WorldWideScience

Sample records for secure web application

  1. Lecture 3: Web Application Security

    CERN Multimedia

    CERN. Geneva

    2013-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

  2. Forensics Investigation of Web Application Security Attacks

    OpenAIRE

    Amor Lazzez; Thabet Slimani

    2015-01-01

    Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

  3. Secure Java For Web Application Development

    CERN Document Server

    Bhargav, Abhay

    2010-01-01

    As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

  4. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting...

  5. A Holistic Approach to Securing Web Applications

    OpenAIRE

    Stankovic, Srdjan; Simic, Dejan

    2010-01-01

    Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introdu...

  6. Directions for Web and E-Commerce Applications Security

    OpenAIRE

    Thuraisingham, Bhavani; Clifton, Chris; Gupta, Amar; Bertino, Elisa; Ferrari, Elena

    2003-01-01

    This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and ecommerce applications are discussed.

  7. Security Assessment of Web Based Distributed Applications

    Directory of Open Access Journals (Sweden)

    Catalin BOJA

    2010-01-01

    Full Text Available This paper presents an overview about the evaluation of risks and vulnerabilities in a web based distributed application by emphasizing aspects concerning the process of security assessment with regards to the audit field. In the audit process, an important activity is dedicated to the measurement of the characteristics taken into consideration for evaluation. From this point of view, the quality of the audit process depends on the quality of assessment methods and techniques. By doing a review of the fields involved in the research process, the approach wants to reflect the main concerns that address the web based distributed applications using exploratory research techniques. The results show that many are the aspects which must carefully be worked with, across a distributed system and they can be revealed by doing a depth introspective analyze upon the information flow and internal processes that are part of the system. This paper reveals the limitations of a non-existing unified security risk assessment model that could prevent such risks and vulnerabilities debated. Based on such standardize models, secure web based distributed applications can be easily audited and many vulnerabilities which can appear due to the lack of access to information can be avoided.

  8. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  9. JWIG: Yet Another Framework for Maintainable and Secure Web Applications

    DEFF Research Database (Denmark)

    Møller, Anders; Schwarz, Mathias Romme

    2009-01-01

    Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

  10. Asset Identification for Security Risk Assessment in Web Applications

    OpenAIRE

    Hisham M. Haddad; Brunil D. Romero

    2009-01-01

    As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in sec...

  11. The Web Application Hacker's Handbook Finding and Exploiting Security Flaws

    CERN Document Server

    Stuttard, Dafydd

    2011-01-01

    The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack technique

  12. Web application security: a beginner's guide

    National Research Council Canada - National Science Library

    Sullivan, Bryan; Liu, Vincent

    2012-01-01

    .... This practical resource includes chapters on authentication, authorization, and session management, along with browser, database, and file security--all supported by true stories from industry...

  13. Detection of the Security Vulnerabilities in Web Applications

    Directory of Open Access Journals (Sweden)

    2009-01-01

    Full Text Available The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process and their quality is the result of the lifecycle activities. The audit and evaluation processes are required by the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team must analyze the risks, threats and vulnerabilities of the information system. The paper highlights the security vulnerabilities in web applications and the processes of their detection. The web applications are used as IT&C tools to support the distributed information processes. They are a major component of the distributed information systems. The audit and evaluation processes are carried out in accordance with the international standards developed for information system security assurance.

  14. Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

    CERN Document Server

    Erdogan, Gencer

    2010-01-01

    There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

  15. Web application security analysis using the Kali Linux operating system

    OpenAIRE

    BABINCEV IVAN M.; VULETIC DEJAN V.

    2016-01-01

    The Kali Linux operating system is described as well as its purpose and possibilities. There are listed groups of tools that Kali Linux has together with the methods of their functioning, as well as a possibility to install and use tools that are not an integral part of Kali. The final part shows a practical testing of web applications using the tools from the Kali Linux operating system. The paper thus shows a part of the possibilities of this operating system in analaysing web applications ...

  16. Supporting secure programming in web applications through interactive static analysis

    Science.gov (United States)

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2013-01-01

    Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases. PMID:25685513

  17. Supporting secure programming in web applications through interactive static analysis

    Directory of Open Access Journals (Sweden)

    Jun Zhu

    2014-07-01

    Full Text Available Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

  18. Supporting secure programming in web applications through interactive static analysis.

    Science.gov (United States)

    Zhu, Jun; Xie, Jing; Lipford, Heather Richter; Chu, Bill

    2014-07-01

    Many security incidents are caused by software developers' failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

  19. Web application security is a stack how to CYA (cover your apps) completely

    CERN Document Server

    Mac Vittie, Lori

    2015-01-01

    The web application stack - a growing threat vector   Understand the threat and learn how to defend your organisation This book is intended for application developers, system administrators and operators, as well as networking professionals who need a comprehensive top-level view of web application security in order to better defend and protect both the 'web' and the 'application' against potential attacks. This book examines the most common, fundamental attack vectors and shows readers the defence techniques used to combat them. ContentsIntroductionAttack SurfaceThreat VectorsThreat Mitigatio

  20. To Study and Explain the Different Methods to Built a Secure Web Application

    OpenAIRE

    Parveen Kumar

    2012-01-01

    The secure web application is the most important thing for any type of transaction or similar things. Information security should enable, to the extent possible, a business to take the risks it is prepared to take on, by designing and deploying countermeasuresthat allow for sensible business risk. Additionally, seemingly small exposures should be dealt with if there is a business case. The role of the security architecture is not to steer the business away from risk, but rather to educate the...

  1. Secure Web Developers Needed!

    CERN Multimedia

    Computer Security Team

    2012-01-01

    You’re about to launch a new website? Cool!! With today’s web programming languages like PHP, Java, Python or Perl, complex websites can be created, easily fulfilling all your use cases. But hold on. Did you ever think about how easily this can be abused? Attackers today are already using automatic tools which can quickly and easily find and exploit vulnerable web applications.   Web applications often suffer from security vulnerabilities, i.e. design flaws or programming bugs that remained undetected during the whole software development cycle. In production these vulnerabilities become security holes, providing an opportunity for exploitation, and can pose immense security risks (and there is no reason to believe that CERN is immune to this). The costs associated with eliminating these bugs could be loosely described by the "1:10:100 rule", i.e. the relative costs for fixing are 1:10:100 for fixing them in the programming:testing:production phases. Thus, the...

  2. Web Security, Privacy & Commerce

    CERN Document Server

    Garfinkel, Simson

    2011-01-01

    Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

  3. Security Guidelines for the Development of Accessible Web Applications through the implementation of intelligent systems

    Directory of Open Access Journals (Sweden)

    Luis Joyanes Aguilar

    2009-12-01

    Full Text Available Due to the significant increase in threats, attacks and vulnerabilities that affect the Web in recent years has resulted the development and implementation of pools and methods to ensure security measures in the privacy, confidentiality and data integrity of users and businesses. Under certain circumstances, despite the implementation of these tools do not always get the flow of information which is passed in a secure manner. Many of these security tools and methods cannot be accessed by people who have disabilities or assistive technologies which enable people to access the Web efficiently. Among these security tools that are not accessible are the virtual keyboard, the CAPTCHA and other technologies that help to some extent to ensure safety on the Internet and are used in certain measures to combat malicious code and attacks that have been increased in recent times on the Web. Through the implementation of intelligent systems can detect, recover and receive information on the characteristics and properties of the different tools and hardware devices or software with which the user is accessing a web application and through analysis and interpretation of these intelligent systems can infer and automatically adjust the characteristics necessary to have these tools to be accessible by anyone regardless of disability or navigation context. This paper defines a set of guidelines and specific features that should have the security tools and methods to ensure the Web accessibility through the implementation of intelligent systems.

  4. Teaching Web Security Using Portable Virtual Labs

    Science.gov (United States)

    Chen, Li-Chiou; Tao, Lixin

    2012-01-01

    We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

  5. Web Application Vulnerabilities

    OpenAIRE

    Yadav, Bhanu

    2014-01-01

    Web application security has been a major issue in information technology since the evolvement of dynamic web application. The main objective of this project was to carry out a detailed study on the top three web application vulnerabilities such as injection, cross site scripting, broken authentication and session management, present the situation where an application can be vulnerable to these web threats and finally provide preventative measures against them. ...

  6. Modification of CAS-protocol for improvement of security web-applications from unauthorized access

    Directory of Open Access Journals (Sweden)

    Alexey I Igorevich Alexandrov

    2017-07-01

    Full Text Available Dissemination of information technologies and the expansion of their application demand constantly increasing security level for users, operating with confidential information and personal data. The problem of setting up secure user identification is probably one of the most common tasks, which occur in the process of software development. Today, despite the availability of a large amount of authentication tools, new solutions, mechanisms and technologies are being introduced regularly. Primarily, it is done to increase the security level of data protection against unauthorized access. This article describes the experience of using central user authentication service based on CAS-protocol (CAS – Central Authentication Service and free open source software, analyzing its main advantages and disadvantages and describing the possibility of its modification, which would increase security of web-based information systems from being accessed illegally. The article contains recommendations for setting a maximum time limit for users working on services, integrated with central authentication; and, analyses the research of implementing modern web-technologies while using user authentication system based on CAS-protocol. In addition, it describes the ways of CAS-server modernization for developing additional modules: a module for collecting and analyzing the use of information systems, and another one, for a user management system. Furthermore, CAS-protocol can be used at universities and other organizations for creating a unified information environment in education.

  7. A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application

    International Nuclear Information System (INIS)

    Curtis, Darren S.; Peterson, Elena S.; Oehmen, Chris S.

    2008-01-01

    This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroic effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster

  8. RESTful Java web services security

    CERN Document Server

    Enríquez, René

    2014-01-01

    A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your own projects. This book is intended for web application developers who use RESTful web services to power their websites. Prior knowledge of RESTful is not mandatory, but would be advisable.

  9. Security and computer forensics in web engineering education

    OpenAIRE

    Glisson, W.; Welland, R.; Glisson, L.M.

    2010-01-01

    The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

  10. Secure Sessions for Web Services

    NARCIS (Netherlands)

    Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

    2007-01-01

    We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

  11. Security scanning of Web sites at CERN

    CERN Multimedia

    IT Department

    2010-01-01

    As of early 2010, the CERN Computer Security Team will start regular scanning of all Web sites and Web applications at CERN, visible on the Internet, or on the General Purpose Network (office network). The goal of this scanning is to improve the quality of CERN Web sites. All deficits found will be reported by e-mail to the relevant Web site owners, and must be fixed in a timely manner. Web site owners may also request one-off scans of their Web site or Web application, by sending an e-mail to Computer.Security@cern.ch. These Web scans are designed to limit the impact on the scanned Web sites. Nevertheless, in very rare cases scans may cause undesired side-effects, e.g. generate a large number of log entries, or cause particularly badly designed or less robust Web applications to crash. If a Web site is affected by these security scans, it will also be susceptible to any more aggressive scan that can be performed any time by a malicious attacker. Such Web applications should be fixed, and also additionally...

  12. A case for avoiding security-enhanced HTTP tools to improve security for Web-based applications

    Energy Technology Data Exchange (ETDEWEB)

    Wood, B.

    1996-03-01

    This paper describes some of the general weaknesses of the current popular Hypertext Transmission Protocol (HTTP) security standards and products in an effort to show that these standards are not appealing for many applications. The author will then show how one can treat HTTP browsers and servers as untrusted elements in the network so that one can rely on other mechanisms to achieve better overall security than can be attained through today`s security-enhanced HTTP tools.

  13. DIRAC: Secure web user interface

    International Nuclear Information System (INIS)

    Casajus Ramo, A; Sapunov, M

    2010-01-01

    Traditionally the interaction between users and the Grid is done with command line tools. However, these tools are difficult to use by non-expert users providing minimal help and generating outputs not always easy to understand especially in case of errors. Graphical User Interfaces are typically limited to providing access to the monitoring or accounting information and concentrate on some particular aspects failing to cover the full spectrum of grid control tasks. To make the Grid more user friendly more complete graphical interfaces are needed. Within the DIRAC project we have attempted to construct a Web based User Interface that provides means not only for monitoring the system behavior but also allows to steer the main user activities on the grid. Using DIRAC's web interface a user can easily track jobs and data. It provides access to job information and allows performing actions on jobs such as killing or deleting. Data managers can define and monitor file transfer activity as well as check requests set by jobs. Production managers can define and follow large data productions and react if necessary by stopping or starting them. The Web Portal is build following all the grid security standards and using modern Web 2.0 technologies which allow to achieve the user experience similar to the desktop applications. Details of the DIRAC Web Portal architecture and User Interface will be presented and discussed.

  14. Web security a whitehat perspective

    CERN Document Server

    Wu, Hanqing

    2015-01-01

    MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

  15. Secure Web System in a Cloud Environment

    OpenAIRE

    Pokherl, Bibesh

    2013-01-01

    Advent of cloud computing has brought a lot of benefits for users based on its essential characteristics. Users are attracted by its costs per use service and rapidly deploy their applications in the cloud and scale by using virtualization technology without investing in their own IT infrastructure. These applications can be accessed through web based technology, such as web browsers or mobile apps. However, security becomes a major challenge when user’s data and applications are stored in a ...

  16. Web Services Security - Implementation and Evaluation Issues

    Science.gov (United States)

    Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

    Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

  17. The design and implementation of web mining in web sites security

    Science.gov (United States)

    Li, Jian; Zhang, Guo-Yin; Gu, Guo-Chang; Li, Jian-Li

    2003-06-01

    The backdoor or information leak of Web servers can be detected by using Web Mining techniques on some abnormal Web log and Web application log data. The security of Web servers can be enhanced and the damage of illegal access can be avoided. Firstly, the system for discovering the patterns of information leakages in CGI scripts from Web log data was proposed. Secondly, those patterns for system administrators to modify their codes and enhance their Web site security were provided. The following aspects were described: one is to combine web application log with web log to extract more information, so web data mining could be used to mine web log for discovering the information that firewall and Information Detection System cannot find. Another approach is to propose an operation module of web site to enhance Web site security. In cluster server session, Density-Based Clustering technique is used to reduce resource cost and obtain better efficiency.

  18. IT Security: Target: The Web

    Science.gov (United States)

    Waters, John K.

    2009-01-01

    In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

  19. Security on the web

    CERN Document Server

    Zelkowitz, Marvin

    2011-01-01

    Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field. In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with m

  20. Security Guards for the Future Web

    National Research Council Canada - National Science Library

    Reed, Nancy; Bryson, Dave; Garriss, James; Gosnell, Steve; Heaton, Brook; Huber, Gary; Jacobs, David; Pulvermacher, Mary; Semy, Salim; Smith, Chad; Standard, John

    2004-01-01

    .... Guard technology needs to keep pace with the evolving Web environment. The authors conjectured that a family of security guard services would be needed to provide the full range of functionality necessary to support the future Web...

  1. Web Server Security on Open Source Environments

    Science.gov (United States)

    Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

    Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

  2. Wordpress web application development

    CERN Document Server

    Ratnayake, Rakhitha Nimesh

    2015-01-01

    This book is intended for WordPress developers and designers who want to develop quality web applications within a limited time frame and for maximum profit. Prior knowledge of basic web development and design is assumed.

  3. Designing, Implementing, and Evaluating Secure Web Browsers

    Science.gov (United States)

    Grier, Christopher L.

    2009-01-01

    Web browsers are plagued with vulnerabilities, providing hackers with easy access to computer systems using browser-based attacks. Efforts that retrofit existing browsers have had limited success since modern browsers are not designed to withstand attack. To enable more secure web browsing, we design and implement new web browsers from the ground…

  4. Building Social Web Applications

    CERN Document Server

    Bell, Gavin

    2009-01-01

    Building a web application that attracts and retains regular visitors is tricky enough, but creating a social application that encourages visitors to interact with one another requires careful planning. This book provides practical solutions to the tough questions you'll face when building an effective community site -- one that makes visitors feel like they've found a new home on the Web. If your company is ready to take part in the social web, this book will help you get started. Whether you're creating a new site from scratch or reworking an existing site, Building Social Web Applications

  5. Engineering Web Applications

    DEFF Research Database (Denmark)

    Casteleyn, Sven; Daniel, Florian; Dolog, Peter

    Nowadays, Web applications are almost omnipresent. The Web has become a platform not only for information delivery, but also for eCommerce systems, social networks, mobile services, and distributed learning environments. Engineering Web applications involves many intrinsic challenges due...... to their distributed nature, content orientation, and the requirement to make them available to a wide spectrum of users who are unknown in advance. The authors discuss these challenges in the context of well-established engineering processes, covering the whole product lifecycle from requirements engineering through...... design and implementation to deployment and maintenance. They stress the importance of models in Web application development, and they compare well-known Web-specific development processes like WebML, WSDM and OOHDM to traditional software development approaches like the waterfall model and the spiral...

  6. Engineering Adaptive Web Applications

    DEFF Research Database (Denmark)

    Dolog, Peter

    2007-01-01

    suit the user profile the most. This paper summarizes the domain engineering framework for such adaptive web applications. The framework provides guidelines to develop adaptive web applications as members of a family. It suggests how to utilize the design artifacts as knowledge which can be used......Information and services on the web are accessible for everyone. Users of the web differ in their background, culture, political and social environment, interests and so on. Ambient intelligence was envisioned as a concept for systems which are able to adapt to user actions and needs....... With the growing amount of information and services, the web applications become natural candidates to adopt the concepts of ambient intelligence. Such applications can deal with divers user intentions and actions based on the user profile and can suggest the combination of information content and services which...

  7. Express web application development

    CERN Document Server

    Yaapa, Hage

    2013-01-01

    Express Web Application Development is a practical introduction to learning about Express. Each chapter introduces you to a different area of Express, using screenshots and examples to get you up and running as quickly as possible.If you are looking to use Express to build your next web application, ""Express Web Application Development"" will help you get started and take you right through to Express' advanced features. You will need to have an intermediate knowledge of JavaScript to get the most out of this book.

  8. Primer on client-side web security

    CERN Document Server

    De Ryck, Philippe; Piessens, Frank; Johns, Martin

    2014-01-01

    This volume illustrates the continuous arms race between attackers and defenders of the Web ecosystem by discussing a wide variety of attacks. In the first part of the book, the foundation of the Web ecosystem is briefly recapped and discussed. Based on this model, the assets of the Web ecosystem are identified, and the set of capabilities an attacker may have are enumerated. In the second part, an overview of the web security vulnerability landscape is constructed. Included are selections of the most representative attack techniques reported in great detail. In addition to descriptions of the

  9. Professional Cocoa Application Security

    CERN Document Server

    Lee, Graham J

    2010-01-01

    The first comprehensive security resource for Mac and iPhone developers. The Mac platform is legendary for security, but consequently, Apple developers have little appropriate security information available to help them assure that their applications are equally secure. This Wrox guide provides the first comprehensive go-to resource for Apple developers on the available frameworks and features that support secure application development.: While Macs are noted for security, developers still need to design applications for the Mac and the iPhone with security in mind; this guide offers the first

  10. Design and Analysis of Web Application Frameworks

    DEFF Research Database (Denmark)

    Schwarz, Mathias Romme

    -state manipulation vulnerabilities. The hypothesis of this dissertation is that we can design frameworks and static analyses that aid the programmer to avoid such errors. First, we present the JWIG web application framework for writing secure and maintainable web applications. We discuss how this framework solves...... some of the common errors through an API that is designed to be safe by default. Second, we present a novel technique for checking HTML validity for output that is generated by web applications. Through string analysis, we approximate the output of web applications as context-free grammars. We model......Numerous web application frameworks have been developed in recent years. These frameworks enable programmers to reuse common components and to avoid typical pitfalls in web application development. Although such frameworks help the programmer to avoid many common errors, we nd...

  11. Developing Large Web Applications

    CERN Document Server

    Loudon, Kyle

    2010-01-01

    How do you create a mission-critical site that provides exceptional performance while remaining flexible, adaptable, and reliable 24/7? Written by the manager of a UI group at Yahoo!, Developing Large Web Applications offers practical steps for building rock-solid applications that remain effective even as you add features, functions, and users. You'll learn how to develop large web applications with the extreme precision required for other types of software. Avoid common coding and maintenance headaches as small websites add more pages, more code, and more programmersGet comprehensive soluti

  12. Progressive Web applications

    CERN Multimedia

    CERN. Geneva

    2017-01-01

    Progressive Web Applications are native-like applications running inside of a browser context. In my presentation I would like describe their characteristics, benchmarks and building process using a quick and simple case study example with focus on Service Workers api.

  13. Automated Security Testing of Web Widget Interactions

    NARCIS (Netherlands)

    Bezemer, C.P.; Mesbah, A.; Van Deursen, A.

    2009-01-01

    This paper is a pre-print of: Cor-Paul Bezemer, Ali Mesbah, and Arie van Deursen. Automated Security Testing of Web Widget Interactions. In Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

  14. Secure e-mail and Web browsing

    CERN Multimedia

    CERN. Geneva

    2009-01-01

    This is an entry-level 1.5-hour training course aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. Register at CTA

  15. AN INSECURE WILD WEB: A LARGE-SCALE STUDY OF EFFECTIVENESS OF WEB SECURITY MECHANISMS

    Directory of Open Access Journals (Sweden)

    Kailas Patil

    2017-03-01

    Full Text Available This research work presents a large-scale study of the problems in real-world web applications and widely-used mobile browsers. Through a large-scale experiment, we find inconsistencies in Secure Socket Layer (SSL warnings among popular mobile web browsers (over a billion users download. The majority of popular mobile browsers on the Google Play Store either provide incomplete information in SSL warnings shown to users or failed to provide SSL warnings in the presence of security certificate errors, thus making it a difficult task even for a security savvy user to make an informed decision. In addition, we find that 28% of websites are using mixed content. Mixed content means a secure website (https loads a sub resource using insecure HTTP protocol. The mixed content weakens the security of entire website and vulnerable to man-in-the-middle (MITM attacks. Furthermore, we inspected the default behavior of mobile web browsers and report that majority of mobile web browsers allow execution of mixed content in web applications, which implies billions of mobile browser users are vulnerable to eavesdropping and MITM attacks. Based on our findings, we make recommendations for website developers, users and browser vendors.

  16. Reliability, compliance, and security in web-based course assessments

    Directory of Open Access Journals (Sweden)

    Scott Bonham

    2008-04-01

    Full Text Available Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage and utilization of web resources. An investigation was carried out in introductory astronomy courses comparing pre- and postcourse administration of assessments using the web and on paper. Overall no difference was seen in performance due to the medium. Compliance rates fluctuated greatly, and factors that seemed to produce higher rates are identified. Notably, email reminders increased compliance by 20%. Most of the 559 students complied with requests to not copy, print, or save questions nor use web resources; about 1% did copy some question text and around 2% frequently used other windows or applications while completing the assessment.

  17. Designing Adaptive Web Applications

    DEFF Research Database (Denmark)

    Dolog, Peter

    2008-01-01

    Learning system to study a discipline. In business to business interaction, different requirements and parameters of exchanged business requests might be served by different services from third parties. Such applications require certain intelligence and a slightly different approach to design. Adpative web......The unique characteristic of web applications is that they are supposed to be used by much bigger and diverse set of users and stakeholders. An example application area is e-Learning or business to business interaction. In eLearning environment, various users with different background use the e......-based applications aim to leave some of their features at the design stage in the form of variables which are dependent on several criteria. The resolution of the variables is called adaptation and can be seen from two perspectives: adaptation by humans to the changed requirements of stakeholders and dynamic system...

  18. Android application security essentials

    CERN Document Server

    Rai, Pragati

    2013-01-01

    Android Application Security Essentials is packed with examples, screenshots, illustrations, and real world use cases to secure your apps the right way.If you are looking for guidance and detailed instructions on how to secure app data, then this book is for you. Developers, architects, managers, and technologists who wish to enhance their knowledge of Android security will find this book interesting. Some prior knowledge of development on the Android stack is desirable but not required.

  19. The Efficiency of Requesting Process for Formal Business-Documents in Indonesia: An Implementation of Web Application Base on Secure and Encrypted Sharing Process

    Directory of Open Access Journals (Sweden)

    Aris Budi Setyawan

    2014-12-01

    Full Text Available In recent business practices, the need of the formal document for business, such as the business license documents, business domicile letters, halal certificates, and other formal documents, is desperately needed and becomes its own problems for businesses, especially for small and medium enterprises. One stop service unit that was conceived and implemented by the government today, has not been fully integrated yet. Not all permits (related with formal document for business can be completed and finished in one place, businesses are still have to move from one government department to another government department to get a formal document for their business. With these practices, not only a lot of the time and cost will be sacrificed, but also businesses must always fill out a form with the same field. This study aims to assess and identify the problem, especially on applying the formal document for business, and use it as inputs for the development of a web application based on secure and encrypted sharing process. The study starts with a survey of 200 businesses that have applied the formal document for their business, to map the initial conditions of applying the formal document for business in Indonesia . With these applications that are built based on these needs, it is expected that not only the time, cost, and physical effort from both parties are becoming more efficient, but also the negative practices of bureaucratic and economic obstacles in business activities can be minimized, so the competitiveness of business and their contribution for national economy will increase.Keywords : Formal documents, Efficiencies, Web application, Secure and encrypted sharing process, SMEs

  20. Developing web applications with Oracle ADF essentials

    CERN Document Server

    Vesterli, Sten E

    2013-01-01

    Developing Web Applications with Oracle ADF Essentials covers the basics of Oracle ADF and then works through more complex topics such as debugging and logging features and JAAS Security in JDeveloper as the reader gains more skills. This book will follow a tutorial approach, using a practical example, with the content and tasks getting harder throughout.""Developing Web Applications with Oracle ADF Essentials"" is for you if you want to build modern, user-friendly web applications for all kinds of data gathering, analysis, and presentations. You do not need to know any advanced HTML or JavaSc

  1. Security in Computer Applications

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture addresses the following question: how to create secure software? The lecture starts with a definition of computer security and an explanation of why it is so difficult to achieve. It then introduces the main security principles (like least-privilege, or defense-in-depth) and discusses security in different phases of the software development cycle. The emphasis is put on the implementation part: most common pitfalls and security bugs are listed, followed by advice on best practice for security development. The last part of the lecture covers some miscellaneous issues like the use of cryptography, rules for networking applications, and social engineering threats. This lecture was first given on Thursd...

