the other hand, can receive and process signaling automatically and also send signaling out of band as a separate set of IP packets. Evolution from plain old telephony services (POTS) to IP telephony therefore promises some pretty amazing new services (PANS). It will nevertheless take many years to transition to a purely packet-based environment. The authors describe aspects of the evolution of telephony networks and services as they relate to the underlying changes in technology. The following technologies are mentioned: Internet telephony; intelligent networks; billing information systems; electronic commerce     

Role engineering: From design to evolution of security schemes

This paper presents a methodology to design the RBAC (Role-Based Access Control) scheme during the design phase of an Information System. Two actors, the component developer and the security administrator, will cooperate to define and set up the minimal set of roles in agreement with the application constraints and the organization constraints that guarantee the global security policy of an enterprise. In order to maintain the global coherence of the existing access control scheme, an algorithm is proposed to detect the possible inconsistencies before the integration of a new component in the Information System.     

The evolution of web-based optimisation: From ASP to e-Services

In many application domains, optimisation and other analytic models are often embedded as a decision engine within the respective business processes. In this paper, we study recent trends in the provision of optimisation tools and optimisation-based decision support systems (DSS) as web-enabled distributed applications. We analyse the evolution from the Application Service Provision (ASP) model to the e-Services model, and we illustrate the importance of distributed optimisation components in the effective deployment of embedded “business analytics”. We finally provide an overview of the OSP and the WEBOPT projects, which deliver optimisation-based applications and optimisation components in a distributed environment.     

利用弱点评估提高入侵检测系统性能的分析与实现

当前的入侵检测系统存在的虚警问题和报警量过大的问题严重影响了在实际中的应用效果。分析了系统弱点与入侵之间的关系,提出了弱点信息与入侵检测报警信息的关联的表示方法,给出了利用它们之间的关联提高入侵检测系统性能的实现框架。     

QuesTInSitu: From tests to routes for assessment in situ activities

Test-based assessment tools are mostly focused on the use of computers. However, advanced Information and Communication Technologies, such as handheld devices, opens up the possibilities of creating new assessment scenarios, increasing the teachers’ choices to design more appropriate tests for their subject areas. In this paper we use the term Computing-Based Testing (CBT) instead of Computer-Based Testing, as it captures better the emerging trends. Within the CBT context, the paper is centered on proposing an approach for “Assessment in situ” activities, where questions have to be answered in front of a real space/location (situ). In particular, we present the QuesTInSitu software implementation that includes both an editor and a player based on the IMS Question and Test Interoperability specification and GoogleMaps. With QuesTInSitu teachers can create geolocated questions and tests (routes), and students can answer the tests using mobile devices with GPS when following a route. Three illustrating scenarios and the results from the implementation of one of them in a real educational situation show that QuesTInSitu enables the creation of innovative, enriched and context-aware assessment activities. The results also indicate that the use of mobile devices and location-based systems in assessment activities facilitates students to put explorative and spatial skills into practice and fosters their motivation, reflection and personal observation.     

Process situation assessment: From a fuzzy partition to a finite state machine

Process situation assessment plays a major role in supervision of complex systems. The knowledge of the system behavior is relevant to support operators in their decision tasks. For complex industrial processes such as chemical or petrochemical ones, most of supervision approaches are based on data acquisition techniques and specifically on clustering methods to cope with the difficulty of modeling the process. Consequently, the system behavior can be characterized by a state space partition. This way, situation assessment is performed online through the tracking of the system evolution from one class to another. Furthermore, a finite state machine that is a support tool for process operators is elaborated to model the system behavior. This article presents theoretical aspects according to which the intuition that the trajectory observation of a dynamical system by a sequence of classes, to which the actual state belongs, gives valuable information about the real behavior of the system is substantiated. Thus, practical aspects are developed on the state machine construction and illustrated by two simple applications in the domain of chemical processes.     

An OVAL-based active vulnerability assessment system for enterprise computer networks

Many security problems are caused by vulnerabilities hidden in enterprise computer networks. It is very important for system administrators to have knowledge about the security vulnerabilities. However, current vulnerability assessment methods may encounter the issues of high false positive rates, long computational time, and requirement of developing attack codes. Moreover, they are only capable of locating individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities on a host or a section of network with the vulnerabilities possibly distributed among different hosts. To address these issues, an active vulnerability assessment system NetScope with C/S architecture is developed for evaluating computer network security based on open vulnerability assessment language instead of simulating attacks. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory and are correlated so as to automatically construct potential attack paths with strong operation power of relational database management system. The testing results from a series of experiments show that this system has the advantages of a low false positive rate, short running periods, and little impact on the performance of audited systems and good scalability. The security vulnerabilities, undetectable if assessed individually in a network, are discovered without the need to simulate attacks. It is shown that the NetScope system is well suited for vulnerability assessment of large-scale computer networks such as campus networks and enterprise networks. Moreover, it can also be easily integrated with other security tools based on relational databases.

A computational intelligence-based suite for vulnerability assessment of electrical power systems

This paper discusses the feasibility of implementing computational intelligence algorithms for power system analysis in an open source environment. The scope is specially oriented to education, training and research. In particular, the paper describes a software package, namely Computational Intelligence Applications to Power System (CIAPS), that implements a variety of heuristic techniques for vulnerability assessment of electrical power systems. CIAPS is based on Matlab and suited for analysis and simulation of small to large size electric power systems. CIAPS is used for solving power flow, optimal power flow, contingency analysis based on artificial neural networks and fuzzy logic techniques. A variety of illustrative examples are given to show the features of the developed software tool.     