  2. Developing Web Applications

    CERN Document Server

    Moseley, Ralph

    2007-01-01

    Building applications for the Internet is a complex and fast-moving field which utilizes a variety of continually evolving technologies. Whether your perspective is from the client or server side, there are many languages to master - X(HTML), JavaScript, PHP, XML and CSS to name but a few. These languages have to work together cleanly, logically and in harmony with the systems they run on, and be compatible with any browsers with which they interact. Developing Web Applications presents script writing and good programming practice but also allows students to see how the individual technologi

  3. Web Application Obfuscation '-WAFsEvasionFiltersalert(Obfuscation)-'

    CERN Document Server

    Heiderich, Mario; Heyes, Gareth; Lindsay, David

    2010-01-01

    Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures. Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems. Find out how an attacker would bypass different types of security controls, how these very security controls introduce new ty

  4. Android Applications Security

    OpenAIRE

    Paul POCATILU

    2011-01-01

    The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the a...

  5. Android Applications Security

    Directory of Open Access Journals (Sweden)

    Paul POCATILU

    2011-01-01

    Full Text Available The use of smartphones worldwide is growing very fast and also the malicious attacks have increased. The mobile security applications development keeps the pace with this trend. The paper presents the vulnerabilities of mobile applications. The Android applications and devices are analyzed through the security perspective. The usage of restricted API is also presented. The paper also focuses on how users can prevent these malicious attacks and propose some prevention measures, including the architecture of a mobile security system for Android devices.

  6. Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

    OpenAIRE

    Dalai, Asish Kumar; Jena, Sanjay Kumar

    2017-01-01

    Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevent...

  7. Application Security Automation

    Science.gov (United States)

    Malaika, Majid A.

    2011-01-01

    With today's high demand for online applications and services running on the Internet, software has become a vital component in our lives. With every revolutionary technology comes challenges unique to its characteristics; for online applications, security is one huge concern and challenge. Currently, there are several schemes that address…

  8. Web Platform Application

    Energy Technology Data Exchange (ETDEWEB)

    Paulsworth, Ashley [Sunvestment Group, Frederick, MD (United States); Kurtz, Jim [Sunvestment Group, Frederick, MD (United States); Brun de Pontet, Stephanie [Sunvestment Group, Frederick, MD (United States)

    2016-06-15

    Sunvestment Energy Group (previously called Sunvestment Group) was established to create a web application that brings together site hosts, those who will obtain the energy from the solar array, with project developers and funders, including affinity investors. Sunvestment Energy Group (SEG) uses a community-based model that engages with investors who have some affinity with the site host organization. In addition to a financial return, these investors receive non-financial value from their investments and are therefore willing to offer lower cost capital. This enables the site host to enjoy more savings from solar through these less expensive Community Power Purchase Agreements (CPPAs). The purpose of this award was to develop an online platform to bring site hosts and investors together virtually.

  9. Web-Services Development in Secure Way for Highload Systems

    Directory of Open Access Journals (Sweden)

    V. M. Nichiporchouk

    2011-12-01

    Full Text Available This paper describes approach to design of web-services in secure, high load and fault tolerant implementation for mass message processing. The multicomponent architecture of web-service with possibility for high security zone is provided as well as scalability evaluation of the architecture.

  10. Value of Information Web Application

    Science.gov (United States)

    2015-04-01

    their understanding of VoI attributes (source reliable, information content, and latency). The VoI web application emulates many features of a...only when using the Firefox web browser on those computers (Internet Explorer was not viable due to unchangeable user settings). During testing, the

  11. Security Administration Reports Application

    Data.gov (United States)

    Social Security Administration — Contains SSA Security Reports that allow Information Security Officers (ISOs) to access, review and take appropriate action based on the information contained in the...

  12. Cyber Security Applications: Freeware & Shareware

    Science.gov (United States)

    Rogers, Gary; Ashford, Tina

    2015-01-01

    This paper will discuss some assignments using freeware/shareware instructors can find on the Web to use to provide students with hands-on experience in this arena. Also, the college, Palm Beach State College, via a grant with the U.S. Department of Labor, has recently purchased a unique cyber security device that simulates cyber security attacks…

  13. General Aspects of some Causes of Web Application Vulnerabilities

    Directory of Open Access Journals (Sweden)

    Mironela Pîrnău

    2015-10-01

    Full Text Available Because web applications are complex software systems in constant evolution, they become real targets for hackers as they provide direct access to corporate or personal data. Web application security is supposed to represent an essential priority for organizations in order to protect sensitive customer data, or those of the employees of a company. Worldwide, there are many organizations that report the most common types of attacks on Web applications and methods for their prevention. While the paper is an overview, it puts forward several typical examples of web application vulnerabilities that are due to programming errors; these may be used by attackers to take unauthorized control over computers.

  14. THz and Security Applications

    CERN Document Server

    Sizov, Fedir; Detectors, Sources and Associated Electronics for THz Applications

    2014-01-01

    These proceedings comprise invited papers from highly experienced researchers in THz technology and security applications. THz detection of explosives represents one of the most appealing technologies to have recently emerged in dealing with terrorist attacks encountered by civil security and military forces throughout the world. Discussed are the most advanced technologies and developments, the various points of operational strength and weaknesses as well as are suggestions and predictions the best technological solutions to  overcome current operational limits.  The current status of various levels of cooling in THz detectors, sources and associated electronics are also addressed. The goal was to provide a clear view on the current technologies available and the required advances needed in order to achieve more efficient systems. This goal was outlined in part by establishing the baseline of current uncertainty estimations in physics-based modelling and the identification of key areas which require additi...

  15. Secured web-based video repository for multicenter studies.

    Science.gov (United States)

    Yan, Ling; Hicks, Matt; Winslow, Korey; Comella, Cynthia; Ludlow, Christy; Jinnah, H A; Rosen, Ami R; Wright, Laura; Galpern, Wendy R; Perlmutter, Joel S

    2015-04-01

    We developed a novel secured web-based dystonia video repository for the Dystonia Coalition, part of the Rare Disease Clinical Research network funded by the Office of Rare Diseases Research and the National Institute of Neurological Disorders and Stroke. A critical component of phenotypic data collection for all projects of the Dystonia Coalition includes a standardized video of each participant. We now describe our method for collecting, serving and securing these videos that is widely applicable to other studies. Each recruiting site uploads standardized videos to a centralized secured server for processing to permit website posting. The streaming technology used to view the videos from the website does not allow downloading of video files. With appropriate institutional review board approval and agreement with the hosting institution, users can search and view selected videos on the website using customizable, permissions-based access that maintains security yet facilitates research and quality control. This approach provides a convenient platform for researchers across institutions to evaluate and analyze shared video data. We have applied this methodology for quality control, confirmation of diagnoses, validation of rating scales, and implementation of new research projects. We believe our system can be a model for similar projects that require access to common video resources. Copyright © 2015 Elsevier Ltd. All rights reserved.

  16. Web-based control application using WebSocket

    International Nuclear Information System (INIS)

    Furukawa, Y.

    2012-01-01

    The WebSocket allows asynchronous full-duplex communication between a Web-based (i.e. Java Script-based) application and a Web-server. WebSocket started as a part of HTML5 standardization but has now been separated from HTML5 and has been developed independently. Using WebSocket, it becomes easy to develop platform independent presentation layer applications for accelerator and beamline control software. In addition, a Web browser is the only application program that needs to be installed on client computer. The WebSocket-based applications communicate with the WebSocket server using simple text-based messages, so WebSocket is applicable message-based control system like MADOCA, which was developed for the SPring-8 control system. A simple WebSocket server for the MADOCA control system and a simple motor control application were successfully made as a first trial of the WebSocket control application. Using Google-Chrome (version 13.0) on Debian/Linux and Windows 7, Opera (version 11.0) on Debian/Linux and Safari (version 5.0.3) on Mac OS X as clients, the motors can be controlled using a WebSocket-based Web-application. Diffractometer control application use in synchrotron radiation diffraction experiment was also developed. (author)

  17. A security modeling approach for web-service-based business processes

    DEFF Research Database (Denmark)

    Jensen, Meiko; Feja, Sven

    2009-01-01

    a transformation that automatically derives WS-SecurityPolicy-conformant security policies from the process model, which in conjunction with the generated WS-BPEL processes and WSDL documents provides the ability to deploy and run the complete security-enhanced process based on Web Service technology.......The rising need for security in SOA applications requires better support for management of non-functional properties in web-based business processes. Here, the model-driven approach may provide valuable benefits in terms of maintainability and deployment. Apart from modeling the pure functionality...... of a process, the consideration of security properties at the level of a process model is a promising approach. In this work-in-progress paper we present an extension to the ARIS SOA Architect that is capable of modeling security requirements as a separate security model view. Further we provide...

  18. Correct software in web applications and web services

    CERN Document Server

    Thalheim, Bernhard; Prinz, Andreas; Buchberger, Bruno

    2015-01-01

    The papers in this volume aim at obtaining a common understanding of the challenging research questions in web applications comprising web information systems, web services, and web interoperability; obtaining a common understanding of verification needs in web applications; achieving a common understanding of the available rigorous approaches to system development, and the cases in which they have succeeded; identifying how rigorous software engineering methods can be exploited to develop suitable web applications; and at developing a European-scale research agenda combining theory, methods a

  19. On the security of SSL/TLS-enabled applications

    OpenAIRE

    Das, Manik Lal; Samdaria, Navkar

    2014-01-01

    SSL/TLS (Secure Socket Layer/Transport Layer Security)-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM) attack, has been exploited by attackers of...

  20. Web Services in Mobile Applications

    Directory of Open Access Journals (Sweden)

    Octavian DOSPINESCU

    2013-01-01

    Full Text Available Information and communication technologies are designed to support and anticipate the continuing changes of the information society, while outlining new economic, social and cultural dimensions. We see the growth of new business models whose aim is to remove traditional barriers and improve the value of goods and services. Information is a strategic resource and its manipulation raises new problems for all entities involved in the process. Information and communication technologies should be a stable support in managing the flow of data and support the integrity, confidentiality and availability. Concepts such as eBusiness, eCommerce, Software as a Service, Cloud Computing and Social Media are based on web technologies consisting of complex languages, protocols and standards, built around client-server architecture. One of the most used technologies in mobile applications are the Web Services defined as an application model supported by any operating system able to provide certain functionalities using Internet technologies to promote interoperability between various appli-cations and platforms. Web services use HTTP, XML, SSL, SMTP and SOAP, because their stability has proven over the years. Their functionalities are highly variable, with Web services applications exchange type, weather, arithmetic or authentication services. In this article we will talk about SOAP and REST architectures for web services in mobile applications and we will also provide some practical examples based on Android platform.

  1. Project Assessment Skills Web Application

    Science.gov (United States)

    Goff, Samuel J.

    2013-01-01

    The purpose of this project is to utilize Ruby on Rails to create a web application that will replace a spreadsheet keeping track of training courses and tasks. The goal is to create a fast and easy to use web application that will allow users to track progress on training courses. This application will allow users to update and keep track of all of the training required of them. The training courses will be organized by group and by user, making readability easier. This will also allow group leads and administrators to get a sense of how everyone is progressing in training. Currently, updating and finding information from this spreadsheet is a long and tedious task. By upgrading to a web application, finding and updating information will be easier than ever as well as adding new training courses and tasks. Accessing this data will be much easier in that users just have to go to a website and log in with NDC credentials rather than request the relevant spreadsheet from the holder. In addition to Ruby on Rails, I will be using JavaScript, CSS, and jQuery to help add functionality and ease of use to my web application. This web application will include a number of features that will help update and track progress on training. For example, one feature will be to track progress of a whole group of users to be able to see how the group as a whole is progressing. Another feature will be to assign tasks to either a user or a group of users. All of these together will create a user friendly and functional web application.

  2. Security Data Warehouse Application

    Science.gov (United States)

    Vernon, Lynn R.; Hennan, Robert; Ortiz, Chris; Gonzalez, Steve; Roane, John

    2012-01-01

    The Security Data Warehouse (SDW) is used to aggregate and correlate all JSC IT security data. This includes IT asset inventory such as operating systems and patch levels, users, user logins, remote access dial-in and VPN, and vulnerability tracking and reporting. The correlation of this data allows for an integrated understanding of current security issues and systems by providing this data in a format that associates it to an individual host. The cornerstone of the SDW is its unique host-mapping algorithm that has undergone extensive field tests, and provides a high degree of accuracy. The algorithm comprises two parts. The first part employs fuzzy logic to derive a best-guess host assignment using incomplete sensor data. The second part is logic to identify and correct errors in the database, based on subsequent, more complete data. Host records are automatically split or merged, as appropriate. The process had to be refined and thoroughly tested before the SDW deployment was feasible. Complexity was increased by adding the dimension of time. The SDW correlates all data with its relationship to time. This lends support to forensic investigations, audits, and overall situational awareness. Another important feature of the SDW architecture is that all of the underlying complexities of the data model and host-mapping algorithm are encapsulated in an easy-to-use and understandable Perl language Application Programming Interface (API). This allows the SDW to be quickly augmented with additional sensors using minimal coding and testing. It also supports rapid generation of ad hoc reports and integration with other information systems.

  3. Secure Architectures for Mobile Applications

    OpenAIRE

    Cristian TOMA

    2007-01-01

    The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet)

  4. Secure Architectures for Mobile Applications

    Directory of Open Access Journals (Sweden)

    2007-01-01

    Full Text Available The paper presents security issues and architectures for mobile applications and GSM infrastructure. The article also introduces the idea of a new secure architecture for an inter-sector electronic wallet used in payments - STP4EW (Secure Transmission Protocol for Electronic Wallet

  5. Securing the Application Layer in eCommerce

    OpenAIRE

    Bala Musa S; Norita Md Norwawi; Mohd Hasan Selamat

    2012-01-01

    As e-commerce transaction is evolving, security is becoming a paramount issue since a great deal of credit cards, fund transfer, web shopping and public retirements are involved. Therefore, an appropriate development process is necessary for such security critical application. Also, handling security issues at early stage of software development is paramount to avoiding vulnerabilities from scaling through production environment unnoticed. This paper proposes a comprehensive security requirem...

  6. JavaScript Web Applications

    CERN Document Server

    MacCaw, Alex

    2011-01-01

    Building rich JavaScript applications that bring a desktop experience to the Web requires moving state from the server to the client side-not a simple task. This hands-on book takes proficient JavaScript developers through all the steps necessary to create state-of-the-art applications, including structure, templating, frameworks, communicating with the server, and many other issues. Throughout the book, you'll work with real-world example applications to help you grasp the concepts involved. Learn how to create JavaScript applications that offer a more responsive and improved experience. U

  7. Ultrabroadband spectroscopy for security applications

    DEFF Research Database (Denmark)

    Engelbrecht, Sunniva; Berge, Luc; Skupin, Stefan

    2015-01-01

    Ultrabroadband spectroscopy is a promising novel approach to overcome two major hurdles which have so far limited the application of THz spectroscopy for security applications: the increased bandwidth enables to record several characteristic spectroscopic features and the technique allows...

  8. Information security foundations, technologies and applications

    CERN Document Server

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  9. Web application development with Laravel PHP Framework version 4

    OpenAIRE

    Armel, Jamal

    2014-01-01

    The purpose of this thesis work was to learn a new PHP framework and use it efficiently to build an eCommerce web application for a small start-up freelancing company that will let potential customers check products by category and pass orders securely. To fulfil this set of requirements, a system consisting of a web application with a backend was designed and implemented using built in Laravel features such as Composer, Eloquent, Blade and Artisan and a WAMP stack. The web application wa...

  10. Secure, web-accessible call rosters for academic radiology departments.

    Science.gov (United States)

    Nguyen, A V; Tellis, W M; Avrin, D E

    2000-05-01

    Traditionally, radiology department call rosters have been posted via paper and bulletin boards. Frequently, changes to these lists are made by multiple people independently, but often not synchronized, resulting in confusion among the house staff and technical staff as to who is on call and when. In addition, multiple and disparate copies exist in different sections of the department, and changes made would not be propagated to all the schedules. To eliminate such difficulties, a paperless call scheduling application was developed. Our call scheduling program allowed Java-enabled web access to a database by designated personnel from each radiology section who have privileges to make the necessary changes. Once a person made a change, everyone accessing the database would see the modification. This eliminates the chaos resulting from people swapping shifts at the last minute and not having the time to record or broadcast the change. Furthermore, all changes to the database were logged. Users are given a log-in name and password and can only edit their section; however, all personnel have access to all sections' schedules. Our applet was written in Java 2 using the latest technology in database access. We access our Interbase database through the DataExpress and DB Swing (Borland, Scotts Valley, CA) components. The result is secure access to the call rosters via the web. There are many advantages to the web-enabled access, mainly the ability for people to make changes and have the changes recorded and propagated in a single virtual location and available to all who need to know.

  11. Web Interface Security Vulnerabilities of European Academic Repositories

    Directory of Open Access Journals (Sweden)

    Matus Formanek

    2017-02-01

    Full Text Available The given analysis summarizes the status quo of the level of security of web interfaces of selected European academic repositories in the field of library and information science. It focuses on the presence and qualities of the secure HTTPS protocol via SSL/TLS protocols. The security of the transmitted data is particularly important in the network environment of the Internet, especially if log-in user data is transmitted. Disclosure may have a direct impact on saved digital objects and their metadata which together represent the most valuable parts of systems of digital libraries and repositories. Furthermore, the paper points to the most noticeable vulnerabilities of protocols of web interfaces and presents practical recommendations for the expert public. These may contribute to the increase of the level of security of the discussed systems. The authors base their proposals on the currently available scientific publications and scientific articles about the given topic.

  12. Web Application Development Utilizing Cloud Virtual Machine

    OpenAIRE

    Muukka, Olli

    2014-01-01

    The thesis goes through a development project where a web application was implemented to support the start-up company business operations. The main reason to implement a web application was the company needed a system where business data is centrally managed with cost-efficient, simple and easy tool. The deployed cloud service provided a platform for the web application. The alternative to the web application development was to deploy commercial customer relationship management tool, but the ...

  13. A survey on web modeling approaches for ubiquitous web applications

    NARCIS (Netherlands)

    Schwinger, W.; Retschitzegger, W.; Schauerhuber, A.; Kappel, G.; Wimmer, M.; Pröll, B.; Cachero Castro, C.; Casteleyn, S.; De Troyer, O.; Fraternali, P.; Garrigos, I.; Garzotto, F.; Ginige, A.; Houben, G.J.P.M.; Koch, N.; Moreno, N.; Pastor, O.; Paolini, P.; Pelechano Ferragud, V.; Rossi, G.; Schwabe, D.; Tisi, M.; Vallecillo, A.; Sluijs, van der K.A.M.; Zhang, G.

    2008-01-01

    Purpose – Ubiquitous web applications (UWA) are a new type of web applications which are accessed in various contexts, i.e. through different devices, by users with various interests, at anytime from anyplace around the globe. For such full-fledged, complex software systems, a methodologically sound

  14. MedlinePlus Connect: Web Application

    Science.gov (United States)

    ... MedlinePlus Connect → Web Application URL of this page: https://medlineplus.gov/connect/application.html MedlinePlus Connect: Web ... will change.) Old URLs New URLs Web Application https://apps.nlm.nih.gov/medlineplus/services/mpconnect.cfm? ...

  15. Mobile IP: Security & application

    NARCIS (Netherlands)

    Tuquerres, G.; Salvador, M.R.; Sprenkels, Ron

    1999-01-01

    As required in the TGS Mobile IP Advanced Module, this paper presents a survey of common security threats which mobile IP networks are exposed to as well as some proposed solutions to deal with such threats.

  16. Security Vulnerabilities of the Web Based Open Source Information ...

    African Journals Online (AJOL)

    This paper exposes security vulnerabilities of the web based Open Source Information Systems (OSIS) from both system angle and human perspectives.It shows the extent of risk that can likely hinder adopting organization from attaning full intended benefits of using OSIS software. To undertake this study, a case study ...

  17. Secure remote service execution for web media streaming

    OpenAIRE

    Mikityuk, Alexandra

    2017-01-01

    Through continuous advancements in streaming and Web technologies over the past decade, the Web has become a platform for media delivery. Web standards like HTML5 have been designed accordingly, allowing for the delivery of applications, high-quality streaming video, and hooks for interoperable content protection. Efficient video encoding algorithms such as AVC/HEVC and streaming protocols such as MPEG-DASH have served as additional triggers for this evolution. Users now employ...

  18. Advanced express web application development

    CERN Document Server

    Keig, Andrew

    2013-01-01

    A practical book, guiding the reader through the development of a single page application using a feature-driven approach.If you are an experienced JavaScript developer who wants to build highly scalable, real-world applications using Express, this book is ideal for you. This book is an advanced title and assumes that the reader has some experience with node, Javascript MVC web development frameworks, and has heard of Express before, or is familiar with it. You should also have a basic understanding of Redis and MongoDB. This book is not a tutorial on Node, but aims to explore some of the more

  19. Application Security in the ISO27001 Environment

    CERN Document Server

    Vinod, Vasudevan; Firosh, Ummer

    2008-01-01

    Application Security in the ISO27001 Environment demonstrates how to secure software applications within a best practice ISO/IEC 27001 environment and supports implementation of the PCI DSS Payment Application Security Standard.

  20. Web Syndication in a Multilevel Security Environment

    Science.gov (United States)

    2012-03-01

    Group LAMP Linux, Apache, MySQL and PHP LAN Local Area Network MAC Mandatory Access Control MILS Multiple Independent Levels of Security MLS Multilevel...Reader [35] Section 1.4.3 – X X X X X FeedShow [36] Section 1.4.3 – X X X X feed on feeds [37] Section 1.4.3 GPL PHP 4.3.2+, MySQL – X X / Tiny Tiny RSS...38] Section 1.4.3 GPL PHP 5+, MySQL /Postgres – X X X X – zFeeder [39] Section 1.4.3 GPL PHP 4.2+ – X X – / lylina [40] Section 1.4.3 GPL PHP 5.2

  1. Database and applications security integrating information security and data management

    CERN Document Server

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  2. Neutralizing SQL Injection Attack Using Server Side Code Modification in Web Applications

    Directory of Open Access Journals (Sweden)

    Asish Kumar Dalai

    2017-01-01

    Full Text Available Reports on web application security risks show that SQL injection is the top most vulnerability. The journey of static to dynamic web pages leads to the use of database in web applications. Due to the lack of secure coding techniques, SQL injection vulnerability prevails in a large set of web applications. A successful SQL injection attack imposes a serious threat to the database, web application, and the entire web server. In this article, the authors have proposed a novel method for prevention of SQL injection attack. The classification of SQL injection attacks has been done based on the methods used to exploit this vulnerability. The proposed method proves to be efficient in the context of its ability to prevent all types of SQL injection attacks. Some popular SQL injection attack tools and web application security datasets have been used to validate the model. The results obtained are promising with a high accuracy rate for detection of SQL injection attack.

  3. WAPTT - Web Application Penetration Testing Tool

    Directory of Open Access Journals (Sweden)

    DURIC, Z.

    2014-02-01

    Full Text Available Web applications vulnerabilities allow attackers to perform malicious actions that range from gaining unauthorized account access to obtaining sensitive data. The number of reported web application vulnerabilities in last decade is increasing dramatically. The most of vulnerabilities result from improper input validation and sanitization. The most important of these vulnerabilities based on improper input validation and sanitization are: SQL injection (SQLI, Cross-Site Scripting (XSS and Buffer Overflow (BOF. In order to address these vulnerabilities we designed and developed the WAPTT (Web Application Penetration Testing Tool tool - web application penetration testing tool. Unlike other web application penetration testing tools, this tool is modular, and can be easily extended by end-user. In order to improve efficiency of SQLI vulnerability detection, WAPTT uses an efficient algorithm for page similarity detection. The proposed tool showed promising results as compared to six well-known web application scanners in detecting various web application vulnerabilities.

  4. On the security of SSL/TLS-enabled applications

    Directory of Open Access Journals (Sweden)

    Manik Lal Das

    2014-01-01

    Full Text Available SSL/TLS (Secure Socket Layer/Transport Layer Security-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM attack, has been exploited by attackers of SSL/TLS-enabled web applications, particularly when naive users want to connect to an SSL/TLS-enabled web server. In this paper, we discuss about the MITM threat to SSL/TLS-enabled web applications. We review the existing space of solutions to counter the MITM attack on SSL/TLS-enabled applications, and then, we provide an effective solution which can resist the MITM attack on SSL/TLS-enabled applications. The proposed solution uses a soft-token based approach for user authentication on top of the SSL/TLS’s security features. We show that the proposed solution is secure, efficient and user friendly in comparison to other similar approaches.

  5. SAMP: Application Messaging for Desktop and Web Applications

    Science.gov (United States)

    Taylor, M. B.; Boch, T.; Fay, J.; Fitzpatrick, M.; Paioro, L.

    2012-09-01

    SAMP, the Simple Application Messaging Protocol, is a technology which allows tools to communicate. It is deployed in a number of desktop astronomy applications including ds9, Aladin, TOPCAT, World Wide Telescope and numerous others, and makes it straightforward for a user to treat a selection of these tools as a loosely-integrated suite, combining the most powerful features of each. It has been widely used within Virtual Observatory contexts, but is equally suitable for non-VO use. Enabling SAMP communication from web-based content has long been desirable. An obvious use case is arranging for a click on a web page link to deliver an image, table or spectrum to a desktop viewer, but more sophisticated two-way interaction with rich internet applications would also be possible. Use from the web however presents some problems related to browser sandboxing. We explain how the SAMP Web Profile, introduced in version 1.3 of the SAMP protocol, addresses these issues, and discuss the resulting security implications.

  6. Integrating Web Services into Map Image Applications

    National Research Council Canada - National Science Library

    Tu, Shengru

    2003-01-01

    Web services have been opening a wide avenue for software integration. In this paper, we have reported our experiments with three applications that are built by utilizing and providing web services for Geographic Information Systems (GIS...

  7. The GridSite Web/Grid security system

    International Nuclear Information System (INIS)

    McNab, Andrew; Li Yibiao

    2010-01-01

    We present an overview of the current status of the GridSite toolkit, describing the security model for interactive and programmatic uses introduced in the last year. We discuss our experiences of implementing these internal changes and how they and previous rounds of improvements have been prompted by requirements from users and wider security trends in Grids (such as CSRF). Finally, we explain how these have improved the user experience of GridSite-based websites, and wider implications for portals and similar web/grid sites.

  8. Social Web mining and exploitation for serious applications: Technosocial Predictive Analytics and related technologies for public health, environmental and national security surveillance.

    Science.gov (United States)

    Kamel Boulos, Maged N; Sanfilippo, Antonio P; Corley, Courtney D; Wheeler, Steve

    2010-10-01

    This paper explores Technosocial Predictive Analytics (TPA) and related methods for Web "data mining" where users' posts and queries are garnered from Social Web ("Web 2.0") tools such as blogs, micro-blogging and social networking sites to form coherent representations of real-time health events. The paper includes a brief introduction to commonly used Social Web tools such as mashups and aggregators, and maps their exponential growth as an open architecture of participation for the masses and an emerging way to gain insight about people's collective health status of whole populations. Several health related tool examples are described and demonstrated as practical means through which health professionals might create clear location specific pictures of epidemiological data such as flu outbreaks. Copyright 2010 Elsevier Ireland Ltd. All rights reserved.

  9. Security Testing Handbook for Banking Applications

    CERN Document Server

    Doraiswamy, Arvind; Kapoor, Nilesh

    2009-01-01

    Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.

  10. A Web Service Framework for Economic Applications

    Directory of Open Access Journals (Sweden)

    Dan BENTA

    2010-01-01

    Full Text Available The Internet offers multiple solutions to linkcompanies with their partners, customers or suppliersusing IT solutions, including a special focus on Webservices. Web services are able to solve the problem relatedto the exchange of data between business partners, marketsthat can use each other's services, problems ofincompatibility between IT applications. As web servicesare described, discovered and accessed programs based onXML vocabularies and Web protocols, Web servicesrepresents solutions for Web-based technologies for smalland medium-sized enterprises (SMEs. This paper presentsa web service framework for economic applications. Also, aprototype of this IT solution using web services waspresented and implemented in a few companies from IT,commerce and consulting fields measuring the impact ofthe solution in the business environment development.

  11. Design of the XML Security System for Electronic Commerce Application

    Institute of Scientific and Technical Information of China (English)

    2003-01-01

    The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

  12. Maintenance-Ready Web Application Development

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2016-01-01

    Full Text Available The current paper tackles the subject of developing maintenance-ready web applications. Maintenance is presented as a core stage in a web application’s lifecycle. The concept of maintenance-ready is defined in the context of web application development. Web application maintenance tasks types are enunciated and suitable task types are identified for further analysis. The research hypothesis is formulated based on a direct link between tackling maintenance in the development stage and reducing overall maintenance costs. A live maintenance-ready web application is presented and maintenance related aspects are highlighted. The web application’s features, that render it maintenance-ready, are emphasize. The cost of designing and building the web-application to be maintenance-ready are disclosed. The savings in maintenance development effort facilitated by maintenance ready features are also disclosed. Maintenance data is collected from 40 projects implemented by a web development company. Homogeneity and diversity of collected data is evaluated. A data sample is presented and the size and comprehensive nature of the entire dataset is depicted. Research hypothesis are validated and conclusions are formulated on the topic of developing maintenance-ready web applications. The limits of the research process which represented the basis for the current paper are enunciated. Future research topics are submitted for debate.

  13. Automatic invariant detection in dynamic web applications

    NARCIS (Netherlands)

    Groeneveld, F.; Mesbah, A.; Van Deursen, A.

    2010-01-01

    The complexity of modern web applications increases as client-side JavaScript and dynamic DOM programming are used to offer a more interactive web experience. In this paper, we focus on improving the dependability of such applications by automatically inferring invariants from the client-side and

  14. Data mining approach to web application intrusions detection

    Science.gov (United States)

    Kalicki, Arkadiusz

    2011-10-01

    Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

  15. A Formal Approach to Exploiting Multi-Stage Attacks based on File-System Vulnerabilities of Web Applications (Extended Version)

    OpenAIRE

    De Meo, Federico; Viganò, Luca

    2017-01-01

    Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole application. Moreover, the analysis should take into consideration how file-system vulnerabilities might in- teract with other vulnerabilities leading an attacker to breach into the web application. In this paper, we first propose a classification of file-...

  16. Building Grid applications using Web Services

    CERN Multimedia

    CERN. Geneva

    2004-01-01

    There has been a lot of discussion within the Grid community about the use of Web Services technologies in building large-scale, loosely-coupled, cross-organisation applications. In this talk we are going to explore the principles that govern Service-Oriented Architectures and the promise of Web Services technologies for integrating applications that span administrative domains. We are going to see how existing Web Services specifications and practices could provide the necessary infrastructure for implementing Grid applications. Biography Dr. Savas Parastatidis is a Principal Research Associate at the School of Computing Science, University of Newcastle upon Tyne, UK. Savas is one of the authors of the "Grid Application Framework based on Web Services Specifications and Practices" document that was influential in the convergence between Grid and Web Services and the move away from OGSI (more information can be found at http://www.neresc.ac.uk/ws-gaf). He has done research on runtime support for distributed-m...

  17. A Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available This paper present and implement a Windows Phone 7 Oriented Secure Architecture for Business Intelligence Mobile Application. In the developing process is used a Windows Phone 7 application that interact with a WCF Web Service and a database. The types of Business Intelligence Mobile Applications are presented. The Windows mobile devices security and restrictions are presented. The namespaces and security algorithms used in .NET Compact Framework for assuring the application security are presented. The proposed architecture is showed underlying the flows between the application and the web service.

  18. WordPress web application development

    CERN Document Server

    Ratnayake, Rakhitha Nimesh

    2013-01-01

    An extensive, practical guide that explains how to adapt WordPress features, both conventional and trending, for web applications.This book is intended for WordPress developers and designers who have the desire to go beyond conventional website development to develop quality web applications within a limited time frame and for maximum profit. Experienced web developers who are looking for a framework for rapid application development will also find this to be a useful resource. Prior knowledge with of WordPress is preferable as the main focus will be on explaining methods for adapting WordPres

  19. System Testing of Desktop and Web Applications

    Science.gov (United States)

    Slack, James M.

    2011-01-01

    We want our students to experience system testing of both desktop and web applications, but the cost of professional system-testing tools is far too high. We evaluate several free tools and find that AutoIt makes an ideal educational system-testing tool. We show several examples of desktop and web testing with AutoIt, starting with simple…

  20. Web Application Software for Ground Operations Planning Database (GOPDb) Management

    Science.gov (United States)

    Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

    2013-01-01

    A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

  1. Opal web services for biomedical applications.

    Science.gov (United States)

    Ren, Jingyuan; Williams, Nadya; Clementi, Luca; Krishnan, Sriram; Li, Wilfred W

    2010-07-01

    Biomedical applications have become increasingly complex, and they often require large-scale high-performance computing resources with a large number of processors and memory. The complexity of application deployment and the advances in cluster, grid and cloud computing require new modes of support for biomedical research. Scientific Software as a Service (sSaaS) enables scalable and transparent access to biomedical applications through simple standards-based Web interfaces. Towards this end, we built a production web server (http://ws.nbcr.net) in August 2007 to support the bioinformatics application called MEME. The server has grown since to include docking analysis with AutoDock and AutoDock Vina, electrostatic calculations using PDB2PQR and APBS, and off-target analysis using SMAP. All the applications on the servers are powered by Opal, a toolkit that allows users to wrap scientific applications easily as web services without any modification to the scientific codes, by writing simple XML configuration files. Opal allows both web forms-based access and programmatic access of all our applications. The Opal toolkit currently supports SOAP-based Web service access to a number of popular applications from the National Biomedical Computation Resource (NBCR) and affiliated collaborative and service projects. In addition, Opal's programmatic access capability allows our applications to be accessed through many workflow tools, including Vision, Kepler, Nimrod/K and VisTrails. From mid-August 2007 to the end of 2009, we have successfully executed 239,814 jobs. The number of successfully executed jobs more than doubled from 205 to 411 per day between 2008 and 2009. The Opal-enabled service model is useful for a wide range of applications. It provides for interoperation with other applications with Web Service interfaces, and allows application developers to focus on the scientific tool and workflow development. Web server availability: http://ws.nbcr.net.

  2. Security in a Web 2.0+ World A Standards Based Approach

    CERN Document Server

    Solari , Carlos Curtis

    2010-01-01

    Discover how technology is affecting your business, and why typical security mechanisms are failing to address the issue of risk and trust. Security for a Web 2.0+ World looks at the perplexing issues of cyber security, and will be of interest to those who need to know how to make effective security policy decisions to engineers who design ICT systems - a guide to information security and standards in the Web 2.0+ era. It provides an understanding of IT security in the converged world of communications technology based on the Internet Protocol. Many companies are currently applying security mo

  3. Continuous Integration in PHP web applications development

    OpenAIRE

    Hujer, Martin

    2011-01-01

    This work deals with continuous integration of web applications, especially those in PHP language. The main objective is the selection of the server for continuous integration, its deployment and configuration for continuous integration of PHP web applications. The first chapter describes the concept of continuous integration and its individual techniques. The second chapter deals with the choice of server for continuous integration and its basic settings. The third chapter contains an overvi...

  4. Toward Exposing Timing-Based Probing Attacks in Web Applications.

    Science.gov (United States)

    Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

    2017-02-25

    Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users' browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

  5. Toward Exposing Timing-Based Probing Attacks in Web Applications

    Directory of Open Access Journals (Sweden)

    Jian Mao

    2017-02-01

    Full Text Available Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

  6. Estimating Maintenance Cost for Web Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2016-01-01

    Full Text Available The current paper tackles the issue of determining a method for estimating maintenance costs for web applications. The current state of research in the field of web application maintenance is summarized and leading theories and results are highlighted. The cost of web maintenance is determined by the number of man-hours invested in maintenance tasks. Web maintenance tasks are categorized into content maintenance and technical maintenance. Research is centered on analyzing technical maintenance tasks. The research hypothesis is formulated on the assumption that the number of man-hours invested in maintenance tasks can be assessed based on the web application’s user interaction level, complexity and content update effort. Data regarding the costs of maintenance tasks is collected from 24 maintenance projects implemented by a web development company that tackles a wide area of web applications. Homogeneity and diversity of collected data is submitted for debate by presenting a sample of the data and depicting the overall size and comprehensive nature of the entire dataset. A set of metrics dedicated to estimating maintenance costs in web applications is defined based on conclusions formulated by analyzing the collected data and the theories and practices dominating the current state of research. Metrics are validated with regards to the initial research hypothesis. Research hypothesis are validated and conclusions are formulated on the topic of estimating the maintenance cost of web applications. The limits of the research process which represented the basis for the current paper are enunciated. Future research topics are submitted for debate.

  7. X-Switch: An Efficient , Multi-User, Multi-Language Web Application Server

    Directory of Open Access Journals (Sweden)

    Mayumbo Nyirenda

    2010-07-01

    Full Text Available Web applications are usually installed on and accessed through a Web server. For security reasons, these Web servers generally provide very few privileges to Web applications, defaulting to executing them in the realm of a guest ac- count. In addition, performance often is a problem as Web applications may need to be reinitialised with each access. Various solutions have been designed to address these security and performance issues, mostly independently of one another, but most have been language or system-specic. The X-Switch system is proposed as an alternative Web application execution environment, with more secure user-based resource management, persistent application interpreters and support for arbitrary languages/interpreters. Thus it provides a general-purpose environment for developing and deploying Web applications. The X-Switch system's experimental results demonstrated that it can achieve a high level of performance. Further- more it was shown that X-Switch can provide functionality matching that of existing Web application servers but with the added benet of multi-user support. Finally the X-Switch system showed that it is feasible to completely separate the deployment platform from the application code, thus ensuring that the developer does not need to modify his/her code to make it compatible with the deployment platform.

  8. A Specialized Framework for Data Retrieval Web Applications

    Directory of Open Access Journals (Sweden)

    Jerzy Nogiec

    2005-06-01

    Full Text Available Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.

  9. A specialized framework for data retrieval Web applications

    International Nuclear Information System (INIS)

    Jerzy Nogiec; Kelley Trombly-Freytag; Dana Walbridge

    2004-01-01

    Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system

  10. Potential influence of Web 2.0 usage and security practices of online users on information management

    Directory of Open Access Journals (Sweden)

    R.J. Rudman

    2009-02-01

    Full Text Available The proliferation of Web 2.0 applications was the impetus for this survey-based research into practices that online users currently employ when using Web 2.0 sites. As part of the study, the popularity of Web 2.0 technologies and sites among online users at a university was investigated to determine the extent of the potential threat to corporate security, arising from Web 2.0 use and access. The results of this study indicate that the use of Web 2.0 sites is very popular among students, as a proxy for the potential future business users, and that users are not necessarily aware of the risks associated with these sites. The respondents indicated that they regularly visit Web 2.0 sites, and that they post personal information on these sites. This is of concern in protecting arguably the most valuable asset of a business.

  11. Access Control of Web- and Java-Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.

    2013-01-01

    Cybersecurity has become a great concern as threats of service interruption, unauthorized access, stealing and altering of information, and spreading of viruses have become more prevalent and serious. Application layer access control of applications is a critical component in the overall security solution that also includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. An access control solution, based on an open-source access manager augmented with custom software components, was developed to provide protection to both Web-based and Javabased client and server applications. The DISA Security Service (DISA-SS) provides common access control capabilities for AMMOS software applications through a set of application programming interfaces (APIs) and network- accessible security services for authentication, single sign-on, authorization checking, and authorization policy management. The OpenAM access management technology designed for Web applications can be extended to meet the needs of Java thick clients and stand alone servers that are commonly used in the JPL AMMOS environment. The DISA-SS reusable components have greatly reduced the effort for each AMMOS subsystem to develop its own access control strategy. The novelty of this work is that it leverages an open-source access management product that was designed for Webbased applications to provide access control for Java thick clients and Java standalone servers. Thick clients and standalone servers are still commonly used in businesses and government, especially for applications that require rich graphical user interfaces and high-performance visualization that cannot be met by thin clients running on Web browsers

  12. Wireless network security theories and applications

    CERN Document Server

    Chen, Lei; Zhang, Zihong

    2013-01-01

    Wireless Network Security Theories and Applications discusses the relevant security technologies, vulnerabilities, and potential threats, and introduces the corresponding security standards and protocols, as well as provides solutions to security concerns. Authors of each chapter in this book, mostly top researchers in relevant research fields in the U.S. and China, presented their research findings and results about the security of the following types of wireless networks: Wireless Cellular Networks, Wireless Local Area Networks (WLANs), Wireless Metropolitan Area Networks (WMANs), Bluetooth

  13. Geant4 application in a Web browser

    International Nuclear Information System (INIS)

    Garnier, Laurent

    2014-01-01

    Geant4 is a toolkit for the simulation of the passage of particles through matter. The Geant4 visualization system supports many drivers including OpenGL[1], OpenInventor, HepRep[2], DAWN[3], VRML, RayTracer, gMocren[4] and ASCIITree, with diverse and complementary functionalities. Web applications have an increasing role in our work, and thanks to emerging frameworks such as Wt [5], building a web application on top of a C++ application without rewriting all the code can be done. Because the Geant4 toolkit's visualization and user interface modules are well decoupled from the rest of Geant4, it is straightforward to adapt these modules to render in a web application instead of a computer's native window manager. The API of the Wt framework closely matches that of Qt [6], our experience in building Qt driver will benefit for Wt driver. Porting a Geant4 application to a web application is easy, and with minimal effort, Geant4 users can replicate this process to share their own Geant4 applications in a web browser.

  14. Multimedia Security System for Security and Medical Applications

    Science.gov (United States)

    Zhou, Yicong

    2010-01-01

    This dissertation introduces a new multimedia security system for the performance of object recognition and multimedia encryption in security and medical applications. The system embeds an enhancement and multimedia encryption process into the traditional recognition system in order to improve the efficiency and accuracy of object detection and…

  15. Comparing Web Applications with Desktop Applications: An Empirical Study

    DEFF Research Database (Denmark)

    Pop, Paul

    2002-01-01

    In recent years, many desktop applications have been ported to the world wide web in order to reduce (multiplatform) development, distribution and maintenance costs. However, there is little data concerning the usability of web applications, and the impact of their usability on the total cost...... of developing and using such applications. In this paper we present a comparison of web and desktop applications from the usability point of view. The comparison is based on an empirical study that investigates the performance of a group of users on two calendaring applications: Yahoo!Calendar and Microsoft...... Calendar. The study shows that in the case of web applications the performance of the users is significantly reduced, mainly because of the restricted interaction mechanisms provided by current web browsers....

  16. The Informatics Security Cost of Distributed Applications

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2010-01-01

    Full Text Available The objective, necessity, means and estimated efficiency of information security cost modeling are presented. The security requirements of distributed informatics applications are determined. Aspects regarding design, development and implementation are established. Influence factors for informatics security are presented and their correlation is analyzed. The costs associated to security processes are studied. Optimal criteria for informatics security are established. The security cost of the informatics application for validating organizational identifiers is determined using theoretical assumptions made for cost models. The conclusions highlight the validity of research results and offer perspectives for future research.

  17. Capturing Trust in Social Web Applications

    Science.gov (United States)

    O'Donovan, John

    The Social Web constitutes a shift in information flow from the traditional Web. Previously, content was provided by the owners of a website, for consumption by the end-user. Nowadays, these websites are being replaced by Social Web applications which are frameworks for the publication of user-provided content. Traditionally, Web content could be `trusted' to some extent based on the site it originated from. Algorithms such as Google's PageRank were (and still are) used to compute the importance of a website, based on analysis of underlying link topology. In the Social Web, analysis of link topology merely tells us about the importance of the information framework which hosts the content. Consumers of information still need to know about the importance/reliability of the content they are reading, and therefore about the reliability of the producers of that content. Research into trust and reputation of the producers of information in the Social Web is still very much in its infancy. Every day, people are forced to make trusting decisions about strangers on the Web based on a very limited amount of information. For example, purchasing a product from an eBay seller with a `reputation' of 99%, downloading a file from a peer-to-peer application such as Bit-Torrent, or allowing Amazon.com tell you what products you will like. Even something as simple as reading comments on a Web-blog requires the consumer to make a trusting decision about the quality of that information. In all of these example cases, and indeed throughout the Social Web, there is a pressing demand for increased information upon which we can make trusting decisions. This chapter examines the diversity of sources from which trust information can be harnessed within Social Web applications and discusses a high level classification of those sources. Three different techniques for harnessing and using trust from a range of sources are presented. These techniques are deployed in two sample Social Web

  18. Modelling Safe Interface Interactions in Web Applications

    Science.gov (United States)

    Brambilla, Marco; Cabot, Jordi; Grossniklaus, Michael

    Current Web applications embed sophisticated user interfaces and business logic. The original interaction paradigm of the Web based on static content pages that are browsed by hyperlinks is, therefore, not valid anymore. In this paper, we advocate a paradigm shift for browsers and Web applications, that improves the management of user interaction and browsing history. Pages are replaced by States as basic navigation nodes, and Back/Forward navigation along the browsing history is replaced by a full-fledged interactive application paradigm, supporting transactions at the interface level and featuring Undo/Redo capabilities. This new paradigm offers a safer and more precise interaction model, protecting the user from unexpected behaviours of the applications and the browser.

  19. Specification framework for engineering adaptive web applications

    NARCIS (Netherlands)

    Frasincar, F.; Houben, G.J.P.M.; Vdovják, R.

    2002-01-01

    The growing demand for data-driven Web applications has led to the need for a structured and controlled approach to the engineering of such applications. Both designers and developers need a framework that in all stages of the engineering process allows them to specify the relevant aspects of the

  20. Access Control of Web and Java Based Applications

    Science.gov (United States)

    Tso, Kam S.; Pajevski, Michael J.; Johnson, Bryan

    2011-01-01

    Cyber security has gained national and international attention as a result of near continuous headlines from financial institutions, retail stores, government offices and universities reporting compromised systems and stolen data. Concerns continue to rise as threats of service interruption, and spreading of viruses become ever more prevalent and serious. Controlling access to application layer resources is a critical component in a layered security solution that includes encryption, firewalls, virtual private networks, antivirus, and intrusion detection. In this paper we discuss the development of an application-level access control solution, based on an open-source access manager augmented with custom software components, to provide protection to both Web-based and Java-based client and server applications.

  1. Two Algorithms for Web Applications Assessment

    Directory of Open Access Journals (Sweden)

    Stavros Ioannis Valsamidis

    2011-09-01

    Full Text Available The usage of web applications can be measured with the use of metrics. In a LMS, a typical web application, there are no appropriate metrics which would facilitate their qualitative and quantitative measurement. The purpose of this paper is to propose the use of existing techniques with a different way, in order to analyze the log file of a typical LMS and deduce useful conclusions. Three metrics for course usage measurement are used. It also describes two algorithms for course classification and suggestion actions. The metrics and the algorithms and were in Open eClass LMS tracking data of an academic institution. The results from 39 courses presented interest insights. Although the case study concerns a LMS it can also be applied to other web applications such as e-government, e-commerce, e-banking, blogs e.t.c.

  2. Requirements of a security framework for the semantic web

    CSIR Research Space (South Africa)

    Mbaya, IR

    2009-02-01

    Full Text Available The vision of the Semantic Web is to provide the World Wide Web the ability to automate interoperate and reason about resources and services on the Web. However, the autonomous dynamic open distributed and heterogeneous nature of the Semantic Web...

  3. The Role of the Web Server in a Capstone Web Application Course

    Science.gov (United States)

    Umapathy, Karthikeyan; Wallace, F. Layne

    2010-01-01

    Web applications have become commonplace in the Information Systems curriculum. Much of the discussion about Web development for capstone courses has centered on the scripting tools. Very little has been discussed about different ways to incorporate the Web server into Web application development courses. In this paper, three different ways of…

  4. Semantic-Web Technology: Applications at NASA

    Science.gov (United States)

    Ashish, Naveen

    2004-01-01

    We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical applications. Indeed there are several ongoing 0 endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific information gathering and integration to aviation safety decision support We provide a brief overview of many applications and ongoing work with the goal of informing the external community of these NASA endeavors.

  5. HTML5 web application development by example

    CERN Document Server

    Gustafson, JM

    2013-01-01

    The best way to learn anything is by doing. The author uses a friendly tone and fun examples to ensure that you learn the basics of application development. Once you have read this book, you should have the necessary skills to build your own applications.If you have no experience but want to learn how to create applications in HTML5, this book is the only help you'll need. Using practical examples, HTML5 Web Application Development by Example will develop your knowledge and confidence in application development.

  6. Mastering web application development with Express

    CERN Document Server

    Vlăduțu, Alexandru

    2014-01-01

    If you are a Node.js developer who wants to take your Express skills to the next level and develop high performing, reliable web applications using best practices, this book is ideal for you. The only prerequisite is knowledge of Node.js.

  7. Web-based applications for virtual laboratories

    NARCIS (Netherlands)

    Bier, H.H.

    2011-01-01

    Web-based applications for academic education facilitate, usually, exchange of multimedia files, while design-oriented domains such as architectural and urban design require additional support in collaborative real-time drafting and modeling. In this context, multi-user interactive interfaces

  8. Information System Security: Army Web Site Administration, Policies, and Practices

    National Research Council Canada - National Science Library

    2002-01-01

    .... The Policy requires heads of DoD Components to establish a process to identify appropriate information for posting to Web sites and to review all information placed on publicly accessible Web sites...

  9. Techniques for Finding Vulnerabilities in Web Applications

    OpenAIRE

    Mihai Sandulescu

    2014-01-01

    The current trend is to move everything on the Internet. Because a lot of companies store sensitive user information, security has become mandatory. Usually, software developers don’t follow some basic practices in order to secure their applications. This paper will present in the second chapter, the white-box, black-box and gray-box methods which can be used in order to test applications for possible vulnerabilities. It focuses on fuzz testing, which is a black-box testing method, presented ...

  10. Determining Data Entry Points For Javascript-rich Web applications

    Directory of Open Access Journals (Sweden)

    George Maksimovich Noseevich

    2013-02-01

    Full Text Available The paper is devoted the task of automatic crawling of javascript-rich web applications for data entry points. A new technique is proposed, which combines dynamic and static javascript code analysis. Testing the proposed technique on real world web applications such as Twitter, Youtube and Reddit has confirmed its applicability for analysis of modern web applications.