安防系统弱点评估算法的可视化实现

对安全防范系统（SPS）而言,弱点评估是系统效能评估的重要组成部分。现有的弱点评估算法普遍使用的入侵序列图（ASD）模型,在准确性、可靠性和直观性上存在一定的缺陷。对现有的弱点评估算法进行改进。提出用二维地图替代入侵序列图进行系统建模;引入广义的启发式搜索算法,以满足动态效能评估的实时性要求;添加防护元件的灵敏度分析模块,使系统在进行定期维护与升级时能获得最高的成本-效益。提出的算法已经通过编程实现,并用得到的VVA-SPS（Visualized Effectiveness Assessment of Security and Protection Systems）程序针对不同防护对象进行了算法的有效性验证。     

Analyzing evolution of variability in a software product line: From contexts and requirements to features

Context

In the long run, features of a software product line (SPL) evolve with respect to changes in stakeholder requirements and system contexts. Neither domain engineering nor requirements engineering handles such co-evolution of requirements and contexts explicitly, making it especially hard to reason about the impact of co-changes in complex scenarios.

Objective

In this paper, we propose a problem-oriented and value-based analysis method for variability evolution analysis. The method takes into account both kinds of changes (requirements and contexts) during the life of an evolving software product line.

Method

The proposed method extends the core requirements engineering ontology with the notions to represent variability-intensive problem decomposition and evolution. On the basis of problemorientation, the analysis method identifies candidate changes, detects influenced features, and evaluates their contributions to the value of the SPL.

Results and Conclusion

The process of applying the analysis method is illustrated using a concrete case study of an evolving enterprise software system, which has confirmed that tracing back to requirements and contextual changes is an effective way to understand the evolution of variability in the software product line.     

From paper to pixels: A comparison of paper and computer formats in psychological assessment

Internet based data collection methods have many advantages for psychological assessment when compared with more traditional paper formats, including, reduced costs, and greater convenience for both the researcher and the participant. However, prior to the wide-spread adoption of these methods, equivalence with paper tests formats must be established. The present study compared questionnaire data from the computer with that from a traditional paper format in a sample of college students both directly and through an opinion survey. Three types of questionnaires that represent distinct areas commonly assessed in psychological research included: quality of life (SF-36), depression (BDI-II) and personality (NEO). A within-subjects design counterbalanced order across the computer and paper formats. Overall the findings showed no differences for the Neuroticism and Extraversion facts of the NEO, for the BDI and for the subscales and composite scores of the SF-36. Significant differences were found between the paper and computer formats for the Openness, Agreeableness, and Conscientiousness facets of the NEO. Additionally, the computer was perceived to be convenient, user-friendly, comfortable, and secure. Results suggest that a computerized format is an efficient way to conduct quality of life research, especially for the assessment of distress levels and quality of life.     

A lightweight web-based vulnerability scanner for small-scale computer network security assessment

There appears to be a common perception amongst average computer users pointing towards a global lack of trust when using the Internet. The resolution of this lack of trust relating to the use of the Internet, particularly orientated towards its commercial use and online purchasing, requires partly from website developers to create and maintain web applications that are robust and provide a certain degree of resilience to attack from outside threats. This project intends to contribute to this particular aspect by providing site developers and system testers, as well as simple site users, with a tool for reconnaissance, vulnerability scanning and remote network mapping that is easily accessible and useable due to its web-based and visual, event-driven interface. It is anticipated that the cumbersome task of learning to use a number of command line tools and their exact functionality and parameters can be avoided through this and similar developments, and hence that this will potentially widen the access to security testing, particularly to small and medium businesses.     

The vulnerability of structures to unforeseen events

A structure is vulnerable to an unforeseen event if it is not sufficiently robust. One insight into the lack of robustness is gained through the vulnerability of a structure to disproportionate collapse. In this paper, the importance of assessing the vulnerability of a structure to unforeseen events is highlighted and the nature of unforeseen events examined. A theory of structural vulnerability which examines the form of the structure to determine the most vulnerable sequence of failure events is briefly described. The potential for damage to propagate through a structure is examined through a new measure of hazard potential and vertical pushover analysis. An analysis of an example structure shows that such an approach is able to capture the weaknesses in a structure either due to form or external actions.     

爱敏捷，爱自由

仲夏之夜,一个五层楼的天台上传出轻快的音乐,一群年轻人聚集在这里,桌子上摆放着各种颜色的酒水和饮料,中间的两个大横桌上摆放了各种精致的美食。一阵欢快的笑声传来,寻声望去,天台的一角有一个桌上足球案,几个年轻人正在激烈的对逐。而天台的另一侧则摆放着两个红彤彤的炭火炉。     

On the vulnerability of face verification systems to hill-climbing attacks

In this paper, we use a hill-climbing attack algorithm based on Bayesian adaption to test the vulnerability of two face recognition systems to indirect attacks. The attacking technique uses the scores provided by the matcher to adapt a global distribution computed from an independent set of users, to the local specificities of the client being attacked. The proposed attack is evaluated on an eigenface-based and a parts-based face verification system using the XM2VTS database. Experimental results demonstrate that the hill-climbing algorithm is very efficient and is able to bypass over 85% of the attacked accounts (for both face recognition systems). The security flaws of the analyzed systems are pointed out and possible countermeasures to avoid them are also proposed.