  11. FASH: A web application for nucleotides sequence search

    Directory of Open Access Journals (Sweden)

    Chew Paul

    2008-05-01

    Full Text Available Abstract FASH (Fourier Alignment Sequence Heuristics is a web application, based on the Fast Fourier Transform, for finding remote homologs within a long nucleic acid sequence. Given a query sequence and a long text-sequence (e.g, the human genome, FASH detects subsequences within the text that are remotely-similar to the query. FASH offers an alternative approach to Blast/Fasta for querying long RNA/DNA sequences. FASH differs from these other approaches in that it does not depend on the existence of contiguous seed-sequences in its initial detection phase. The FASH web server is user friendly and very easy to operate. Availability FASH can be accessed at https://fash.bgu.ac.il:8443/fash/default.jsp (secured website

  12. Virtual real-time inspection of nuclear material via VRML and secure web pages

    International Nuclear Information System (INIS)

    Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

    1997-04-01

    Sandia National Laboratories' Straight Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight Line's efforts is to create a system to securely disseminate this data on the Internet's World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight Line secure 3-D web page. A discussion of the ''pros and cons'' of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at the following address: http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended

  13. Virtual real-time inspection of nuclear material via VRML and secure web pages

    International Nuclear Information System (INIS)

    Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

    1996-01-01

    Sandia National Laboratories'' Straight-Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight-Line''s efforts is to create a system to securely disseminate this data on the Internet''s World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight-Line secure 3-D web page. A discussion of the pros and cons of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at this address, http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended

  14. T-Check in Technologies for Interoperability: Web Services and Security--Single Sign-On

    National Research Council Canada - National Science Library

    Wrage, Lutz; Simanta, Soumya; Lewis, Grace A; Jaspan, Saul

    2007-01-01

    .... This technical note presents the results of applying the T-Check approach in an initial investigation of two Web services standards, WS-Security and SAML, to create an SSO solution that works inside...

  15. Secure coprocessing applications and research issues

    Energy Technology Data Exchange (ETDEWEB)

    Smith, S.W.

    1996-08-01

    The potential of secure coprocessing to address many emerging security challenges and to enable new applications has been a long-standing interest of many members of the Computer Research and Applications Group, including this author. The purpose of this paper is to summarize this thinking, by presenting a taxonomy of some potential applications and by summarizing what we regard as some particularly interesting research questions.

  16. Robust image obfuscation for privacy protection in Web 2.0 applications

    Science.gov (United States)

    Poller, Andreas; Steinebach, Martin; Liu, Huajian

    2012-03-01

    We present two approaches to robust image obfuscation based on permutation of image regions and channel intensity modulation. The proposed concept of robust image obfuscation is a step towards end-to-end security in Web 2.0 applications. It helps to protect the privacy of the users against threats caused by internet bots and web applications that extract biometric and other features from images for data-linkage purposes. The approaches described in this paper consider that images uploaded to Web 2.0 applications pass several transformations, such as scaling and JPEG compression, until the receiver downloads them. In contrast to existing approaches, our focus is on usability, therefore the primary goal is not a maximum of security but an acceptable trade-off between security and resulting image quality.

  17. Development of Content Management System-based Web Applications

    NARCIS (Netherlands)

    Souer, J.

    2012-01-01

    Web engineering is the application of systematic and quantifiable approaches (concepts, methods, techniques, tools) to cost-effective requirements analysis, design, implementation, testing, operation, and maintenance of high quality web applications. Over the past years, Content Management Systems

  18. How to Use Web 2.0 and Social Networking Sites Securely

    CERN Document Server

    Team, ITG Research

    2009-01-01

    Given the widespread use of Web 2.0 technologies and their impact in terms of the number and types of incidents and the cost of them, controlling Web 2.0 risks needs to be a high priority for all organisations. This pocket guide provides recommendations for organisations that will help them ensure that their employees are using Web 2.0 sites in a secure manner, and that their personal and confidential corporate data is protected.

  19. Technical Note: On The Usage and Development of the AWAKE Web Server and Web Applications

    CERN Document Server

    Berger, Dillon Tanner

    2017-01-01

    The purpose of this technical note is to give a brief explanation of the AWAKE Web Server, the current web applications it serves, and how to edit, maintain, and update the source code. The majority of this paper is dedicated to the development of the server and its web applications.

  20. Web Application for Actuarial Calculations for Insurance

    OpenAIRE

    Dobrev, Hristo; Kyurkchiev, Nikolay

    2013-01-01

    Report published in the Proceedings of the National Conference on "Education in the Information Society", Plovdiv, May, 2013 During the last 10 years a growing interest in the modernization of vocational education of actuaries, the content of actuarial study programs, consistent with global traditions and trends is indicated. Web application for insurance actuarial calculations is explored. Association for the Development of the Information Society, Institute of Mathematics and...

  1. Cyber security

    CERN Document Server

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  2. Life Cycle Project Plan Outline: Web Sites and Web-based Applications

    Science.gov (United States)

    This tool is a guideline for planning and checking for 508 compliance on web sites and web based applications. Determine which EIT components are covered or excepted, which 508 standards and requirements apply, and how to implement them.

  3. Creation of web applications by Rich Internet Application Adobe Flex

    OpenAIRE

    PEKA, Karel

    2011-01-01

    Bachelor work focuses on explaining the functions and development of interactive applications in Adobe Flex RIA also compared to similar web technologies such as AJAX, Microsoft Silverlight or Adobe Flash. Explain the difference between "ordinary" sites and Rich Internet Application (RIA) and the difference shows a series of demonstration examples were processed in Adobe Flash Builder (environment for building Flex applications). Also will be created large-scale application for comprehensive ...

  4. Photonics Applications and Web Engineering: WILGA 2017

    Science.gov (United States)

    Romaniuk, Ryszard S.

    2017-08-01

    XLth Wilga Summer 2017 Symposium on Photonics Applications and Web Engineering was held on 28 May-4 June 2017. The Symposium gathered over 350 participants, mainly young researchers active in optics, optoelectronics, photonics, modern optics, mechatronics, applied physics, electronics technologies and applications. There were presented around 300 oral and poster papers in a few main topical tracks, which are traditional for Wilga, including: bio-photonics, optical sensory networks, photonics-electronics-mechatronics co-design and integration, large functional system design and maintenance, Internet of Things, measurement systems for astronomy, high energy physics experiments, and other. The paper is a traditional introduction to the 2017 WILGA Summer Symposium Proceedings, and digests some of the Symposium chosen key presentations. This year Symposium was divided to the following topical sessions/conferences: Optics, Optoelectronics and Photonics, Computational and Artificial Intelligence, Biomedical Applications, Astronomical and High Energy Physics Experiments Applications, Material Research and Engineering, and Advanced Photonics and Electronics Applications in Research and Industry.

  5. Towards New Web Application Development Practices

    Directory of Open Access Journals (Sweden)

    Angeliki Poulymenakou

    1998-11-01

    Full Text Available Electronic Commerce over the Internet, aims to become a global conveyor belt of business transactions. Web applications of increasing sophistication emerge in almost every business sector, reflecting a variety of technical and technological approaches. In this paper we argue that system developers need to reconsider their professional practices in the context of these new technologies by taking advantage of opportunities like short response cycles and easy diffusion of systems results, while they recognise the limitations of traditional practice. We discuss a framework of IS development issues for Internet based applications and propose guidelines towards new development practices.

  6. Secure smart embedded devices, platforms and applications

    CERN Document Server

    Markantonakis, Konstantinos

    2013-01-01

    New generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and consider

  7. Security cost analysis in electricity markets based on voltage security criteria and Web-based implementation

    International Nuclear Information System (INIS)

    Chen, H.

    2003-01-01

    This paper presents an efficient and transparent method for electricity market operators to analyze transaction security costs and to quantify the correlation between market operation and power system operation. Rescheduling and take-risk strategies were proposed and discussed with reference to transaction impact computations, thermal and voltage limits and voltage stability criteria. The rescheduling method is associated with an iterative generation dispatch or load curtailment approach to minimize the amount of rescheduling. The take-risk method considered operating risks to facilitate transactions. The SATC concept was also proposed to accurately evaluate transmission congestion. The impact of transaction was calculated using a new sensitivity formula to find the most effective rescheduling direction and the most effective cost distribution. A new pricing method called Nodal Congestion Price was also proposed to determine proper price signals. The paper also presents an Artificial Neural Network (ANN) based short term load forecasting method that considers the effect of price on the load. A web-based prototype was implemented to allow all market participants access to the proposed analysis and pricing techniques. Several case studies have validated the effectiveness of the proposed method which would help independent system operators in determining congestion prices, coordinate transactions and make profitable market decisions

  8. Image-based electronic patient records for secured collaborative medical applications.

    Science.gov (United States)

    Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

    2005-01-01

    We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

  9. An application of TOPSIS for ranking internet web browsers

    Directory of Open Access Journals (Sweden)

    Shahram Rostampour

    2012-07-01

    Full Text Available Web browser is one of the most important internet facilities for surfing the internet. A good web browser must incorporate literally tens of features such as integrated search engine, automatic updates, etc. Each year, ten web browsers are formally introduced as top best reviewers by some organizations. In this paper, we propose the implementation of TOPSIS technique to rank ten web browsers. The proposed model of this paper uses five criteria including speed, features, security, technical support and supported configurations. In terms of speed, Safari is the best web reviewer followed by Google Chrome and Internet Explorer while Opera is the best web reviewer when we look into 20 different features. We have also ranked these web browsers using all five categories together and the results indicate that Opera, Internet explorer, Firefox and Google Chrome are the best web browsers to be chosen.

  10. Bifröst: debugging web applications as a whole

    NARCIS (Netherlands)

    K.B. van der Vlist (Kevin)

    2013-01-01

    htmlabstractEven though web application development is supported by professional tooling, debugging support is lacking. If one starts to debug a web application, hardly any tooling support exists. Only the core components like server processes and a web browser are exposed. Developers need to

  11. Information Security Controls against Cross-Site Request Forgery Attacks on Software Applications of Automated Systems

    Science.gov (United States)

    Barabanov, A. V.; Markov, A. S.; Tsirlov, V. L.

    2018-05-01

    This paper presents statistical results and their consolidation, which were received in the study into security of various web-application against cross-site request forgery attacks. Some of the results were received in the study carried out within the framework of certification for compliance with information security requirements. The paper provides the results of consolidating information about the attack and protection measures, which are currently used by the developers of web-applications. It specifies results of the study, which demonstrate various distribution types: distribution of identified vulnerabilities as per the developer type (Russian and foreign), distribution of the security measures used in web-applications, distribution of the identified vulnerabilities as per the programming languages, data on the number of security measures that are used in the studied web-applications. The results of the study show that in most cases the developers of web-applications do not pay due attention to protection against cross-site request forgery attacks. The authors give recommendations to the developers that are planning to undergo a certification process for their software applications.

  12. Extending Symfony 2 web application framework

    CERN Document Server

    Armand, Sébastien

    2014-01-01

    Symfony is a high performance PHP framework for developing MVC web applications. Symfony1 allowed for ease of use but its shortcoming was the difficulty of extending it. However, this difficulty has now been eradicated by the more powerful and extensible Symfony2. Information on more advanced techniques for extending Symfony can be difficult to find, so you need one resource that contains the advanced features in a way you can understand. This tutorial offers solutions to all your Symfony extension problems. You will get to grips with all the extension points that Symfony, Twig, and Doctrine o

  13. Development of Content Management System-based Web Applications

    OpenAIRE

    Souer, J.

    2012-01-01

    Web engineering is the application of systematic and quantifiable approaches (concepts, methods, techniques, tools) to cost-effective requirements analysis, design, implementation, testing, operation, and maintenance of high quality web applications. Over the past years, Content Management Systems (CMS) have emerged as an important foundation for the web engineering process. CMS can be defined as a tool for the creation, editing and management of web information in an integral way. A CMS appe...

  14. Anonymous Web Browsing and Hosting

    OpenAIRE

    MANOJ KUMAR; ANUJ RANI

    2013-01-01

    In today’s high tech environment every organization, individual computer users use internet for accessing web data. To maintain high confidentiality and security of the data secure web solutions are required. In this paper we described dedicated anonymous web browsing solutions which makes our browsing faster and secure. Web application which play important role for transferring our secret information including like email need more and more security concerns. This paper also describes that ho...

  15. Web technology for emergency medicine and secure transmission of electronic patient records.

    Science.gov (United States)

    Halamka, J D

    1998-01-01

    The American Heritage dictionary defines the word "web" as "something intricately contrived, especially something that ensnares or entangles." The wealth of medical resources on the World Wide Web is now so extensive, yet disorganized and unmonitored, that such a definition seems fitting. In emergency medicine, for example, a field in which accurate and complete information, including patients' records, is urgently needed, more than 5000 Web pages are available today, whereas fewer than 50 were available in December 1994. Most sites are static Web pages using the Internet to publish textbook material, but new technology is extending the scope of the Internet to include online medical education and secure exchange of clinical information. This article lists some of the best Web sites for use in emergency medicine and then describes a project in which the Web is used for transmission and protection of electronic medical records.

  16. A Study of Gaps in Defensive Countermeasures for Web Security

    Science.gov (United States)

    2016-10-14

    MySQL , and PHP (LAMP) system. A more recent work in this domain, Passe [4] automates most of this process by extracting data and control flow... course , require access to the source code of the web server and are, therefore, not binary compatible (C.2). 22 Moreover such countermeasures also do

  17. Irradiation applications for homeland security

    International Nuclear Information System (INIS)

    Desrosiers, Marc F.

    2004-01-01

    In October 2001, first-class mail laced with anthrax was sent to political and media targets resulting in several deaths, illnesses, significant mail-service disruption, and economic loss. The White House Office of Science and Technology Policy established a technical task force on mail decontamination that included three key agencies: National Institute of Standards and Technology with responsibility for radiation dosimetry and coordinating and performing experiments at industrial accelerator facilities; the Armed Forces Radiobiology Research Institute with responsibility for radiobiology; and the US Postal Service with responsibility for radiation-processing quality assurance and quality control. An overview of the anthrax attack decontamination events will be presented as well as expectations for growth in this area and the prospects of other homeland security areas where irradiation technology can be applied

  18. A novel methodology towards a trusted environment in mashup web applications

    DEFF Research Database (Denmark)

    Patel, Ahmed; Al-Janabi, Samaher; AlShourbaji, Ibrahim

    2015-01-01

    A mashup is a web-based application developed through aggregation of data from different public external or internal sources (including trusted and untrusted). Mashup introduces an open environment that is exposed to many security vulnerabilities, threats and risks. These weaknesses will bring se...

  19. Artificial immune system applications in computer security

    CERN Document Server

    Tan, Ying

    2016-01-01

    This book provides state-of-the-art information on the use, design, and development of the Artificial Immune System (AIS) and AIS-based solutions to computer security issues. Artificial Immune System: Applications in Computer Security focuses on the technologies and applications of AIS in malware detection proposed in recent years by the Computational Intelligence Laboratory of Peking University (CIL@PKU). It offers a theoretical perspective as well as practical solutions for readers interested in AIS, machine learning, pattern recognition and computer security. The book begins by introducing the basic concepts, typical algorithms, important features, and some applications of AIS. The second chapter introduces malware and its detection methods, especially for immune-based malware detection approaches. Successive chapters present a variety of advanced detection approaches for malware, including Virus Detection System, K-Nearest Neighbour (KNN), RBF networ s, and Support Vector Machines (SVM), Danger theory, ...

  20. Applications for cyber security - System and application monitoring

    International Nuclear Information System (INIS)

    Marron, J. E.

    2006-01-01

    Standard network security measures are adequate for defense against external attacks. However, many experts agree that the greater threat is from internal sources. Insiders with malicious intentions can change controller instructions, change alarm thresholds, and issue commands to equipment which can damage equipment and compromise control system integrity. In addition to strict physical security the state of the system must be continually monitored. System and application monitoring goes beyond the capabilities of network security appliances. It will include active processes, operating system services, files, network adapters and IP addresses. The generation of alarms is a crucial feature of system and application monitoring. The alarms should be integrated to avoid the burden on operators of checking multiple locations for security violations. Tools for system and application monitoring include commercial software, free software, and ad-hoc tools that can be easily created. System and application monitoring is part of a 'defense-in-depth' approach to a control network security plan. Layered security measures prevent an individual security measure failure from being exploited into a successful security breach. Alarming of individual failures is essential for rapid isolation and correction of single failures. System and application monitoring is the innermost layer of this defense strategy. (authors)

  1. Sistem Informasi Perpustakaan Berbasis Web Application

    Directory of Open Access Journals (Sweden)

    Yudie Irawan

    2014-01-01

    Full Text Available Digital  library  system  contributes  the  development  of  digital  resource  digital  resource  that  can  be accessed  via the  Internet.  Librarymanagement system contributed to the development of automation membership data processing, circulation and cataloging. In this thesisis  to develop  a new  concept of  digital  library  systems  and  library  management  system  by  integrating  these  two systems  architecture. Integration  architecture  implemented  by  inserting  component  library  management  system  into  the  digital  library  system  architecture. Web application technology required for these components in order to be integrated with the digital library system components.  The newsystem  has  the advantage  of  this  development  application  utilization  of  borrowing,  membership  and  kataloging  to  a  sharable  over the internet,  so  applications  that  can  be used  together.  Information  can be  delivered  between the  library  catalog,  without  leaving the  digitallibrary function in the utilization of shared digital resources derived from uploading by each librarian.Keywords : Digital library system; Library management system; Web application

  2. Information Security Management of Web Portals Based on Joomla CMS

    OpenAIRE

    Lemes, Samir

    2014-01-01

    Information is the key asset of all organizations and can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or by electronic means, shown in films, or spoken in conversation. In today's competitive business environment, such information is constantly under threat from many sources, which can be internal, external, accidental, or malicious. Joomla is a very popular Content Management System (CMS) used for web page maintenance. This highly ve...

  3. APFEL Web a web-based application for the graphical visualization of parton distribution functions

    CERN Document Server

    Carrazza, Stefano; Palazzo, Daniele; Rojo, Juan

    2015-01-01

    We present APFEL Web, a web-based application designed to provide a flexible user-friendly tool for the graphical visualization of parton distribution functions (PDFs). In this note we describe the technical design of the APFEL Web application, motivating the choices and the framework used for the development of this project. We document the basic usage of APFEL Web and show how it can be used to provide useful input for a variety of collider phenomenological studies. Finally we provide some examples showing the output generated by the application.

  4. APFEL Web: a web-based application for the graphical visualization of parton distribution functions

    International Nuclear Information System (INIS)

    Carrazza, Stefano; Ferrara, Alfio; Palazzo, Daniele; Rojo, Juan

    2015-01-01

    We present APFEL Web, a Web-based application designed to provide a flexible user-friendly tool for the graphical visualization of parton distribution functions. In this note we describe the technical design of the APFEL Web application, motivating the choices and the framework used for the development of this project. We document the basic usage of APFEL Web and show how it can be used to provide useful input for a variety of collider phenomenological studies. Finally we provide some examples showing the output generated by the application. (note)

  5. Het ontwikkelen van een web performance en security analyse applicatie

    NARCIS (Netherlands)

    O. Hawker

    2017-01-01

    Doelstelling van de opdracht is om vier security en performance aspecten van een website te meten of bepalen. Dit wordt gedaan met behulp van een site crawler. De resultaten van de metingen inclusief de trends van vorige scans worden aan de gebruiker gepresenteerd. Als laatst moet er rekening met de

  6. Performance and Security Evaluation of Biometric-Based Web ...

    African Journals Online (AJOL)

    PROF. O. E. OSUAGWU

    2013-12-01

    Dec 1, 2013 ... vulnerabilities that have put different business organisations ... guidelines aimed at managing the risks from the open nature of ... Automated Attendance Management System ... effects of aging, the small-scale radial features of the iris ..... [1] Dror, E. & Shaikh, A., 2005. ... Fundamentals of Network Security.

  7. Using secure web services to visualize poison center data for nationwide biosurveillance: a case study.

    Science.gov (United States)

    Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M Barry; Lee, Brian; Stinn, John; Worthen, Katherine

    2010-01-01

    Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance.

  8. MEMS and MOEMS for national security applications

    Science.gov (United States)

    Scott, Marion W.

    2003-01-01

    Major opportunities for microsystem insertion into commercial applications, such as telecommunications and medical prosthesis, are well known. Less well known are applications that ensure the security of our nation, the protection of its armed forces, and the safety of its citizens. Microsystems enable entirely new possibilities to meet National Security needs, which can be classed along three lines: anticipating security needs and threats, deterring the efficacy of identified threats, and defending against the application of these threats. In each of these areas, specific products that are enabled by MEMS and MOEMS are discussed. In the area of anticipating needs and threats, sensored microsystems designed for chem/bio/nuclear threats, and sensors for border and asset protection can significantly secure our borders, ports, and transportation systems. Key features for these applications include adaptive optics and spectroscopic capabilities. Microsystems to monitor soil and water quality can be used to secure critical infrastructure, food safety can be improved by in-situ identification of pathogens, and sensored buildings can ensure the architectural safety of our homes and workplaces. A challenge to commercializing these opportunities, and thus making them available for National Security needs, is developing predictable markets and predictable technology roadmaps. The integrated circuit manufacturing industry provides an example of predictable technology maturation and market insertion, primarily due to the existence of a "unit cell" that allows volume manufacturing. It is not clear that microsystems can follow an analogous path. The possible paths to affordable low-volume production, as well as the prospects of a microsystems unit cell, are discussed.

  9. Secure web book to store structural genomics research data.

    Science.gov (United States)

    Manjasetty, Babu A; Höppner, Klaus; Mueller, Uwe; Heinemann, Udo

    2003-01-01

    Recently established collaborative structural genomics programs aim at significantly accelerating the crystal structure analysis of proteins. These large-scale projects require efficient data management systems to ensure seamless collaboration between different groups of scientists working towards the same goal. Within the Berlin-based Protein Structure Factory, the synchrotron X-ray data collection and the subsequent crystal structure analysis tasks are located at BESSY, a third-generation synchrotron source. To organize file-based communication and data transfer at the BESSY site of the Protein Structure Factory, we have developed the web-based BCLIMS, the BESSY Crystallography Laboratory Information Management System. BCLIMS is a relational data management system which is powered by MySQL as the database engine and Apache HTTP as the web server. The database interface routines are written in Python programing language. The software is freely available to academic users. Here we describe the storage, retrieval and manipulation of laboratory information, mainly pertaining to the synchrotron X-ray diffraction experiments and the subsequent protein structure analysis, using BCLIMS.

  10. WebViz: A web browser based application for collaborative analysis of 3D data

    Science.gov (United States)

    Ruegg, C. S.

    2011-12-01

    In the age of high speed Internet where people can interact instantly, scientific tools have lacked technology which can incorporate this concept of communication using the web. To solve this issue a web application for geological studies has been created, tentatively titled WebViz. This web application utilizes tools provided by Google Web Toolkit to create an AJAX web application capable of features found in non web based software. Using these tools, a web application can be created to act as piece of software from anywhere in the globe with a reasonably speedy Internet connection. An application of this technology can be seen with data regarding the recent tsunami from the major japan earthquakes. After constructing the appropriate data to fit a computer render software called HVR, WebViz can request images of the tsunami data and display it to anyone who has access to the application. This convenience alone makes WebViz a viable solution, but the option to interact with this data with others around the world causes WebViz to be taken as a serious computational tool. WebViz also can be used on any javascript enabled browser such as those found on modern tablets and smart phones over a fast wireless connection. Due to the fact that WebViz's current state is built using Google Web Toolkit the portability of the application is in it's most efficient form. Though many developers have been involved with the project, each person has contributed to increase the usability and speed of the application. In the project's most recent form a dramatic speed increase has been designed as well as a more efficient user interface. The speed increase has been informally noticed in recent uses of the application in China and Australia with the hosting server being located at the University of Minnesota. The user interface has been improved to not only look better but the functionality has been improved. Major functions of the application are rotating the 3D object using buttons

  11. Secure grid-based computing with social-network based trust management in the semantic web

    Czech Academy of Sciences Publication Activity Database

    Špánek, Roman; Tůma, Miroslav

    2006-01-01

    Roč. 16, č. 6 (2006), s. 475-488 ISSN 1210-0552 R&D Projects: GA AV ČR 1ET100300419; GA MŠk 1M0554 Institutional research plan: CEZ:AV0Z10300504 Keywords : semantic web * grid computing * trust management * reconfigurable networks * security * hypergraph model * hypergraph algorithms Subject RIV: IN - Informatics, Computer Science

  12. A new measurement of workload in Web application reliability assessment

    Directory of Open Access Journals (Sweden)

    CUI Xia

    2015-02-01

    Full Text Available Web application has been popular in various fields of social life.It becomes more and more important to study the reliability of Web application.In this paper the definition of Web application failure is firstly brought out,and then the definition of Web application reliability.By analyzing data in the IIS server logs and selecting corresponding usage and information delivery failure data,the paper study the feasibility of Web application reliability assessment from the perspective of Web software system based on IIS server logs.Because the usage for a Web site often has certain regularity,a new measurement of workload in Web application reliability assessment is raised.In this method,the unit is removed by weighted average technique;and the weights are assessed by setting objective function and optimization.Finally an experiment was raised for validation.The experiment result shows the assessment of Web application reliability base on the new workload is better.

  13. IBM WebSphere Application Server 80 Administration Guide

    CERN Document Server

    Robinson, Steve

    2011-01-01

    IBM WebSphere Application Server 8.0 Administration Guide is a highly practical, example-driven tutorial. You will be introduced to WebSphere Application Server 8.0, and guided through configuration, deployment, and tuning for optimum performance. If you are an administrator who wants to get up and running with IBM WebSphere Application Server 8.0, then this book is not to be missed. Experience with WebSphere and Java would be an advantage, but is not essential.

  14. A web services choreography scenario for interoperating bioinformatics applications

    Directory of Open Access Journals (Sweden)

    Cheung David W

    2004-03-01

    Full Text Available Abstract Background Very often genome-wide data analysis requires the interoperation of multiple databases and analytic tools. A large number of genome databases and bioinformatics applications are available through the web, but it is difficult to automate interoperation because: 1 the platforms on which the applications run are heterogeneous, 2 their web interface is not machine-friendly, 3 they use a non-standard format for data input and output, 4 they do not exploit standards to define application interface and message exchange, and 5 existing protocols for remote messaging are often not firewall-friendly. To overcome these issues, web services have emerged as a standard XML-based model for message exchange between heterogeneous applications. Web services engines have been developed to manage the configuration and execution of a web services workflow. Results To demonstrate the benefit of using web services over traditional web interfaces, we compare the two implementations of HAPI, a gene expression analysis utility developed by the University of California San Diego (UCSD that allows visual characterization of groups or clusters of genes based on the biomedical literature. This utility takes a set of microarray spot IDs as input and outputs a hierarchy of MeSH Keywords that correlates to the input and is grouped by Medical Subject Heading (MeSH category. While the HTML output is easy for humans to visualize, it is difficult for computer applications to interpret semantically. To facilitate the capability of machine processing, we have created a workflow of three web services that replicates the HAPI functionality. These web services use document-style messages, which means that messages are encoded in an XML-based format. We compared three approaches to the implementation of an XML-based workflow: a hard coded Java application, Collaxa BPEL Server and Taverna Workbench. The Java program functions as a web services engine and interoperates

  15. Just-in-time Database-Driven Web Applications

    Science.gov (United States)

    2003-01-01

    "Just-in-time" database-driven Web applications are inexpensive, quickly-developed software that can be put to many uses within a health care organization. Database-driven Web applications garnered 73873 hits on our system-wide intranet in 2002. They enabled collaboration and communication via user-friendly Web browser-based interfaces for both mission-critical and patient-care-critical functions. Nineteen database-driven Web applications were developed. The application categories that comprised 80% of the hits were results reporting (27%), graduate medical education (26%), research (20%), and bed availability (8%). The mean number of hits per application was 3888 (SD = 5598; range, 14-19879). A model is described for just-in-time database-driven Web application development and an example given with a popular HTML editor and database program. PMID:14517109

  16. Increasing Distributed IT&C Application Security

    Directory of Open Access Journals (Sweden)

    Ion IVAN

    2013-01-01

    Full Text Available The development of distributed IT & C applications – DIA is presented alongside their main characteristics and the actors involved in activities through-out their lifecycle are identified in the before-mentioned scope. Aspects pertaining security risks, as well as methods of enhancing security, are detailed by DIA architectural features. The analysis includes risk elements, vulnerabilities, means of enhancing the behavior of the system, as well as a hierarchical feature dependency model based on a qualitative assessment of DIA security features, obtained through an inquiry in the common means of protection used by Romanian professionals, as well as their prioritization in the context of limited resources. A graph-based model of feature interactions is built. The last section deals with the ways of improving risk detection methods, as derived from the answers and features presented.

  17. Recent advancements on the development of web-based applications for the implementation of seismic analysis and surveillance systems

    Science.gov (United States)

    Friberg, P. A.; Luis, R. S.; Quintiliani, M.; Lisowski, S.; Hunter, S.

    2014-12-01

    Recently, a novel set of modules has been included in the Open Source Earthworm seismic data processing system, supporting the use of web applications. These include the Mole sub-system, for storing relevant event data in a MySQL database (see M. Quintiliani and S. Pintore, SRL, 2013), and an embedded webserver, Moleserv, for serving such data to web clients in QuakeML format. These modules have enabled, for the first time using Earthworm, the use of web applications for seismic data processing. These can greatly simplify the operation and maintenance of seismic data processing centers by having one or more servers providing the relevant data as well as the data processing applications themselves to client machines running arbitrary operating systems.Web applications with secure online web access allow operators to work anywhere, without the often cumbersome and bandwidth hungry use of secure shell or virtual private networks. Furthermore, web applications can seamlessly access third party data repositories to acquire additional information, such as maps. Finally, the usage of HTML email brought the possibility of specialized web applications, to be used in email clients. This is the case of EWHTMLEmail, which produces event notification emails that are in fact simple web applications for plotting relevant seismic data.Providing web services as part of Earthworm has enabled a number of other tools as well. One is ISTI's EZ Earthworm, a web based command and control system for an otherwise command line driven system; another is a waveform web service. The waveform web service serves Earthworm data to additional web clients for plotting, picking, and other web-based processing tools. The current Earthworm waveform web service hosts an advanced plotting capability for providing views of event-based waveforms from a Mole database served by Moleserve.The current trend towards the usage of cloud services supported by web applications is driving improvements in Java

  18. Invariant-Based Automatic Testing of Modern Web Applications

    NARCIS (Netherlands)

    Mesbah, A.; Van Deursen, A.; Roest, D.

    2011-01-01

    AJAX-based Web 2.0 applications rely on stateful asynchronous client/server communication, and client-side run-time manipulation of the DOM tree. This not only makes them fundamentally different from traditional web applications, but also more error-prone and harder to test. We propose a method for

  19. Programming Collective Intelligence Building Smart Web 2.0 Applications

    CERN Document Server

    Segaran, Toby

    2008-01-01

    This fascinating book demonstrates how you can build web applications to mine the enormous amount of data created by people on the Internet. With the sophisticated algorithms in this book, you can write smart programs to access interesting datasets from other web sites, collect data from users of your own applications, and analyze and understand the data once you've found it.

  20. Advances in Electronic Commerce, Web Application and Communication v.1

    CERN Document Server

    Lin, Sally; Second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012)

    2012-01-01

    ECWAC2012 is an integrated conference devoted to Electronic Commerce, Web Application and Communication. In the this proceedings you can find the carefully reviewed scientific outcome of the second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012) held at March 17-18,2012  in Wuhan, China, bringing together researchers from all around the world in the field.

  1. Crawl-Based Analysis of Web Applications : Prospects and Challenges

    NARCIS (Netherlands)

    Van Deursen, A.; Mesbah, A.; Nederlof, A.

    2014-01-01

    In this paper we review five years of research in the field of automated crawling and testing of web applications. We describe the open source Crawljax tool, and the various extensions that have been proposed in order to address such issues as cross-browser compatibility testing, web application

  2. Engineering semantic-based interactive multi-device web applications

    NARCIS (Netherlands)

    Bellekens, P.A.E.; Sluijs, van der K.A.M.; Aroyo, L.M.; Houben, G.J.P.M.; Baresi, L.; Fraternali, P.; Houben, G.J.

    2007-01-01

    To build high-quality personalized Web applications developers have to deal with a number of complex problems. We look at the growing class of personalized Web Applications that share three characteristic challenges. Firstly, the semantic problem of how to enable content reuse and integration.

  3. Advances in Electronic Commerce, Web Application and Communication v.2

    CERN Document Server

    Lin, Sally; Second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012)

    2012-01-01

    ECWAC2012 is an integrated conference devoted to Electronic Commerce, Web Application and Communication. In the this proceedings you can find the carefully reviewed scientific outcome of the second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012) held at March 17-18,2012  in Wuhan, China, bringing together researchers from all around the world in the field.

  4. Raman Spectroscopy for Homeland Security Applications

    Directory of Open Access Journals (Sweden)

    Gregory Mogilevsky

    2012-01-01

    Full Text Available Raman spectroscopy is an analytical technique with vast applications in the homeland security and defense arenas. The Raman effect is defined by the inelastic interaction of the incident laser with the analyte molecule’s vibrational modes, which can be exploited to detect and identify chemicals in various environments and for the detection of hazards in the field, at checkpoints, or in a forensic laboratory with no contact with the substance. A major source of error that overwhelms the Raman signal is fluorescence caused by the background and the sample matrix. Novel methods are being developed to enhance the Raman signal’s sensitivity and to reduce the effects of fluorescence by altering how the hazard material interacts with its environment and the incident laser. Basic Raman techniques applicable to homeland security applications include conventional (off-resonance Raman spectroscopy, surface-enhanced Raman spectroscopy (SERS, resonance Raman spectroscopy, and spatially or temporally offset Raman spectroscopy (SORS and TORS. Additional emerging Raman techniques, including remote Raman detection, Raman imaging, and Heterodyne imaging, are being developed to further enhance the Raman signal, mitigate fluorescence effects, and monitor hazards at a distance for use in homeland security and defense applications.

  5. Video motion detection for physical security applications

    International Nuclear Information System (INIS)

    Matter, J.C.

    1990-01-01

    Physical security specialists have been attracted to the concept of video motion detection for several years. Claimed potential advantages included additional benefit from existing video surveillance systems, automatic detection, improved performance compared to human observers, and cost-effectiveness. In recent years, significant advances in image-processing dedicated hardware and image analysis algorithms and software have accelerated the successful application of video motion detection systems to a variety of physical security applications. Early video motion detectors (VMDs) were useful for interior applications of volumetric sensing. Success depended on having a relatively well-controlled environment. Attempts to use these systems outdoors frequently resulted in an unacceptable number of nuisance alarms. Currently, Sandia National Laboratories (SNL) is developing several advanced systems that employ image-processing techniques for a broader set of safeguards and security applications. The Target Cueing and Tracking System (TCATS), the Video Imaging System for Detection, Tracking, and Assessment (VISDTA), the Linear Infrared Scanning Array (LISA); the Mobile Intrusion Detection and Assessment System (MIDAS), and the Visual Artificially Intelligent Surveillance (VAIS) systems are described briefly

  6. Chemical Sniffing Instrumentation for Security Applications.

    Science.gov (United States)

    Giannoukos, Stamatios; Brkić, Boris; Taylor, Stephen; Marshall, Alan; Verbeck, Guido F

    2016-07-27

    Border control for homeland security faces major challenges worldwide due to chemical threats from national and/or international terrorism as well as organized crime. A wide range of technologies and systems with threat detection and monitoring capabilities has emerged to identify the chemical footprint associated with these illegal activities. This review paper investigates artificial sniffing technologies used as chemical sensors for point-of-use chemical analysis, especially during border security applications. This article presents an overview of (a) the existing available technologies reported in the scientific literature for threat screening, (b) commercially available, portable (hand-held and stand-off) chemical detection systems, and (c) their underlying functional and operational principles. Emphasis is given to technologies that have been developed for in-field security operations, but laboratory developed techniques are also summarized as emerging technologies. The chemical analytes of interest in this review are (a) volatile organic compounds (VOCs) associated with security applications (e.g., illegal, hazardous, and terrorist events), (b) chemical "signatures" associated with human presence, and (c) threat compounds (drugs, explosives, and chemical warfare agents).

  7. SproutCore web application development

    CERN Document Server

    Keating, Tyler

    2013-01-01

    Written as a practical, step-by-step tutorial, Creating HTML5 Apps with SproutCore is full of engaging examples to help you learn in a practical context.This book is for any person looking to write software for the Web or already writing software for the Web. Whether your background is in web development or in software development, Creating HTML5 Apps with SproutCore will help you expand your skills so that you will be ready to apply the software development principles in the web development space.

  8. Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

    Directory of Open Access Journals (Sweden)

    Mohammed Abdulridha Hussain

    2017-01-01

    Full Text Available Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP to transfer information and Secure Sockets Layer (SSL to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.

  9. Dod physical security equipment application experience

    International Nuclear Information System (INIS)

    Dixon, H.M.

    1978-01-01

    In the Department of Defense, the subject of physical security is very broad in scope. Its application ranges from countering the shoplifters in the post exchange facilities to the sophisticated terrorist who may attempt to obtain access to one of our nuclear weapons. This paper focuses on the area of specific interest to the members of INMM which is the protection of nuclear devices and the classified information associated with them

  10. Pro PHP Security From Application Security Principles to the Implementation of XSS Defenses

    CERN Document Server

    Snyder, Chris; Southwell, Michael

    2010-01-01

    PHP security, just like PHP itself, has advanced. Updated for PHP 5.3, the second edition of this authoritative PHP security book covers foundational PHP security topics like SQL injection, XSS, user authentication, and secure PHP development. Chris Snyder and Tom Myer also dive into recent developments like mobile security, the impact of Javascript, and the advantages of recent PHP hardening efforts. Pro PHP Security, Second Edition will serve as your complete guide for taking defensive and proactive security measures within your PHP applications. Beginners in secure programming will find a l

  11. web2py Application Development Cookbook

    CERN Document Server

    Mulone, Pablo Martin; Gordon, Richard

    2012-01-01

    This is a cookbook and you may read the chapters in any order. The recipes need not be read sequentially. There are a good amount of code examples and relevant screenshots to ease learning pains. The target audience are Python developers with basic knowledge of web2py who want to gain further knowledge of web2py

  12. AngularJS web application development

    CERN Document Server

    Darwin, Peter Bacon

    2013-01-01

    The book will be a step-by-step guide showing the readers how to build a complete web app with AngularJSJavaScript developers who want to learn AngularJS for developing web apps. Knowledge of JavaScript and HTML is expected. No knowledge of AngularJS is required.

  13. Reputation based security model for android applications

    OpenAIRE

    Tesfay, Welderufael Berhane; Booth, Todd; Andersson, Karl

    2012-01-01

    The market for smart phones has been booming in the past few years. There are now over 400,000 applications on the Android market. Over 10 billion Android applications have been downloaded from the Android market. Due to the Android popularity, there are now a large number of malicious vendors targeting the platform. Many honest end users are being successfully hacked on a regular basis. In this work, a cloud based reputation security model has been proposed as a solution which greatly mitiga...

  14. iOS application security analysis

    OpenAIRE

    Βλάχος, Κωνσταντίνος Γ.; Vlachos, Konstantinos G.

    2017-01-01

    The purpose of this research is to explain the nature of the Apple iOS applications and provide all the available Open Source tools for analyzing them, starting from decrypting any application’s binary downloaded from the AppStore to reverse engineering it and even altering the flow of its running process on the actual device. We start introducing the basic theory of the iOS operating system and its applications including the security mechanisms incorporated by Apple that are a...

  15. The Semantics of Web Services: An Examination in GIScience Applications

    Directory of Open Access Journals (Sweden)

    Xuan Shi

    2013-09-01

    Full Text Available Web service is a technological solution for software interoperability that supports the seamless integration of diverse applications. In the vision of web service architecture, web services are described by the Web Service Description Language (WSDL, discovered through Universal Description, Discovery and Integration (UDDI and communicate by the Simple Object Access Protocol (SOAP. Such a divination has never been fully accomplished yet. Although it was criticized that WSDL only has a syntactic definition of web services, but was not semantic, prior initiatives in semantic web services did not establish a correct methodology to resolve the problem. This paper examines the distinction and relationship between the syntactic and semantic definitions for web services that characterize different purposes in service computation. Further, this paper proposes that the semantics of web service are neutral and independent from the service interface definition, data types and platform. Such a conclusion can be a universal law in software engineering and service computing. Several use cases in the GIScience application are examined in this paper, while the formalization of geospatial services needs to be constructed by the GIScience community towards a comprehensive ontology of the conceptual definitions and relationships for geospatial computation. Advancements in semantic web services research will happen in domain science applications.

  16. A Web Based Financial and Accounting Software Application

    Directory of Open Access Journals (Sweden)

    Doru E. TILIUTE

    2010-01-01

    Full Text Available The Client-server applications become more attractivein comparison with their counterpart desktop-type due to someincontestable advantages. Among the client-server applicationssome uses the Web environment providing full access fromanywhere and anytime to all application features. The presentwork presents the fist results in the achievement of a web basedfinancial and accounting application using open-sourcestechnologies and programming languages (Apache, MySQL,PHP and JavaScript

  17. Web Application Design Using Server-Side JavaScript

    Energy Technology Data Exchange (ETDEWEB)

    Hampton, J.; Simons, R.

    1999-02-01

    This document describes the application design philosophy for the Comprehensive Nuclear Test Ban Treaty Research & Development Web Site. This design incorporates object-oriented techniques to produce a flexible and maintainable system of applications that support the web site. These techniques will be discussed at length along with the issues they address. The overall structure of the applications and their relationships with one another will also be described. The current problems and future design changes will be discussed as well.

  18. ANALYSIS OF WEB MINING APPLICATIONS AND BENEFICIAL AREAS

    Directory of Open Access Journals (Sweden)

    Khaleel Ahmad

    2011-10-01

    Full Text Available The main purpose of this paper is to study the process of Web mining techniques, features, application ( e-commerce and e-business and its beneficial areas. Web mining has become more popular and its widely used in varies application areas (such as business intelligent system, e-commerce and e-business. The e-commerce or e-business results are bettered by the application of the mining techniques such as data mining and text mining, among all the mining techniques web mining is better.

  19. Peningkatan Efisiensi dan Efektifitas Layanan Dosen dalam Pemanfaatan Web Application

    Directory of Open Access Journals (Sweden)

    Reina Reina

    2013-06-01

    Full Text Available This study aims to determine the benefits of a web application in improving the efficiency and effectiveness of services to lecturers. The research method consists of literature study and data collection analysis based on observations. Implementing a web application, an observation is conducted followed by a comparison on data prior to the implementation. The evaluation results show that the implementation of a web application improves efficiency and effectiveness in the use of time and resources in providing services to lecturers in information access.

  20. A Sample WebQuest Applicable in Teaching Topological Concepts

    Science.gov (United States)

    Yildiz, Sevda Goktepe; Korpeoglu, Seda Goktepe

    2016-01-01

    In recent years, WebQuests have received a great deal of attention and have been used effectively in teaching-learning process in various courses. In this study, a WebQuest that can be applicable in teaching topological concepts for undergraduate level students was prepared. A number of topological concepts, such as countability, infinity, and…

  1. Ontology-Based Information Visualization: Toward Semantic Web Applications

    NARCIS (Netherlands)

    Fluit, Christiaan; Sabou, Marta; Harmelen, Frank van

    2006-01-01

    The Semantic Web is an extension of the current World Wide Web, based on the idea of exchanging information with explicit, formal, and machine-accessible descriptions of meaning. Providing information with such semantics will enable the construction of applications that have an increased awareness

  2. Ajax and Firefox: New Web Applications and Browsers

    Science.gov (United States)

    Godwin-Jones, Bob

    2005-01-01

    Alternative browsers are gaining significant market share, and both Apple and Microsoft are releasing OS upgrades which portend some interesting changes in Web development. Of particular interest for language learning professionals may be new developments in the area of Web browser based applications, particularly using an approach dubbed "Ajax."…

  3. Exploring the concept of web site customization : applications and antecedents

    NARCIS (Netherlands)

    Teerling, M.L.; Huizingh, Eelko K.R.E.

    2006-01-01

    While mass customization is the tailoring of products and services to the needs and wants of individual customers, web site customization is the tailoring of web sites to individual customers’ preferences. Based on a review of site customization applications, the authors propose a model with four

  4. Building rich and interactive web applications with CoverageJSON

    OpenAIRE

    Blower, Jon; Riechert, Maik; Griffiths, Guy; Kumar, Mridul; Williams, Riley

    2017-01-01

    Web browsers are becoming increasingly capable as visualisation and analysis platformsLots of tools and libraries are built around images and “simple features”GeoJSON, KML, OpenLayers, Leaflet ...Formats and tools for scientific / meteorological data are not always web-friendlyComplex, binary, desktop-orientedLarge variety, usually community-specific=> Lots of people building ad-hoc solutions for web applicationsWe want to bring scientific data within the reach of more Web and mobile app deve...

  5. Secure Web-based Ground System User Interfaces over the Open Internet

    Science.gov (United States)

    Langston, James H.; Murray, Henry L.; Hunt, Gary R.

    1998-01-01

    A prototype has been developed which makes use of commercially available products in conjunction with the Java programming language to provide a secure user interface for command and control over the open Internet. This paper reports successful demonstration of: (1) Security over the Internet, including encryption and certification; (2) Integration of Java applets with a COTS command and control product; (3) Remote spacecraft commanding using the Internet. The Java-based Spacecraft Web Interface to Telemetry and Command Handling (Jswitch) ground system prototype provides these capabilities. This activity demonstrates the use and integration of current technologies to enable a spacecraft engineer or flight operator to monitor and control a spacecraft from a user interface communicating over the open Internet using standard World Wide Web (WWW) protocols and commercial off-the-shelf (COTS) products. The core command and control functions are provided by the COTS Epoch 2000 product. The standard WWW tools and browsers are used in conjunction with the Java programming technology. Security is provided with the current encryption and certification technology. This system prototype is a step in the direction of giving scientist and flight operators Web-based access to instrument, payload, and spacecraft data.

  6. SAFE/SNAP application to shipboard security

    International Nuclear Information System (INIS)

    Grady, L.M.; Walker, J.L.; Polito, J.

    1981-11-01

    An application of the combined Safeguards Automated Facility Evaluation/Safeguards Network Analysis Procedure (SAFE/SNAP) modeling technique to a physical protection system (PPS) aboard a generic ship is described. This application was performed as an example of how the SAFE and SNAP techniques could be used. Estimates of probability of interruption and neutralization for the example shipboard PPS are provided by SAFE as well as an adversary scenario, which serves as input to SNAP. This adversary scenario is analyzed by SNAP through four cases which incorporate increasingly detailed security force tactics. Comparisons between the results of the SAFE and SNAP analyses are made and conclusions drawn on the validity of each technique. Feedback from SNAP to SAFE is described, and recommendations for upgrading the ship based on the results of the SAFE/SNAP application are also discussed

  7. Information security threats in web-portals on the open journal systems platform

    Directory of Open Access Journals (Sweden)

    Anton A. Abramov

    2018-05-01

    Full Text Available This article addresses the problem of security threats while working with web portals built on the Open Journal Systems platform. The Open Journal Systems (OJS platform was originally developed as part of the Public Knowledge Project and it is one of the most popular open-source platforms for web journals today. Based on the data available in the Public Knowledge Project, there were more than 10,000 active journals using the open journal systems platform by the end of 2016. A migration of a journal to such advanced and complex platform helps to handle the entire workflow over a single web portal. Therefore it is an important move and only peer-reviewed journals that are part of Russian and Worldwide citation systems go for it. At the same time the problem of keeping privacy for a manuscript before it is published is very important for these journals and for authors who submit it to the journal. The paper describes the most common threats for the web portals on the OJS platform as well as a particular model of the security threats, and suggests the measures that could help to neutralize these threats.

  8. Accelerators for Discovery Science and Security applications

    Energy Technology Data Exchange (ETDEWEB)

    Todd, A.M.M., E-mail: alan_todd@mail.aesys.net; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-05-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection.

  9. Accelerators for Discovery Science and Security applications

    International Nuclear Information System (INIS)

    Todd, A.M.M.; Bluem, H.P.; Jarvis, J.D.; Park, J.H.; Rathke, J.W.; Schultheiss, T.J.

    2015-01-01

    Several Advanced Energy Systems (AES) accelerator projects that span applications in Discovery Science and Security are described. The design and performance of the IR and THz free electron laser (FEL) at the Fritz-Haber-Institut der Max-Planck-Gesellschaft in Berlin that is now an operating user facility for physical chemistry research in molecular and cluster spectroscopy as well as surface science, is highlighted. The device was designed to meet challenging specifications, including a final energy adjustable in the range of 15–50 MeV, low longitudinal emittance (<50 keV-psec) and transverse emittance (<20 π mm-mrad), at more than 200 pC bunch charge with a micropulse repetition rate of 1 GHz and a macropulse length of up to 15 μs. Secondly, we will describe an ongoing effort to develop an ultrafast electron diffraction (UED) source that is scheduled for completion in 2015 with prototype testing taking place at the Brookhaven National Laboratory (BNL) Accelerator Test Facility (ATF). This tabletop X-band system will find application in time-resolved chemical imaging and as a resource for drug–cell interaction analysis. A third active area at AES is accelerators for security applications where we will cover some top-level aspects of THz and X-ray systems that are under development and in testing for stand-off and portal detection

  10. Security concept in 'MyAngelWeb' a website for the individual patient at risk of emergency.

    Science.gov (United States)

    Pinciroli, F; Nahaissi, D; Boschini, M; Ferrari, R; Meloni, G; Camnasio, M; Spaggiari, P; Carnerone, G

    2000-11-01

    We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

  11. Security concept in 'MyAngelWeb((R))' a website for the individual patient at risk of emergency.

    Science.gov (United States)

    Pinciroli; Nahaissi; Boschini; Ferrari; Meloni; Camnasio; Spaggiari; Carnerone

    2000-11-01

    We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

  12. Applications of superconducting bolometers in security imaging

    International Nuclear Information System (INIS)

    Luukanen, A; Leivo, M M; Rautiainen, A; Grönholm, M; Toivanen, H; Grönberg, L; Helistö, P; Mäyrä, A; Aikio, M; Luukanen, A; Grossman, E N

    2012-01-01

    Millimeter-wave (MMW) imaging systems are currently undergoing deployment World-wide for airport security screening applications. Security screening through MMW imaging is facilitated by the relatively good transmission of these wavelengths through common clothing materials. Given the long wavelength of operation (frequencies between 20 GHz to ∼ 100 GHz, corresponding to wavelengths between 1.5 cm and 3 mm), existing systems are suited for close-range imaging only due to substantial diffraction effects associated with practical aperture diameters. The present and arising security challenges call for systems that are capable of imaging concealed threat items at stand-off ranges beyond 5 meters at near video frame rates, requiring substantial increase in operating frequency in order to achieve useful spatial resolution. The construction of such imaging systems operating at several hundred GHz has been hindered by the lack of submm-wave low-noise amplifiers. In this paper we summarize our efforts in developing a submm-wave video camera which utilizes cryogenic antenna-coupled microbolometers as detectors. Whilst superconducting detectors impose the use of a cryogenic system, we argue that the resulting back-end complexity increase is a favorable trade-off compared to complex and expensive room temperature submm-wave LNAs both in performance and system cost.

  13. Web application for marketing of digital art works and services

    OpenAIRE

    Vatovec, Jan

    2016-01-01

    The aim of the diploma thesis is to create a web application for digital artworks and services marketing. The decision to undertake this task is based on the authors’ understanding of the field and assessment that current solutions do not satisfy completely the needs of digital artists who work on the market of online subcultures built on fantasy characters (commercial and artists’ own creations). The final application comprises an interactive web gallery, auction-based marketing system for s...

  14. Toward Exposing Timing-Based Probing Attacks in Web Applications

    Science.gov (United States)

    Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

    2017-01-01

    Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach. PMID:28245610

  15. Web application with R using Shiny

    CERN Document Server

    Beeley, Chris

    2013-01-01

    This book follows a standard tutorial-based approach which will teach you how to make a web app using R and Shiny quickly and easily.This book is for anybody who wants to produce interactive data summaries over the Web, whether you want to share them with a few colleagues or the whole world. You need no previous experience with R, Shiny, HTML, or CSS to begin using this book, although you will need at least a little previous experience with programming in a different language.

  16. BUILDING A WEB APPLICATION WITH LARAVEL 5

    OpenAIRE

    Nguyen, Quang

    2015-01-01

    In modern IT industry, it is essential for web developers to know at least one battle-proven framework. Laravel is one of the most successful PHP framework in 2015, based on annual framework popularity survey conducted by SitePoint (SitePoint, The Best PHP Framework for 2015: SitePoint Survey Results, cited, 25.10.2015). There are several advantages and benefits of using web framework in general and Laravel in particular. Framework is a product of collective intelligence, comprising many ...

  17. Development of a Web-based financial application System

    Science.gov (United States)

    Hasan, M. R.; Ibrahimy, M. I.; Motakabber, S. M. A.; Ferdaus, M. M.; Khan, M. N. H.; Mostafa, M. G.

    2013-12-01

    The paper describes a technique to develop a web based financial system, following latest technology and business needs. In the development of web based application, the user friendliness and technology both are very important. It is used ASP .NET MVC 4 platform and SQL 2008 server for development of web based financial system. It shows the technique for the entry system and report monitoring of the application is user friendly. This paper also highlights the critical situations of development, which will help to develop the quality product.

  18. COEUS: "semantic web in a box" for biomedical applications.

    Science.gov (United States)

    Lopes, Pedro; Oliveira, José Luís

    2012-12-17

    As the "omics" revolution unfolds, the growth in data quantity and diversity is bringing about the need for pioneering bioinformatics software, capable of significantly improving the research workflow. To cope with these computer science demands, biomedical software engineers are adopting emerging semantic web technologies that better suit the life sciences domain. The latter's complex relationships are easily mapped into semantic web graphs, enabling a superior understanding of collected knowledge. Despite increased awareness of semantic web technologies in bioinformatics, their use is still limited. COEUS is a new semantic web framework, aiming at a streamlined application development cycle and following a "semantic web in a box" approach. The framework provides a single package including advanced data integration and triplification tools, base ontologies, a web-oriented engine and a flexible exploration API. Resources can be integrated from heterogeneous sources, including CSV and XML files or SQL and SPARQL query results, and mapped directly to one or more ontologies. Advanced interoperability features include REST services, a SPARQL endpoint and LinkedData publication. These enable the creation of multiple applications for web, desktop or mobile environments, and empower a new knowledge federation layer. The platform, targeted at biomedical application developers, provides a complete skeleton ready for rapid application deployment, enhancing the creation of new semantic information systems. COEUS is available as open source at http://bioinformatics.ua.pt/coeus/.

  19. ASP.NET web API build RESTful web applications and services on the .NET framework

    CERN Document Server

    Kanjilal, Joydip

    2013-01-01

    This book is a step-by-step, practical tutorial with a simple approach to help you build RESTful web applications and services on the .NET framework quickly and efficiently.This book is for ASP.NET web developers who want to explore REST-based services with C# 5. This book contains many real-world code examples with explanations whenever necessary. Some experience with C# and ASP.NET 4 is expected.

  20. Video performance for high security applications

    International Nuclear Information System (INIS)

    Connell, Jack C.; Norman, Bradley C.

    2010-01-01

    The complexity of physical protection systems has increased to address modern threats to national security and emerging commercial technologies. A key element of modern physical protection systems is the data presented to the human operator used for rapid determination of the cause of an alarm, whether false (e.g., caused by an animal, debris, etc.) or real (e.g., a human adversary). Alarm assessment, the human validation of a sensor alarm, primarily relies on imaging technologies and video systems. Developing measures of effectiveness (MOE) that drive the design or evaluation of a video system or technology becomes a challenge, given the subjectivity of the application (e.g., alarm assessment). Sandia National Laboratories has conducted empirical analysis using field test data and mathematical models such as binomial distribution and Johnson target transfer functions to develop MOEs for video system technologies. Depending on the technology, the task of the security operator and the distance to the target, the Probability of Assessment (PAs) can be determined as a function of a variety of conditions or assumptions. PAs used as an MOE allows the systems engineer to conduct trade studies, make informed design decisions, or evaluate new higher-risk technologies. This paper outlines general video system design trade-offs, discusses ways video can be used to increase system performance and lists MOEs for video systems used in subjective applications such as alarm assessment.

  1. Accelerator applications in energy and security

    CERN Document Server

    Chou, Weiren

    2015-01-01

    As accelerator science and technology progressed over the past several decades, the accelerators themselves have undergone major improvements in multiple performance factors: beam energy, beam power, and beam brightness. As a consequence, accelerators have found applications in a wide range of fields in our life and in our society. The current volume is dedicated to applications in energy and security, two of the most important and urgent topics in today's world. This volume makes an effort to provide a review as complete and up to date as possible of this broad and challenging subject. It contains overviews on each of the two topics and a series of articles for in-depth discussions including heavy ion accelerator driven inertial fusion, linear accelerator-based ADS systems, circular accelerator-based ADS systems, accelerator-reactor interface, accelerators for fusion material testing, cargo inspection, proton radiography, compact neutron generators and detectors. It also has a review article on accelerator ...

  2. Students as Designers of Semantic Web Applications

    Science.gov (United States)

    Tracy, Fran; Jordan, Katy

    2012-01-01

    This paper draws upon the experience of an interdisciplinary research group in engaging undergraduate university students in the design and development of semantic web technologies. A flexible approach to participatory design challenged conventional distinctions between "designer" and "user" and allowed students to play a role…

  3. Review on Cyber Security Programs for NPP Application

    Energy Technology Data Exchange (ETDEWEB)

    Oh, Eung Se [KEPRI, Daejeon (Korea, Republic of)

    2010-10-15

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS; CFR; RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  4. Review on Cyber Security Programs for NPP Application

    International Nuclear Information System (INIS)

    Oh, Eung Se

    2010-01-01

    Increased history records of cyber security (CS) attacks and concerns for computers and networks technical mishaps pull out cyber security to open places. In spite of secrete nature of security, transparent and shared knowledge of many security features are more required at modern plant floors. Korea Institute of Nuclear Safety (KINS), US Government and Nuclear Regulatory Commission (NRC) requested to develop cyber security plans and enforce their implementing to the NPPs. [KINS] [CFR] [RG 5.71] This paper reviews various cyber security guidelines and suggests an applicable cyber security program development models during the life cycle of NPP's Instrumentation and Control (I and C) systems

  5. Development of an Web Service Architecture for Enterprise Application Integration

    International Nuclear Information System (INIS)

    Kim, Ji-Hyeon; Jung, Jae-Cheon; Chang, Young-Woo; Chang, Hoon-Seon; Kim, Jae-Cheol; Kim, Hang-Bae; Kim, Kyu-Ho; Lee, Dong-Chul

    2007-01-01

    The purpose of Enterprise Application Integration (EAI) is to enable the interoperability between two or more enterprise software systems. These systems, for example, can be an Enterprise Resource Planning (ERP) system, an Enterprise Asset Management (EAM) system or a Condition Monitoring system. Traditional EAI approach, based on point-to-point connection, is expensive, vendor specific with limited modules and restricted interoperability with other ERPs and applications. To overcome these drawbacks, the Web Service based EAI has emerged. It allows the integration without point to point linking and with less costs. Many approaches of Web service based EAI are combined with ORACLE, SAP, PeopleSoft, WebSphere, SIEBEL etc. as a system integration platform. The approach still has the restriction that only predefined clients can access the services. This means clients must know exactly the protocol for calling the services and if they don't have the access information they never can get the services. This is because these Web services are based on syntactic service description. In this paper, a semantic based EAI approach, that allows the uninformed clients to access the services, is introduced. The semantic EAI is designed with the Web services that have semantic service descriptions. The Semantic Web Services(SWS) are described in Web Ontology Language for Services(OWL-S), a semantic service ontology language, and advertised in Universal Description, Discovery and Integration (UDDI). Clients find desired services through the UDDI and get services from service providers through Web Service Description Language(WSDL)

  6. Development of an Web Service Architecture for Enterprise Application Integration

    Energy Technology Data Exchange (ETDEWEB)

    Kim, Ji-Hyeon; Jung, Jae-Cheon; Chang, Young-Woo; Chang, Hoon-Seon; Kim, Jae-Cheol; Kim, Hang-Bae [Korea Power Engineering Company, Daejeon (Korea, Republic of); Kim, Kyu-Ho; Lee, Dong-Chul [Korea Electric Power Data Network, Daejeon (Korea, Republic of)

    2007-07-01

    The purpose of Enterprise Application Integration (EAI) is to enable the interoperability between two or more enterprise software systems. These systems, for example, can be an Enterprise Resource Planning (ERP) system, an Enterprise Asset Management (EAM) system or a Condition Monitoring system. Traditional EAI approach, based on point-to-point connection, is expensive, vendor specific with limited modules and restricted interoperability with other ERPs and applications. To overcome these drawbacks, the Web Service based EAI has emerged. It allows the integration without point to point linking and with less costs. Many approaches of Web service based EAI are combined with ORACLE, SAP, PeopleSoft, WebSphere, SIEBEL etc. as a system integration platform. The approach still has the restriction that only predefined clients can access the services. This means clients must know exactly the protocol for calling the services and if they don't have the access information they never can get the services. This is because these Web services are based on syntactic service description. In this paper, a semantic based EAI approach, that allows the uninformed clients to access the services, is introduced. The semantic EAI is designed with the Web services that have semantic service descriptions. The Semantic Web Services(SWS) are described in Web Ontology Language for Services(OWL-S), a semantic service ontology language, and advertised in Universal Description, Discovery and Integration (UDDI). Clients find desired services through the UDDI and get services from service providers through Web Service Description Language(WSDL)

  7. Spring security 3.x cookbook

    CERN Document Server

    Mankale, Anjana

    2013-01-01

    This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

  8. Restricted access processor - An application of computer security technology

    Science.gov (United States)

    Mcmahon, E. M.

    1985-01-01

    This paper describes a security guard device that is currently being developed by Computer Sciences Corporation (CSC). The methods used to provide assurance that the system meets its security requirements include the system architecture, a system security evaluation, and the application of formal and informal verification techniques. The combination of state-of-the-art technology and the incorporation of new verification procedures results in a demonstration of the feasibility of computer security technology for operational applications.

  9. QuickEval: a web application for psychometric scaling experiments

    Science.gov (United States)

    Van Ngo, Khai; Storvik, Jehans J.; Dokkeberg, Christopher A.; Farup, Ivar; Pedersen, Marius

    2015-01-01

    QuickEval is a web application for carrying out psychometric scaling experiments. It offers the possibility of running controlled experiments in a laboratory, or large scale experiment over the web for people all over the world. It is a unique one of a kind web application, and it is a software needed in the image quality field. It is also, to the best of knowledge, the first software that supports the three most common scaling methods; paired comparison, rank order, and category judgement. It is also the first software to support rank order. Hopefully, a side effect of this newly created software is that it will lower the threshold to perform psychometric experiments, improve the quality of the experiments being carried out, make it easier to reproduce experiments, and increase research on image quality both in academia and industry. The web application is available at www.colourlab.no/quickeval.

  10. Medication-use evaluation with a Web application.

    Science.gov (United States)

    Burk, Muriel; Moore, Von; Glassman, Peter; Good, Chester B; Emmendorfer, Thomas; Leadholm, Thomas C; Cunningham, Francesca

    2013-12-15

    A Web-based application for coordinating medication-use evaluation (MUE) initiatives within the Veterans Affairs (VA) health care system is described. The MUE Tracker (MUET) software program was created to improve VA's ability to conduct national medication-related interventions throughout its network of 147 medical centers. MUET initiatives are centrally coordinated by the VA Center for Medication Safety (VAMedSAFE), which monitors the agency's integrated databases for indications of suboptimal prescribing or drug therapy monitoring and adverse treatment outcomes. When a pharmacovigilance signal is detected, VAMedSAFE identifies "trigger groups" of at-risk veterans and uploads patient lists to the secure MUET application, where locally designated personnel (typically pharmacists) can access and use the data to target risk-reduction efforts. Local data on patient-specific interventions are stored in a centralized database and regularly updated to enable tracking and reporting for surveillance and quality-improvement purposes; aggregated data can be further analyzed for provider education and benchmarking. In a three-year pilot project, the MUET program was found effective in promoting improved prescribing of erythropoiesis-stimulating agents (ESAs) and enhanced laboratory monitoring of ESA-treated patients in all specified trigger groups. The MUET initiative has since been expanded to target other high-risk drugs, and efforts are underway to refine the tool for broader utility. The MUET application has enabled the increased standardization of medication safety initiatives across the VA system and may serve as a useful model for the development of pharmacovigilance tools by other large integrated health care systems.

  11. Frame of reference of software architecture for web applications and mobile

    Directory of Open Access Journals (Sweden)

    Carlos Alberto Maliza Martinez

    2016-08-01

    Full Text Available Given the need to have a guide for the implementation of informatics applications, and thus achieve automate tasks improving response times of users, designed the framework of reference the architecture software for web and mobile applications with technology free software and open source. The technology to be used is the Object Oriented Programming (OOP with JAVA programming language, a client / server architecture and style of multitier architecture, which will allow us to create scalable, robust and stable systems, together of Java Platform Enterprise Edition (JEE that helps us to implement business applications thanks to the JPA and EJB APIs. By the server for handling transactions, security, scalability and concurrency we have Wildfly application server. And on the client side, for creating graphical interfaces we use the ExtJS and Sencha Touch Framework, which are lightweight, high-performance libraries based on HTML5, JavaScript and CSS3. The report generator is JasperReports, because it has the ability to deliver rich content display and printer. The database engine is MySQL, because its connectivity, speed, and security make it a very appropriate server for access from the web. Finally, as editor of web and mobile applications, we have the integrated development environment Eclipse IDE platform of open source. In this paper we make a critical analysis of such applications and formulate the Framework of Software Architecture for the development and implementation of Web and Mobile Applications, which were implemented in the ECU911 Babahoyo and at the Instituto Tecnologico Superior Babahoyo, proving through its application their effectiveness and efficiency in the implementation of integrated systems

  12. Radiation Detection for Homeland Security Applications

    Science.gov (United States)

    Ely, James

    2008-05-01

    In the past twenty years or so, there have been significant changes in the strategy and applications for homeland security. Recently there have been significant at deterring and interdicting terrorists and associated organizations. This is a shift in the normal paradigm of deterrence and surveillance of a nation and the `conventional' methods of warfare to the `unconventional' means that terrorist organizations resort to. With that shift comes the responsibility to monitor international borders for weapons of mass destruction, including radiological weapons. As a result, countries around the world are deploying radiation detection instrumentation to interdict the illegal shipment of radioactive material crossing international borders. These efforts include deployments at land, rail, air, and sea ports of entry in the US and in European and Asian countries. Radioactive signatures of concern include radiation dispersal devices (RDD), nuclear warheads, and special nuclear material (SNM). Radiation portal monitors (RPMs) are used as the main screening tool for vehicles and cargo at borders, supplemented by handheld detectors, personal radiation detectors, and x-ray imaging systems. This talk will present an overview of radiation detection equipment with emphasis on radiation portal monitors. In the US, the deployment of radiation detection equipment is being coordinated by the Domestic Nuclear Detection Office within the Department of Homeland Security, and a brief summary of the program will be covered. Challenges with current generation systems will be discussed as well as areas of investigation and opportunities for improvements. The next generation of radiation portal monitors is being produced under the Advanced Spectroscopic Portal program and will be available for deployment in the near future. Additional technologies, from commercially available to experimental, that provide additional information for radiation screening, such as density imaging equipment, will

  13. Health Information Security in Hospitals: the Application of Security Safeguards.

    Science.gov (United States)

    Mehraeen, Esmaeil; Ayatollahi, Haleh; Ahmadi, Maryam

    2016-02-01

    A hospital information system has potentials to improve the accessibility of clinical information and the quality of health care. However, the use of this system has resulted in new challenges, such as concerns over health information security. This paper aims to assess the status of information security in terms of administrative, technical and physical safeguards in the university hospitals. This was a survey study in which the participants were information technology (IT) managers (n=36) who worked in the hospitals affiliated to the top ranked medical universities (university A and university B). Data were collected using a questionnaire. The content validity of the questionnaire was examined by the experts and the reliability of the questionnaire was determined using Cronbach's coefficient alpha (α=0.75). The results showed that the administrative safeguards were arranged at a medium level. In terms of the technical safeguards and the physical safeguards, the IT managers rated them at a strong level. According to the results, among three types of security safeguards, the administrative safeguards were assessed at the medium level. To improve it, developing security policies, implementing access control models and training users are recommended.

  14. Secure Service Proxy: A CoAP(s Intermediary for a Securer and Smarter Web of Things

    Directory of Open Access Journals (Sweden)

    Floris Van den Abeele

    2017-07-01

    Full Text Available As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP: a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things.

  15. Secure Service Proxy: A CoAP(s) Intermediary for a Securer and Smarter Web of Things.

    Science.gov (United States)

    Van den Abeele, Floris; Moerman, Ingrid; Demeester, Piet; Hoebeke, Jeroen

    2017-07-11

    As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things.

  16. Automated Functional Testing based on the Navigation of Web Applications

    Directory of Open Access Journals (Sweden)

    Boni García

    2011-08-01

    Full Text Available Web applications are becoming more and more complex. Testing such applications is an intricate hard and time-consuming activity. Therefore, testing is often poorly performed or skipped by practitioners. Test automation can help to avoid this situation. Hence, this paper presents a novel approach to perform automated software testing for web applications based on its navigation. On the one hand, web navigation is the process of traversing a web application using a browser. On the other hand, functional requirements are actions that an application must do. Therefore, the evaluation of the correct navigation of web applications results in the assessment of the specified functional requirements. The proposed method to perform the automation is done in four levels: test case generation, test data derivation, test case execution, and test case reporting. This method is driven by three kinds of inputs: i UML models; ii Selenium scripts; iii XML files. We have implemented our approach in an open-source testing framework named Automatic Testing Platform. The validation of this work has been carried out by means of a case study, in which the target is a real invoice management system developed using a model-driven approach.

  17. reCAPTCHA: human-based character recognition via Web security measures.

    Science.gov (United States)

    von Ahn, Luis; Maurer, Benjamin; McMillen, Colin; Abraham, David; Blum, Manuel

    2008-09-12

    CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.

  18. Les frameworks au coeur des applications web

    OpenAIRE

    Moro, Arielle; Daehne, Peter

    2010-01-01

    Depuis quelques années, Internet est vraiment entré dans les mœurs : tant dans les entreprises qu’au sein de chaque foyer. En effet, Internet permet de communiquer à travers le monde en quelques secondes, de vendre toute sorte de produits en déployant des solutions e-commerce facilement et bien d’autres choses. Internet est donc un véritable vecteur de communication, de commerce et à présent, avec le Web 2.0, un vrai berceau d’informations (tant des informations personnelles que des informati...

  19. SIGMA WEB INTERFACE FOR REACTOR DATA APPLICATIONS

    Energy Technology Data Exchange (ETDEWEB)

    Pritychenko,B.; Sonzogni, A.A.

    2010-05-09

    We present Sigma Web interface which provides user-friendly access for online analysis and plotting of the evaluated and experimental nuclear reaction data stored in the ENDF-6 and EXFOR formats. The interface includes advanced browsing and search capabilities, interactive plots of cross sections, angular distributions and spectra, nubars, comparisons between evaluated and experimental data, computations for cross section data sets, pre-calculated integral quantities, neutron cross section uncertainties plots and visualization of covariance matrices. Sigma is publicly available at the National Nuclear Data Center website at http://www.nndc.bnl.gov/sigma.

  20. Sigma Web Interface For Reactor Data Applications

    International Nuclear Information System (INIS)

    Pritychenko, B.; Sonzogni, A.A.

    2010-01-01

    We present Sigma Web interface which provides user-friendly access for online analysis and plotting of the evaluated and experimental nuclear reaction data stored in the ENDF-6 and EXFOR formats. The interface includes advanced browsing and search capabilities, interactive plots of cross sections, angular distributions and spectra, nubars, comparisons between evaluated and experimental data, computations for cross section data sets, pre-calculated integral quantities, neutron cross section uncertainties plots and visualization of covariance matrices. Sigma is publicly available at the National Nuclear Data Center website at http://www.nndc.bnl.gov/sigma.

  1. AN AUTOMATIC AND METHODOLOGICAL APPROACH FOR ACCESSIBLE WEB APPLICATIONS

    Directory of Open Access Journals (Sweden)

    Lourdes Moreno

    2007-06-01

    Full Text Available Semantic Web approaches try to get the interoperability and communication among technologies and organizations. Nevertheless, sometimes it is forgotten that the Web must be useful for every user, consequently it is necessary to include tools and techniques doing Semantic Web be accessible. Accessibility and usability are two usually joined concepts widely used in web application development, however their meaning are different. Usability means the way to make easy the use but accessibility is referred to the access possibility. For the first one, there are many well proved approaches in real cases. However, accessibility field requires a deeper research that will make feasible the access to disable people and also the access to novel non-disable people due to the cost to automate and maintain accessible applications. In this paper, we propose one architecture to achieve the accessibility in web-environments dealing with the WAI accessibility standard and the Universal Design paradigm. This architecture tries to control the accessibility in web applications development life-cycle following a methodology starting from a semantic conceptual model and leans on description languages and controlled vocabularies.

  2. Scalable Transactions for Web Applications in the Cloud

    NARCIS (Netherlands)

    Zhou, W.; Pierre, G.E.O.; Chi, C.-H.

    2009-01-01

    Cloud Computing platforms provide scalability and high availability properties for web applications but they sacrifice data consistency at the same time. However, many applications cannot afford any data inconsistency. We present a scalable transaction manager for NoSQL cloud database services to

  3. Developing responsive web applications with Ajax and jQuery

    CERN Document Server

    Patel, Sandeep Kumar

    2014-01-01

    This book is a standard tutorial for web application developers presented in a comprehensive, step-by-step manner to explain the nuances involved. It has an abundance of code and examples supporting explanations of each feature. This book is intended for Java developers wanting to create rich and responsive applications using AJAX. Basic experience of using jQuery is assumed.

  4. Development of Web-Based Learning Application for Generation Z

    Science.gov (United States)

    Hariadi, Bambang; Dewiyani Sunarto, M. J.; Sudarmaningtyas, Pantjawati

    2016-01-01

    This study aimed to develop a web-based learning application as a form of learning revolution. The form of learning revolution includes the provision of unlimited teaching materials, real time class organization, and is not limited by time or place. The implementation of this application is in the form of hybrid learning by using Google Apps for…

  5. CERN's web application updates for electron and laser beam technologies

    CERN Document Server

    Sigas, Christos

    2017-01-01

    This report describes the modifications at CERN's web application for electron and laser beam technologies. There are updates at both the front and the back end of the application. New electron and laser machines were added and also old machines were updated. There is also a new feature for printing needed information.

  6. SPIDERGL: A GRAPHICS LIBRARY FOR 3D WEB APPLICATIONS

    Directory of Open Access Journals (Sweden)

    M. Di Benedetto

    2012-09-01

    Full Text Available The recent introduction of the WebGL API for leveraging the power of 3D graphics accelerators within Web browsers opens the possibility to develop advanced graphics applications without the need for an ad-hoc plug-in. There are several contexts in which this new technology can be exploited to enhance user experience and data fruition, like e-commerce applications, games and, in particular, Cultural Heritage. In fact, it is now possible to use the Web platform to present a virtual reconstruction hypothesis of ancient pasts, to show detailed 3D models of artefacts of interests to a wide public, and to create virtual museums. We introduce SpiderGL, a JavaScript library for developing 3D graphics Web applications. SpiderGL provides data structures and algorithms to ease the use of WebGL, to define and manipulate shapes, to import 3D models in various formats, and to handle asynchronous data loading. We show the potential of this novel library with a number of demo applications and give details about its future uses in the context of Cultural Heritage applications.

  7. Virtualization of open-source secure web services to support data exchange in a pediatric critical care research network.

    Science.gov (United States)

    Frey, Lewis J; Sward, Katherine A; Newth, Christopher J L; Khemani, Robinder G; Cryer, Martin E; Thelen, Julie L; Enriquez, Rene; Shaoyu, Su; Pollack, Murray M; Harrison, Rick E; Meert, Kathleen L; Berg, Robert A; Wessel, David L; Shanley, Thomas P; Dalton, Heidi; Carcillo, Joseph; Jenkins, Tammara L; Dean, J Michael

    2015-11-01

    To examine the feasibility of deploying a virtual web service for sharing data within a research network, and to evaluate the impact on data consistency and quality. Virtual machines (VMs) encapsulated an open-source, semantically and syntactically interoperable secure web service infrastructure along with a shadow database. The VMs were deployed to 8 Collaborative Pediatric Critical Care Research Network Clinical Centers. Virtual web services could be deployed in hours. The interoperability of the web services reduced format misalignment from 56% to 1% and demonstrated that 99% of the data consistently transferred using the data dictionary and 1% needed human curation. Use of virtualized open-source secure web service technology could enable direct electronic abstraction of data from hospital databases for research purposes. © The Author 2015. Published by Oxford University Press on behalf of the American Medical Informatics Association. All rights reserved. For Permissions, please email: journals.permissions@oup.com.

  8. Web application for monitoring mainframe computer, Linux operating systems and application servers

    OpenAIRE

    Dimnik, Tomaž

    2016-01-01

    This work presents the idea and the realization of web application for monitoring the operation of the mainframe computer, servers with Linux operating system and application servers. Web application is intended for administrators of these systems, as an aid to better understand the current state, load and operation of the individual components of the server systems.

  9. Applicable Law on Demobilized and Dematerialized Securities

    Directory of Open Access Journals (Sweden)

    Wael Saghir

    2017-09-01

    Full Text Available In this paper Wael Saghir examines the priority in the business and financial worlds for companies to pursue reduced transaction costs, creating a trend towards demobilization or dematerialization of securities. His paper explains the nature of securities and the governing laws needed to resolve problems of conflict of law rules related to securities.

  10. A WEB API AND WEB APPLICATION DEVELOPMENT FOR DISSEMINATION OF AIR QUALITY INFORMATION

    Directory of Open Access Journals (Sweden)

    K. Şahin

    2017-11-01

    Full Text Available Various studies have been carried out since 2005 under the leadership of Ministry of Environment and Urbanism of Turkey, in order to observe the quality of air in Turkey, to develop new policies and to develop a sustainable air quality management strategy. For this reason, a national air quality monitoring network has been developed providing air quality indices. By this network, the quality of the air has been continuously monitored and an important information system has been constructed in order to take precautions for preventing a dangerous situation. The biggest handicap in the network is the data access problem for instant and time series data acquisition and processing because of its proprietary structure. Currently, there is no service offered by the current air quality monitoring system for exchanging information with third party applications. Within the context of this work, a web service has been developed to enable location based querying of the current/past air quality data in Turkey. This web service is equipped with up-todate and widely preferred technologies. In other words, an architecture is chosen in which applications can easily integrate. In the second phase of the study, a web-based application was developed to test the developed web service and this testing application can perform location based acquisition of air-quality data. This makes it possible to easily carry out operations such as screening and examination of the area in the given time-frame which cannot be done with the national monitoring network.

  11. a Web Api and Web Application Development for Dissemination of Air Quality Information

    Science.gov (United States)

    Şahin, K.; Işıkdağ, U.

    2017-11-01

    Various studies have been carried out since 2005 under the leadership of Ministry of Environment and Urbanism of Turkey, in order to observe the quality of air in Turkey, to develop new policies and to develop a sustainable air quality management strategy. For this reason, a national air quality monitoring network has been developed providing air quality indices. By this network, the quality of the air has been continuously monitored and an important information system has been constructed in order to take precautions for preventing a dangerous situation. The biggest handicap in the network is the data access problem for instant and time series data acquisition and processing because of its proprietary structure. Currently, there is no service offered by the current air quality monitoring system for exchanging information with third party applications. Within the context of this work, a web service has been developed to enable location based querying of the current/past air quality data in Turkey. This web service is equipped with up-todate and widely preferred technologies. In other words, an architecture is chosen in which applications can easily integrate. In the second phase of the study, a web-based application was developed to test the developed web service and this testing application can perform location based acquisition of air-quality data. This makes it possible to easily carry out operations such as screening and examination of the area in the given time-frame which cannot be done with the national monitoring network.

  12. Web 2.0 and the Semantic Web: Implications for Future HEP Web Applications

    CERN Multimedia

    CERN. Geneva

    2006-01-01

    Bebo White is a Departmental Associate (retired) at SLAC and has spent considerable time at CERN. In addition, he holds faculty appointments at Hong Kong University, the University of San Francisco, and Contra Costa College. He is a frequent speaker at conferences, academic institutions, and for commercial organizations around the world. Bebo has been a member of the International World Wide Web Conference Committee (IW3C2) since 1996 and in that time has served as General Co-Chair of two of the conferences ...

  13. Teaching web application development: Microsoft proprietary or open systems?

    Directory of Open Access Journals (Sweden)

    Stephen Corich

    Full Text Available This paper revisits the debate concerning which development environment should be used to teach server-side Web Application Development courses to undergraduate students. In 2002, following an industry-based survey of Web developers, a decision was made to adopt an open source platform consisting of PHP and MySQL rather than a Microsoft platform utilising Access and Active Server Pages. Since that date there have been a number of significant changes within the computing industry that suggest that perhaps it is appropriate to revisit the original decision. This paper investigates expert opinion by reviewing current literature regarding web development environments, it looks at the results of a survey of web development companies and it examines the current employment trends in the web development area. The paper concludes by examining the impact of making a decision to change the development environment used to teach Web Application Development to a third year computing degree class and describes the impact on course delivery that the change has brought about.

  14. Securing a web-based teleradiology platform according to German law and "best practices".

    Science.gov (United States)

    Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

    2009-01-01

    The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data.

  15. U.S. Geological Survey (USGS) Earthquake Web Applications

    Science.gov (United States)

    Fee, J.; Martinez, E.

    2015-12-01

    USGS Earthquake web applications provide access to earthquake information from USGS and other Advanced National Seismic System (ANSS) contributors. One of the primary goals of these applications is to provide a consistent experience for accessing both near-real time information as soon as it is available and historic information after it is thoroughly reviewed. Millions of people use these applications every month including people who feel an earthquake, emergency responders looking for the latest information about a recent event, and scientists researching historic earthquakes and their effects. Information from multiple catalogs and contributors is combined by the ANSS Comprehensive Catalog into one composite catalog, identifying the most preferred information from any source for each event. A web service and near-real time feeds provide access to all contributed data, and are used by a number of users and software packages. The Latest Earthquakes application displays summaries of many events, either near-real time feeds or custom searches, and the Event Page application shows detailed information for each event. Because all data is accessed through the web service, it can also be downloaded by users. The applications are maintained as open source projects on github, and use mobile-first and responsive-web-design approaches to work well on both mobile devices and desktop computers. http://earthquake.usgs.gov/earthquakes/map/

  16. Understanding Application Behaviours for Android Security: A Systematic Characterization

    OpenAIRE

    Cai, Haipeng; Ryder, Barbara

    2016-01-01

    In contrast to most existing research on Android focusing on specific security issues, there is little broad understanding of Android application run-time characteristics and their security implications. To mitigate this gap, we present the first dynamic characterization study of Android applications that targets such a broad understanding for Android security. Through lightweight method-level profiling, we have collected 33GB traces of method calls and inter-component communication (ICC) fro...

  17. Relational Constraint Driven Test Case Synthesis for Web Applications

    Directory of Open Access Journals (Sweden)

    Xiang Fu

    2010-09-01

    Full Text Available This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight adaptation, the technique can be used for discovering workflow attacks on web applications.

  18. CERN Web Application Detection. Refactoring and release as open source software

    CERN Document Server

    Lizonczyk, Piotr

    2015-01-01

    This paper covers my work during my assignment as participant of CERN Summer Students 2015 programme. The project was aimed at refactoring and publication of the Web Application Detection tool, which was developed at CERN and priorly used internally by the Computer Security team. The range of tasks performed include initial refactoring of code, which was developed like a script rather than a Python package, through extracting components that were not specific to CERN usage, the subsequent final release of the source code on GitHub and the integration with third-party software i.e. the w3af tool. Ultimately, Web Application Detection software received positive responses, being downloaded ca. 1500 times at the time of writing this report.

  19. Decomposition of monolithic web application to microservices

    OpenAIRE

    Zaymus, Mikulas

    2017-01-01

    Solteq Oyj has an internal Wellbeing project for massage reservations. The task of this thesis was to transform the monolithic architecture of this application to microservices. The thesis starts with a detailed comparison between microservices and monolithic application. It points out the benefits and disadvantages microservice architecture can bring to the project. Next, it describes the theory and possible strategies that can be used in the process of decomposition of an existing monoli...

  20. On enabling secure applications through off-line biometric identification

    Energy Technology Data Exchange (ETDEWEB)

    Davida, G.I. [Univ. of Wisconsin, Milwaukee, WI (United States); Frankel, Y. [CertCo LLC, New York, NY (United States); Matt, B.J. [Sandia National Labs., Albuquerque, NM (United States)

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user`s biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user`s private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user`s biometrics to facilitate cryptographic mechanisms.

  1. On enabling secure applications through off-line biometric identification

    International Nuclear Information System (INIS)

    Davida, G.I.; Frankel, Y.; Matt, B.J.

    1998-04-01

    In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, the authors study secure off line authenticated user identification schemes based on a biometric system that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper the authors furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. The authors investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms

  2. Efficient Image Blur in Web-Based Applications

    DEFF Research Database (Denmark)

    Kraus, Martin

    2010-01-01

    Scripting languages require the use of high-level library functions to implement efficient image processing; thus, real-time image blur in web-based applications is a challenging task unless specific library functions are available for this purpose. We present a pyramid blur algorithm, which can ...

  3. Functionality for learning networks: lessons learned from social web applications

    NARCIS (Netherlands)

    Berlanga, Adriana; Sloep, Peter; Brouns, Francis; Van Rosmalen, Peter; Bitter-Rijpkema, Marlies; Koper, Rob

    2007-01-01

    Berlanga, A. J., Sloep, P., Brouns, F., Van Rosmalen, P., Bitter-Rijpkema, M., & Koper, R. (2007). Functionality for learning networks: lessons learned from social web applications. Proceedings of the ePortfolio 2007 Conference. October, 18-19, 2007, Maastricht, The Netherlands. [See also

  4. Empower the patients with a dialogue-based web application

    DEFF Research Database (Denmark)

    Bjørnes, Charlotte D.; Cummings, Elizabeth; Nøhr, Christian

    2012-01-01

    -based web application was designed and implemented to accommodate patients' information and communication needs in short stay hospital settings. To ensure the system meet the patients' needs, both patients and healthcare professionals were involved in the design process by applying various participatory...

  5. Communicating Health Risks under Pressure: Homeland Security Applications

    International Nuclear Information System (INIS)

    Garrahan, K.G.; Collie, S.L.

    2006-01-01

    The U.S. Environmental Protection Agency's (EPA) Office of Research and Development (ORD) Threat and Consequence Assessment Division (TCAD) within the National Homeland Security Research Center (NHSRC) has developed a tool for rapid communication of health risks and likelihood of exposure in preparation for terrorist incidents. The Emergency Consequence Assessment Tool (ECAT) is a secure web-based tool designed to make risk assessment and consequence management faster and easier for high priority terrorist threat scenarios. ECAT has been designed to function as 'defensive play-book' for health advisors, first responders, and decision-makers by presenting a series of evaluation templates for priority scenarios that can be modified for site-specific applications. Perhaps most importantly, the risk communication aspect is considered prior to an actual release event, so that management or legal advisors can concur on general risk communication content in preparation for press releases that can be anticipated in case of an actual emergency. ECAT serves as a one-stop source of information for retrieving toxicological properties for agents of concern, estimating exposure to these agents, characterizing health risks, and determining what actions need to be undertaken to mitigate the risks. ECAT has the capability to be used at a command post where inputs can be checked and communicated while the response continues in real time. This front-end planning is intended to fill the gap most commonly identified during tabletop exercises: a need for concise, timely, and informative risk communication to all parties. Training and customization of existing chemical and biological release scenarios with modeling of exposure to air and water, along with custom risk communication 'messages' intended for public, press, shareholders, and other partners enable more effective communication during times of crisis. For DOE, the ECAT could serve as a prototype that would be amenable to

  6. Development of WEB Applications of The Component – Open Source

    Directory of Open Access Journals (Sweden)

    Arturo Sergio Medina Castillo

    2013-06-01

    Full Text Available Nowadays software development not starting from scratch, however already has a set of tools provided by frameworks, which enables faster application development, relevant and indispensable factor for supporting continuous improvement processes seeking higher levels of competitiveness in this global society.In all respects the development of Web applications, whether open source or proprietary, is developing rapidly, by providing service levels of communication, interoperability, access to internal and external customers that allows management support different business processes.

  7. Migrating Multi-page Web Applications to Single-page AJAX Interfaces

    NARCIS (Netherlands)

    Mesbah, A.; Van Deursen, A.

    2006-01-01

    Recently, a new web development technique for creating interactive web applications, dubbed AJAX, has emerged. In this new model, the single-page web interface is composed of individual components which can be updated/replaced independently. With the rise of AJAX web applications classical

  8. CC-based Design of Secure Application Systems

    DEFF Research Database (Denmark)

    Sharp, Robin

    2009-01-01

    This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secu...... an effective and secure design, starting with the formulation of a Protection Profile and ending with a concrete design, within the project timeframe.......This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology for secure application systems. The examples considered include a Point-of-Sale (POS) system, a wind turbine park monitoring and control system and a secure...

  9. Open chemistry: RESTful web APIs, JSON, NWChem and the modern web application

    OpenAIRE

    Hanwell, Marcus D.; de Jong, Wibe A.; Harris, Christopher J.

    2017-01-01

    © 2017 The Author(s). An end-to-end platform for chemical science research has been developed that integrates data from computational and experimental approaches through a modern web-based interface. The platform offers an interactive visualization and analytics environment that functions well on mobile, laptop and desktop devices. It offers pragmatic solutions to ensure that large and complex data sets are more accessible. Existing desktop applications/frameworks were extended to integrate w...

  10. BOF4WSS : a business-oriented framework for enhancing web services security for e-business

    OpenAIRE

    Nurse, Jason R. C.; Sinclair, Jane

    2009-01-01

    When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in def...

  11. A Semantic Sensor Web for Environmental Decision Support Applications

    Science.gov (United States)

    Gray, Alasdair J. G.; Sadler, Jason; Kit, Oles; Kyzirakos, Kostis; Karpathiotakis, Manos; Calbimonte, Jean-Paul; Page, Kevin; García-Castro, Raúl; Frazer, Alex; Galpin, Ixent; Fernandes, Alvaro A. A.; Paton, Norman W.; Corcho, Oscar; Koubarakis, Manolis; De Roure, David; Martinez, Kirk; Gómez-Pérez, Asunción

    2011-01-01

    Sensing devices are increasingly being deployed to monitor the physical world around us. One class of application for which sensor data is pertinent is environmental decision support systems, e.g., flood emergency response. For these applications, the sensor readings need to be put in context by integrating them with other sources of data about the surrounding environment. Traditional systems for predicting and detecting floods rely on methods that need significant human resources. In this paper we describe a semantic sensor web architecture for integrating multiple heterogeneous datasets, including live and historic sensor data, databases, and map layers. The architecture provides mechanisms for discovering datasets, defining integrated views over them, continuously receiving data in real-time, and visualising on screen and interacting with the data. Our approach makes extensive use of web service standards for querying and accessing data, and semantic technologies to discover and integrate datasets. We demonstrate the use of our semantic sensor web architecture in the context of a flood response planning web application that uses data from sensor networks monitoring the sea-state around the coast of England. PMID:22164110

  12. Overview of Accelerator Applications for Security and Defense

    Science.gov (United States)

    Antolak, Arlyn J.

    Particle accelerators play a key role in a broad set of defense and security applications, including war-fighter and asset protection, cargo inspection, nonproliferation, materials characterization, and stockpile stewardship. Accelerators can replace the high activity radioactive sources that pose a security threat to developing a radiological dispersal device, and, can be used to produce isotopes for medical, industrial, and research purposes. An overview of current and emerging accelerator technologies relevant to addressing the needs of defense and security is presented.

  13. Control System Applicable Use Assessment of the Secure Computing Corporation - Secure Firewall (Sidewinder)

    Energy Technology Data Exchange (ETDEWEB)

    Hadley, Mark D.; Clements, Samuel L.

    2009-01-01

    Battelle’s National Security & Defense objective is, “applying unmatched expertise and unique facilities to deliver homeland security solutions. From detection and protection against weapons of mass destruction to emergency preparedness/response and protection of critical infrastructure, we are working with industry and government to integrate policy, operational, technological, and logistical parameters that will secure a safe future”. In an ongoing effort to meet this mission, engagements with industry that are intended to improve operational and technical attributes of commercial solutions that are related to national security initiatives are necessary. This necessity will ensure that capabilities for protecting critical infrastructure assets are considered by commercial entities in their development, design, and deployment lifecycles thus addressing the alignment of identified deficiencies and improvements needed to support national cyber security initiatives. The Secure Firewall (Sidewinder) appliance by Secure Computing was assessed for applicable use in critical infrastructure control system environments, such as electric power, nuclear and other facilities containing critical systems that require augmented protection from cyber threat. The testing was performed in the Pacific Northwest National Laboratory’s (PNNL) Electric Infrastructure Operations Center (EIOC). The Secure Firewall was tested in a network configuration that emulates a typical control center network and then evaluated. A number of observations and recommendations are included in this report relating to features currently included in the Secure Firewall that support critical infrastructure security needs.

  14. A RESTful interface to pseudonymization services in modern web applications.

    Science.gov (United States)

    Lablans, Martin; Borg, Andreas; Ückert, Frank

    2015-02-07

    Medical research networks rely on record linkage and pseudonymization to determine which records from different sources relate to the same patient. To establish informational separation of powers, the required identifying data are redirected to a trusted third party that has, in turn, no access to medical data. This pseudonymization service receives identifying data, compares them with a list of already reported patient records and replies with a (new or existing) pseudonym. We found existing solutions to be technically outdated, complex to implement or not suitable for internet-based research infrastructures. In this article, we propose a new RESTful pseudonymization interface tailored for use in web applications accessed by modern web browsers. The interface is modelled as a resource-oriented architecture, which is based on the representational state transfer (REST) architectural style. We translated typical use-cases into resources to be manipulated with well-known HTTP verbs. Patients can be re-identified in real-time by authorized users' web browsers using temporary identifiers. We encourage the use of PID strings for pseudonyms and the EpiLink algorithm for record linkage. As a proof of concept, we developed a Java Servlet as reference implementation. The following resources have been identified: Sessions allow data associated with a client to be stored beyond a single request while still maintaining statelessness. Tokens authorize for a specified action and thus allow the delegation of authentication. Patients are identified by one or more pseudonyms and carry identifying fields. Relying on HTTP calls alone, the interface is firewall-friendly. The reference implementation has proven to be production stable. The RESTful pseudonymization interface fits the requirements of web-based scenarios and allows building applications that make pseudonymization transparent to the user using ordinary web technology. The open-source reference implementation implements the

  15. Specification and Verification of Web Applications in Rewriting Logic

    Science.gov (United States)

    Alpuente, María; Ballis, Demis; Romero, Daniel

    This paper presents a Rewriting Logic framework that formalizes the interactions between Web servers and Web browsers through a communicating protocol abstracting HTTP. The proposed framework includes a scripting language that is powerful enough to model the dynamics of complex Web applications by encompassing the main features of the most popular Web scripting languages (e.g. PHP, ASP, Java Servlets). We also provide a detailed characterization of browser actions (e.g. forward/backward navigation, page refresh, and new window/tab openings) via rewrite rules, and show how our models can be naturally model-checked by using the Linear Temporal Logic of Rewriting (LTLR), which is a Linear Temporal Logic specifically designed for model-checking rewrite theories. Our formalization is particularly suitable for verification purposes, since it allows one to perform in-depth analyses of many subtle aspects related to Web interaction. Finally, the framework has been completely implemented in Maude, and we report on some successful experiments that we conducted by using the Maude LTLR model-checker.

  16. Teleradiology network system using the web medical image conference system with a new information security solution

    Science.gov (United States)

    Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kusumoto, Masahiro; Kaneko, Masahiro; Kakinuma, Ryutaru; Moriyama, Noriyuki

    2012-02-01

    We have developed the teleradiology network system with a new information security solution that provided with web medical image conference system. In the teleradiology network system, the security of information network is very important subjects. We are studying the secret sharing scheme and the tokenization as a method safely to store or to transmit the confidential medical information used with the teleradiology network system. The confidential medical information is exposed to the risk of the damage and intercept. Secret sharing scheme is a method of dividing the confidential medical information into two or more tallies. Individual medical information cannot be decoded by using one tally at all. Our method has the function of automatic backup. With automatic backup technology, if there is a failure in a single tally, there is redundant data already copied to other tally. Confidential information is preserved at an individual Data Center connected through internet because individual medical information cannot be decoded by using one tally at all. Therefore, even if one of the Data Centers is struck and information is damaged due to the large area disaster like the great earthquake of Japan, the confidential medical information can be decoded by using the tallies preserved at the data center to which it escapes damage. Moreover, by using tokenization, the history information of dividing the confidential medical information into two or more tallies is prevented from lying scattered by replacing the history information with another character string (Make it to powerlessness). As a result, information is available only to those who have rightful access it and the sender of a message and the message itself are verified at the receiving point. We propose a new information transmission method and a new information storage method with a new information security solution.

  17. Developing security tools of WSN and WBAN networks applications

    CERN Document Server

    A M El-Bendary, Mohsen

    2015-01-01

    This book focuses on two of the most rapidly developing areas in wireless technology (WT) applications, namely, wireless sensors networks (WSNs) and wireless body area networks (WBANs). These networks can be considered smart applications of the recent WT revolutions. The book presents various security tools and scenarios for the proposed enhanced-security of WSNs, which are supplemented with numerous computer simulations. In the computer simulation section, WSN modeling is addressed using MATLAB programming language.

  18. Situational Requirements Engineering for the Development of Content Management System-based Web Applications

    NARCIS (Netherlands)

    Souer, J.; van de Weerd, I.; Versendaal, J.M.; Brinkkemper, S.

    2005-01-01

    Web applications are evolving towards strong content-centered Web applications. The development processes and implementation of these applications are unlike the development and implementation of traditional information systems. In this paper we propose WebEngineering Method; a method for developing

  19. User Interface Design in Medical Distributed Web Applications.

    Science.gov (United States)

    Serban, Alexandru; Crisan-Vida, Mihaela; Mada, Leonard; Stoicu-Tivadar, Lacramioara

    2016-01-01

    User interfaces are important to facilitate easy learning and operating with an IT application especially in the medical world. An easy to use interface has to be simple and to customize the user needs and mode of operation. The technology in the background is an important tool to accomplish this. The present work aims to creating a web interface using specific technology (HTML table design combined with CSS3) to provide an optimized responsive interface for a complex web application. In the first phase, the current icMED web medical application layout is analyzed, and its structure is designed using specific tools, on source files. In the second phase, a new graphic adaptable interface to different mobile terminals is proposed, (using HTML table design (TD) and CSS3 method) that uses no source files, just lines of code for layout design, improving the interaction in terms of speed and simplicity. For a complex medical software application a new prototype layout was designed and developed using HTML tables. The method uses a CSS code with only CSS classes applied to one or multiple HTML table elements, instead of CSS styles that can be applied to just one DIV tag at once. The technique has the advantage of a simplified CSS code, and a better adaptability to different media resolutions compared to DIV-CSS style method. The presented work is a proof that adaptive web interfaces can be developed just using and combining different types of design methods and technologies, using HTML table design, resulting in a simpler to learn and use interface, suitable for healthcare services.

  20. Angular JS – The Newest Technology in Creating Web Applications

    Directory of Open Access Journals (Sweden)

    Radu BUCEA-MANEA-TONIS

    2016-09-01

    Full Text Available This article is the result of searching and selecting new technologies that help programmer in developing web applications. It also represents a pleading for using it, showing its advantages and disadvantages. Alongside the article there are features regarding binding elements, modules, filters and directives. It is a synthesis and a guide of good practice for innovative programmers. All technical issues presented are supported by a case study.

  1. WeBIAS: a web server for publishing bioinformatics applications.

    Science.gov (United States)

    Daniluk, Paweł; Wilczyński, Bartek; Lesyng, Bogdan

    2015-11-02

    One of the requirements for a successful scientific tool is its availability. Developing a functional web service, however, is usually considered a mundane and ungratifying task, and quite often neglected. When publishing bioinformatic applications, such attitude puts additional burden on the reviewers who have to cope with poorly designed interfaces in order to assess quality of presented methods, as well as impairs actual usefulness to the scientific community at large. In this note we present WeBIAS-a simple, self-contained solution to make command-line programs accessible through web forms. It comprises a web portal capable of serving several applications and backend schedulers which carry out computations. The server handles user registration and authentication, stores queries and results, and provides a convenient administrator interface. WeBIAS is implemented in Python and available under GNU Affero General Public License. It has been developed and tested on GNU/Linux compatible platforms covering a vast majority of operational WWW servers. Since it is written in pure Python, it should be easy to deploy also on all other platforms supporting Python (e.g. Windows, Mac OS X). Documentation and source code, as well as a demonstration site are available at http://bioinfo.imdik.pan.pl/webias . WeBIAS has been designed specifically with ease of installation and deployment of services in mind. Setting up a simple application requires minimal effort, yet it is possible to create visually appealing, feature-rich interfaces for query submission and presentation of results.

  2. WEBnm@: a web application for normal mode analyses of proteins

    Directory of Open Access Journals (Sweden)

    Reuter Nathalie

    2005-03-01

    Full Text Available Abstract Background Normal mode analysis (NMA has become the method of choice to investigate the slowest motions in macromolecular systems. NMA is especially useful for large biomolecular assemblies, such as transmembrane channels or virus capsids. NMA relies on the hypothesis that the vibrational normal modes having the lowest frequencies (also named soft modes describe the largest movements in a protein and are the ones that are functionally relevant. Results We developed a web-based server to perform normal modes calculations and different types of analyses. Starting from a structure file provided by the user in the PDB format, the server calculates the normal modes and subsequently offers the user a series of automated calculations; normalized squared atomic displacements, vector field representation and animation of the first six vibrational modes. Each analysis is performed independently from the others and results can be visualized using only a web browser. No additional plug-in or software is required. For users who would like to analyze the results with their favorite software, raw results can also be downloaded. The application is available on http://www.bioinfo.no/tools/normalmodes. We present here the underlying theory, the application architecture and an illustration of its features using a large transmembrane protein as an example. Conclusion We built an efficient and modular web application for normal mode analysis of proteins. Non specialists can easily and rapidly evaluate the degree of flexibility of multi-domain protein assemblies and characterize the large amplitude movements of their domains.

  3. AN INNOVATIVE WEB MINING APPLICATION ON BLOGS - A LAYOUT

    Directory of Open Access Journals (Sweden)

    S. Prakash

    2012-01-01

    Full Text Available Blogs and Web services agree to express user’s opinions and interests, in the form of small text messages which gives abbreviated and highly personalized remarks in real-time. Recognizing emotion is really significant for a text-based communication tool such as blogs. Nowadays, user opinions in the structure of comments, reviews in blogs have been utilized by researchers for various purposes. Among them the application of sentiment analysis techniques to these opinions is an interesting one. This paper deals with a proposal of a software structural design for constructing Web mining applications in the blog world. The design includes blog crawling and data mining algorithms, to offer a full-fledged and flexible key for constructing general-purpose Web mining applications. The structural design allocates some significant customizations, such as the construction of adapters for reading text from different blogs, and the utilization of different pre-processing methods and data mining procedures. The core of this paper is on explaining the innovative software structural design of the general framework offering thorough information about the data mining sub-framework.

  4. SCALEUS: Semantic Web Services Integration for Biomedical Applications.

    Science.gov (United States)

    Sernadela, Pedro; González-Castro, Lorena; Oliveira, José Luís

    2017-04-01

    In recent years, we have witnessed an explosion of biological data resulting largely from the demands of life science research. The vast majority of these data are freely available via diverse bioinformatics platforms, including relational databases and conventional keyword search applications. This type of approach has achieved great results in the last few years, but proved to be unfeasible when information needs to be combined or shared among different and scattered sources. During recent years, many of these data distribution challenges have been solved with the adoption of semantic web. Despite the evident benefits of this technology, its adoption introduced new challenges related with the migration process, from existent systems to the semantic level. To facilitate this transition, we have developed Scaleus, a semantic web migration tool that can be deployed on top of traditional systems in order to bring knowledge, inference rules, and query federation to the existent data. Targeted at the biomedical domain, this web-based platform offers, in a single package, straightforward data integration and semantic web services that help developers and researchers in the creation process of new semantically enhanced information systems. SCALEUS is available as open source at http://bioinformatics-ua.github.io/scaleus/ .

  5. Open chemistry: RESTful web APIs, JSON, NWChem and the modern web application.

    Science.gov (United States)

    Hanwell, Marcus D; de Jong, Wibe A; Harris, Christopher J

    2017-10-30

    An end-to-end platform for chemical science research has been developed that integrates data from computational and experimental approaches through a modern web-based interface. The platform offers an interactive visualization and analytics environment that functions well on mobile, laptop and desktop devices. It offers pragmatic solutions to ensure that large and complex data sets are more accessible. Existing desktop applications/frameworks were extended to integrate with high-performance computing resources, and offer command-line tools to automate interaction-connecting distributed teams to this software platform on their own terms. The platform was developed openly, and all source code hosted on the GitHub platform with automated deployment possible using Ansible coupled with standard Ubuntu-based machine images deployed to cloud machines. The platform is designed to enable teams to reap the benefits of the connected web-going beyond what conventional search and analytics platforms offer in this area. It also has the goal of offering federated instances, that can be customized to the sites/research performed. Data gets stored using JSON, extending upon previous approaches using XML, building structures that support computational chemistry calculations. These structures were developed to make it easy to process data across different languages, and send data to a JavaScript-based web client.

  6. Taking advantage of Google's Web-based applications and services.

    Science.gov (United States)

    Brigham, Tara J

    2014-01-01

    Google is a company that is constantly expanding and growing its services and products. While most librarians possess a "love/hate" relationship with Google, there are a number of reasons you should consider exploring some of the tools Google has created and made freely available. Applications and services such as Google Docs, Slides, and Google+ are functional and dynamic without the cost of comparable products. This column will address some of the issues users should be aware of before signing up to use Google's tools, and a description of some of Google's Web applications and services, plus how they can be useful to librarians in health care.

  7. Photonics applications and web engineering: WILGA Summer 2016

    Science.gov (United States)

    Romaniuk, Ryszard S.

    2016-09-01

    Wilga Summer 2016 Symposium on Photonics Applications and Web Engineering was held on 29 May - 06 June. The Symposium gathered over 350 participants, mainly young researchers active in optics, optoelectronics, photonics, electronics technologies and applications. There were presented around 300 presentations in a few main topical tracks including: bio-photonics, optical sensory networks, photonics-electronics-mechatronics co-design and integration, large functional system design and maintenance, Internet of Thins, and other. The paper is an introduction the 2016 WILGA Summer Symposium Proceedings, and digests some of the Symposium chosen key presentations.

  8. Photonics applications and web engineering: WILGA Summer 2015

    Science.gov (United States)

    Romaniuk, Ryszard S.

    2015-09-01

    Wilga Summer 2015 Symposium on Photonics Applications and Web Engineering was held on 23-31 May. The Symposium gathered over 350 participants, mainly young researchers active in optics, optoelectronics, photonics, electronics technologies and applications. There were presented around 300 presentations in a few main topical tracks including: bio-photonics, optical sensory networks, photonics-electronics-mechatronics co-design and integration, large functional system design and maintenance, Internet of Thins, and other. The paper is an introduction the 2015 WILGA Summer Symposium Proceedings, and digests some of the Symposium chosen key presentations.

  9. Pro Spring security

    CERN Document Server

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  10. Project Management Methodology for the Development of M-Learning Web Based Applications

    Directory of Open Access Journals (Sweden)

    Adrian VISOIU

    2010-01-01

    Full Text Available M-learning web based applications are a particular case of web applications designed to be operated from mobile devices. Also, their purpose is to implement learning aspects. Project management of such applications takes into account the identified peculiarities. M-learning web based application characteristics are identified. M-learning functionality covers the needs of an educational process. Development is described taking into account the mobile web and its influences over the analysis, design, construction and testing phases. Activities building up a work breakdown structure for development of m-learning web based applications are presented. Project monitoring and control techniques are proposed. Resources required for projects are discussed.

  11. A Web-based Architecture Enabling Multichannel Telemedicine Applications

    Directory of Open Access Journals (Sweden)

    Fabrizio Lamberti

    2003-02-01

    Full Text Available Telemedicine scenarios include today in-hospital care management, remote teleconsulting, collaborative diagnosis and emergency situations handling. Different types of information need to be accessed by means of etherogeneous client devices in different communication environments in order to enable high quality continuous sanitary assistance delivery wherever and whenever needed. In this paper, a Web-based telemedicine architecture based on Java, XML and XSL technologies is presented. By providing dynamic content delivery services and Java based client applications for medical data consultation and modification, the system enables effective access to an Electronic Patient Record based standard database by means of any device equipped with a Web browser, such as traditional Personal Computers and workstation as well as modern Personal Digital Assistants. The effectiveness of the proposed architecture has been evaluated in different scenarios, experiencing fixed and mobile clinical data transmissions over Local Area Networks, wireless LANs and wide coverage telecommunication network including GSM and GPRS.

  12. Tracking Outfield Employees using GPS in Web Applications

    Directory of Open Access Journals (Sweden)

    Kasinathan Vinothini

    2018-01-01

    Full Text Available This paper presents e-Track, a web-based tracking system for outfield employees in order to cater for various business activities as demanded by the business owners. Such demands may range from a simple task assignment, to employee location tracking and remote observation of the employees’ task progress. The objective of the proposed system is two-fold. First, the employees to access the application and clocks-in work. Second, a standalone web system for the employers to determine the approximate location of the staff assigned with outfield duties. The IP address recognition will ensure no buddy punching takes place. e-Track is hoped to increase efficiency among employees by saving time travelling between branches during outfield duties. In the future, e-Track will be integrated with claim and payment modules to support arrangement for outfield duties.

  13. Migrating Existing PHP Web Applications to the Cloud

    Directory of Open Access Journals (Sweden)

    Ionut VODA

    2014-01-01

    Full Text Available The purpose of this paper is to present a set of best practices for moving PHP web applications from a traditional hosting to a Cloud based one. PHP applications are widespread nowadays and they come in many shapes and sizes and that is why they require a special attention. The paper goes beyond just moving the code in the Cloud and setting up the run-time environment as some architectural changes must be done at application level most of the time. The decision of how and when to make these changes can make the difference between a successful migra-tion and a failed one. It will be presented how to decouple and scale an application, how to scale a database while following the high availability principles.

  14. Nuclear security culture: a generic model for universal application

    International Nuclear Information System (INIS)

    Khripunov, I.

    2005-01-01

    Full text: Nuclear security culture found its way into professional parlance several years ago, but still lacks an agreed-upon definition and description. The February 2005 U.S.-Russian Joint Statement, issued at the presidential summit meeting in Bratislava, referred specifically to security culture, focusing renewed attention on the concept. Numerous speakers at the March 2005 International Atomic Energy Agency's (IAEA) international conference on nuclear security referred to security culture, but their visions and interpretations were often at odds with one another. Clearly, there is a need for a generic model of nuclear security culture with universal applicability. Internationally acceptable standards in this area would be invaluable for evaluation, comparison, cooperation, and assistance. They would also help international bodies better manage their relations with the nuclear sectors in various countries. This paper will develop such a model. It will use the IAEA definition of nuclear security, and then apply Edgar Schein's model of organizational culture to security culture at a generic nuclear facility. A cultural approach to physical protection involves determining what attitudes and beliefs need to be established in an organization, how these attitudes and beliefs manifest themselves in the behavior of assigned personnel, and how desirable attitudes and beliefs can be transcribed into formal working methods to produce good outcomes, i.e., effective protection. The security-culture mechanism I will propose is broken into four major units: facility leadership, proactive policies and procedures, personnel performance, and learning and professional improvement. The paper will amplify on the specific traits characteristic of each of these units. Security culture is not a panacea. In a time of mounting terrorist threats, it should nonetheless be looked upon as a necessary organizational tool that enhances the skills of nuclear personnel and ensures that

  15. Optical Imaging Sensors and Systems for Homeland Security Applications

    CERN Document Server

    Javidi, Bahram

    2006-01-01

    Optical and photonic systems and devices have significant potential for homeland security. Optical Imaging Sensors and Systems for Homeland Security Applications presents original and significant technical contributions from leaders of industry, government, and academia in the field of optical and photonic sensors, systems and devices for detection, identification, prevention, sensing, security, verification and anti-counterfeiting. The chapters have recent and technically significant results, ample illustrations, figures, and key references. This book is intended for engineers and scientists in the relevant fields, graduate students, industry managers, university professors, government managers, and policy makers. Advanced Sciences and Technologies for Security Applications focuses on research monographs in the areas of -Recognition and identification (including optical imaging, biometrics, authentication, verification, and smart surveillance systems) -Biological and chemical threat detection (including bios...

  16. An aspect-oriented methodology for designing secure applications

    NARCIS (Netherlands)

    Georg, Geri; Ray, Indrakshi; Anastasakis, Kyriakos; Bordbar, Behzad; Toahchoodee, Manachai; Houmb, S.H.

    We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to

  17. Application of smart cards in physical and information security systems

    International Nuclear Information System (INIS)

    Dreifus, H.N.

    1988-01-01

    Smart Cards, integrated circuits embedded into credit cards, have been proposed for many computer and physical security applications. The cards have shown promise in improving both the security and monitoring of systems ranging from computer network identification through physical protection and access control. With the increasing computational power embedded within these cards, advanced encryption techniques such as public key cryptography can now be realized, enabling more sophisticated uses

  18. The application of security provisions in accommodation facility – hotel

    OpenAIRE

    Rotbauer, Josef

    2010-01-01

    This thesis treats of security provisions, which hotels are using to protect health and property of accommodated persons. In the opening part is caught the progress of attendance and capacities of hotels in the Czech republic during a specific time period. The next chapter focuses on possible threats, which are imminent to hotels during the operation. The third part of the thesis solves particular methods of application of security provisions, these are verified in two concrete hotels in the ...

  19. Crawling Ajax-based Web Applications through Dynamic Analysis of User Interface State Changes

    NARCIS (Netherlands)

    Mesbah, A.; Van Deursen, A.; Lenselink, S.

    2011-01-01

    Using JavaScript and dynamic DOM manipulation on the client-side of web applications is becoming a widespread approach for achieving rich interactivity and responsiveness in modern web applications. At the same time, such techniques, collectively known as Ajax, shatter the metaphor of web ‘pages’

  20. A sensor monitoring system for telemedicine, safety and security applications

    Science.gov (United States)

    Vlissidis, Nikolaos; Leonidas, Filippos; Giovanis, Christos; Marinos, Dimitrios; Aidinis, Konstantinos; Vassilopoulos, Christos; Pagiatakis, Gerasimos; Schmitt, Nikolaus; Pistner, Thomas; Klaue, Jirka

    2017-02-01

    A sensor system capable of medical, safety and security monitoring in avionic and other environments (e.g. homes) is examined. For application inside an aircraft cabin, the system relies on an optical cellular network that connects each seat to a server and uses a set of database applications to process data related to passengers' health, safety and security status. Health monitoring typically encompasses electrocardiogram, pulse oximetry and blood pressure, body temperature and respiration rate while safety and security monitoring is related to the standard flight attendance duties, such as cabin preparation for take-off, landing, flight in regions of turbulence, etc. In contrast to previous related works, this article focuses on the system's modules (medical and safety sensors and associated hardware), the database applications used for the overall control of the monitoring function and the potential use of the system for security applications. Further tests involving medical, safety and security sensing performed in an real A340 mock-up set-up are also described and reference is made to the possible use of the sensing system in alternative environments and applications, such as health monitoring within other means of transport (e.g. trains or small passenger sea vessels) as well as for remotely located home users, over a wired Ethernet network or the Internet.

  1. Application of homomorphism to secure image sharing

    Science.gov (United States)

    Islam, Naveed; Puech, William; Hayat, Khizar; Brouzet, Robert

    2011-09-01

    In this paper, we present a new approach for sharing images between l players by exploiting the additive and multiplicative homomorphic properties of two well-known public key cryptosystems, i.e. RSA and Paillier. Contrary to the traditional schemes, the proposed approach employs secret sharing in a way that limits the influence of the dealer over the protocol and allows each player to participate with the help of his key-image. With the proposed approach, during the encryption step, each player encrypts his own key-image using the dealer's public key. The dealer encrypts the secret-to-be-shared image with the same public key and then, the l encrypted key-images plus the encrypted to-be shared image are multiplied homomorphically to get another encrypted image. After this step, the dealer can safely get a scrambled image which corresponds to the addition or multiplication of the l + 1 original images ( l key-images plus the secret image) because of the additive homomorphic property of the Paillier algorithm or multiplicative homomorphic property of the RSA algorithm. When the l players want to extract the secret image, they do not need to use keys and the dealer has no role. Indeed, with our approach, to extract the secret image, the l players need only to subtract their own key-image with no specific order from the scrambled image. Thus, the proposed approach provides an opportunity to use operators like multiplication on encrypted images for the development of a secure privacy preserving protocol in the image domain. We show that it is still possible to extract a visible version of the secret image with only l-1 key-images (when one key-image is missing) or when the l key-images used for the extraction are different from the l original key-images due to a lossy compression for example. Experimental results and security analysis verify and prove that the proposed approach is secure from cryptographic viewpoint.

  2. Muon Fluence Measurements for Homeland Security Applications

    Energy Technology Data Exchange (ETDEWEB)

    Ankney, Austin S.; Berguson, Timothy J.; Borgardt, James D.; Kouzes, Richard T.

    2010-08-10

    This report focuses on work conducted at Pacific Northwest National Laboratory to better characterize aspects of backgrounds in RPMs deployed for homeland security purposes. Two polyvinyl toluene scintillators were utilized with supporting NIM electronics to measure the muon coincidence rate. Muon spallation is one mechanism by which background neutrons are produced. The measurements performed concentrated on a broad investigation of the dependence of the muon flux on a) variations in solid angle subtended by the detector; b) the detector inclination with the horizontal; c) depth underground; and d) diurnal effects. These tests were conducted inside at Building 318/133, outdoors at Building 331G, and underground at Building 3425 at Pacific Northwest National Laboratory.

  3. Modern tools for development of interactive web map applications for visualization spatial data on the internet

    Directory of Open Access Journals (Sweden)

    Horáková Bronislava

    2009-11-01

    Full Text Available In the last few years has begun the development of dynamic web applications, often called Web2.0. From this development wascreated a technology called Mashups. Mashups may easily combine huge amounts of data sources and functionalities of existing as wellas future web applications and services. Therefore they are used to develop a new device, which offers new possibilities of informationusage. This technology provides possibilities of developing basic as well as robust web applications not only for IT or GIS specialists,but also for common users. Software companies have developed web projects for building mashup application also called mashupeditors.

  4. The Semantic Web: opportunities and challenges for next-generation Web applications

    Directory of Open Access Journals (Sweden)

    2002-01-01

    Full Text Available Recently there has been a growing interest in the investigation and development of the next generation web - the Semantic Web. While most of the current forms of web content are designed to be presented to humans, but are barely understandable by computers, the content of the Semantic Web is structured in a semantic way so that it is meaningful to computers as well as to humans. In this paper, we report a survey of recent research on the Semantic Web. In particular, we present the opportunities that this revolution will bring to us: web-services, agent-based distributed computing, semantics-based web search engines, and semantics-based digital libraries. We also discuss the technical and cultural challenges of realizing the Semantic Web: the development of ontologies, formal semantics of Semantic Web languages, and trust and proof models. We hope that this will shed some light on the direction of future work on this field.

  5. Testing and securing Android Studio applications

    CERN Document Server

    Zapata, Belén Cruz

    2014-01-01

    If you are a developer with some Android knowledge, but you do not know how to test your applications using Android Studio, this book will guide you. It is recommended that you are familiar with Android Studio IDE.

  6. Information System Security: Air Force Web Site Administration, Policies, and Practices

    National Research Council Canada - National Science Library

    2002-01-01

    .... Subsequent reports will cover Web site administration within the Army and DoD. The Naval Audit Service plans to issue a separate report based on the audit of Web site administration within the Navy and the Marine Corps...

  7. WebSphere Application Server Step by Step

    CERN Document Server

    Cline, Owen; Van Sickel, Peter

    2012-01-01

    WebSphere Application Server (WAS) is complex and multifaceted middleware used by huge enterprises as well as small businesses. In this book, the authors do an excellent job of covering the many aspects of the software. While other books merely cover installation and configuration, this book goes beyond that to cover the critical verification and management process to ensure a successful installation and implementation. It also addresses all of the different packages-from Express to Network-so that no matter what size your company is, you will be able to successfully implement WAS V6. To de

  8. Application of web-GIS approach for climate change study

    Science.gov (United States)

    Okladnikov, Igor; Gordov, Evgeny; Titov, Alexander; Bogomolov, Vasily; Martynova, Yuliya; Shulgina, Tamara

    2013-04-01

    Georeferenced datasets are currently actively used in numerous applications including modeling, interpretation and forecast of climatic and ecosystem changes for various spatial and temporal scales. Due to inherent heterogeneity of environmental datasets as well as their huge size which might constitute up to tens terabytes for a single dataset at present studies in the area of climate and environmental change require a special software support. A dedicated web-GIS information-computational system for analysis of georeferenced climatological and meteorological data has been created. It is based on OGC standards and involves many modern solutions such as object-oriented programming model, modular composition, and JavaScript libraries based on GeoExt library, ExtJS Framework and OpenLayers software. The main advantage of the system lies in a possibility to perform mathematical and statistical data analysis, graphical visualization of results with GIS-functionality, and to prepare binary output files with just only a modern graphical web-browser installed on a common desktop computer connected to Internet. Several geophysical datasets represented by two editions of NCEP/NCAR Reanalysis, JMA/CRIEPI JRA-25 Reanalysis, ECMWF ERA-40 Reanalysis, ECMWF ERA Interim Reanalysis, MRI/JMA APHRODITE's Water Resources Project Reanalysis, DWD Global Precipitation Climatology Centre's data, GMAO Modern Era-Retrospective analysis for Research and Applications, meteorological observational data for the territory of the former USSR for the 20th century, results of modeling by global and regional climatological models, and others are available for processing by the system. And this list is extending. Also a functionality to run WRF and "Planet simulator" models was implemented in the system. Due to many preset parameters and limited time and spatial ranges set in the system these models have low computational power requirements and could be used in educational workflow for better

  9. PaaS for web applications with OpenShift Origin

    OpenAIRE

    Lossent, A; Rodriguez Peon, A; Wagner, A

    2017-01-01

    The CERN Web Frameworks team has deployed OpenShift Origin to facilitate deployment of web applications and to improving efficiency in terms of computing resource usage. OpenShift leverages Docker containers and Kubernetes orchestration to provide a Platform-as-a-service solution oriented for web applications. We will review use cases and how OpenShift was integrated with other services such as source control, web site management and authentication services.

  10. PaaS for web applications with OpenShift Origin

    Science.gov (United States)

    Lossent, A.; Rodriguez Peon, A.; Wagner, A.

    2017-10-01

    The CERN Web Frameworks team has deployed OpenShift Origin to facilitate deployment of web applications and to improving efficiency in terms of computing resource usage. OpenShift leverages Docker containers and Kubernetes orchestration to provide a Platform-as-a-service solution oriented for web applications. We will review use cases and how OpenShift was integrated with other services such as source control, web site management and authentication services.

  11. Usage of Web Service in Mobile Application for Parents and Students in Binus School Serpong

    OpenAIRE

    Karto Iskandar; Andrew Thejo Putrantob

    2016-01-01

    A web service is a service offered by a device electronically to communicate with other electronic device using the World wide web. Smartphone is an electronic device that almost everyone has, especially student and parent for getting information about the school. In BINUS School Serpong mobile application, web services used for getting data from web server like student and menu data. Problem faced by BINUS School Serpong today is the time-consuming application update when using the native ap...

  12. Meta4: a web application for sharing and annotating metagenomic gene predictions using web services.

    Science.gov (United States)

    Richardson, Emily J; Escalettes, Franck; Fotheringham, Ian; Wallace, Robert J; Watson, Mick

    2013-01-01

    Whole-genome shotgun metagenomics experiments produce DNA sequence data from entire ecosystems, and provide a huge amount of novel information. Gene discovery projects require up-to-date information about sequence homology and domain structure for millions of predicted proteins to be presented in a simple, easy-to-use system. There is a lack of simple, open, flexible tools that allow the rapid sharing of metagenomics datasets with collaborators in a format they can easily interrogate. We present Meta4, a flexible and extensible web application that can be used to share and annotate metagenomic gene predictions. Proteins and predicted domains are stored in a simple relational database, with a dynamic front-end which displays the results in an internet browser. Web services are used to provide up-to-date information about the proteins from homology searches against public databases. Information about Meta4 can be found on the project website, code is available on Github, a cloud image is available, and an example implementation can be seen at.

  13. Biosensors for security and bioterrorism applications

    CERN Document Server

    Nikoleli, Georgia-Paraskevi

    2016-01-01

    This book offers comprehensive coverage of biomarker/biosensor interactions for the rapid detection of weapons of bioterrorism, as well as current research trends and future developments and applications. It will be useful to researchers in this field who are interested in new developments in the early detection of such. The authors have collected very valuable and, in some aspects indispensable experience in the area i.e. in the development and application of portable biosensors for the detection of potential hazards. Most efforts are centered on the development of immunochemical assays including flow-lateral systems and engineered antibodies and their fragments. In addition, new approaches to the detection of enzyme inhibitors, direct enzymatic and microbial detection of metabolites and nutrients are elaborated. Some realized prototypes and concept devices applicable for the further use as a basis for the cooperation programs are also discussed. There is a particular focus on electrochemical and optical det...

  14. X-ray imaging for security applications

    Science.gov (United States)

    Evans, J. Paul

    2004-01-01

    The X-ray screening of luggage by aviation security personnel may be badly hindered by the lack of visual cues to depth in an image that has been produced by transmitted radiation. Two-dimensional "shadowgraphs" with "organic" and "metallic" objects encoded using two different colors (usually orange and blue) are still in common use. In the context of luggage screening there are no reliable cues to depth present in individual shadowgraph X-ray images. Therefore, the screener is required to convert the 'zero depth resolution' shadowgraph into a three-dimensional mental picture to be able to interpret the relative spatial relationship of the objects under inspection. Consequently, additional cognitive processing is required e.g. integration, inference and memory. However, these processes can lead to serious misinterpretations of the actual physical structure being examined. This paper describes the development of a stereoscopic imaging technique enabling the screener to utilise binocular stereopsis and kinetic depth to enhance their interpretation of the actual nature of the objects under examination. Further work has led to the development of a technique to combine parallax data (to calculate the thickness of a target material) with the results of a basis material subtraction technique to approximate the target's effective atomic number and density. This has been achieved in preliminary experiments with a novel spatially interleaved dual-energy sensor which reduces the number of scintillation elements required by 50% in comparison to conventional sensor configurations.

  15. Advances in network systems architectures, security, and applications

    CERN Document Server

    Awad, Ali; Furtak, Janusz; Legierski, Jarosław

    2017-01-01

    This book provides the reader with a comprehensive selection of cutting–edge algorithms, technologies, and applications. The volume offers new insights into a range of fundamentally important topics in network architectures, network security, and network applications. It serves as a reference for researchers and practitioners by featuring research contributions exemplifying research done in the field of network systems. In addition, the book highlights several key topics in both theoretical and practical aspects of networking. These include wireless sensor networks, performance of TCP connections in mobile networks, photonic data transport networks, security policies, credentials management, data encryption for network transmission, risk management, live TV services, and multicore energy harvesting in distributed systems. .

  16. Fully simulatable quantum-secure coin-flipping and applications

    DEFF Research Database (Denmark)

    Lunemann, Carolin; Nielsen, Jesper Buus

    2011-01-01

    schemes which we show how to construct in the given setting. We then show that the interactive generation of random coins at the beginning or during outer protocols allows for quantum-secure realizations of classical schemes, again without any set-up assumptions. As example applications we discuss quantum...... zero-knowledge proofs of knowledge and quantum-secure two-party function evaluation. Both applications assume only fully simulatable coin-flipping and mixed commitments. Since our framework allows to construct fully simulatable coin-flipping from mixed commitments, this in particular shows that mixed...

  17. Usage of Web Service in Mobile Application for Parents and Students in Binus School Serpong

    Directory of Open Access Journals (Sweden)

    Karto Iskandar

    2016-09-01

    Full Text Available A web service is a service offered by a device electronically to communicate with other electronic device using the World wide web. Smartphone is an electronic device that almost everyone has, especially student and parent for getting information about the school. In BINUS School Serpong mobile application, web services used for getting data from web server like student and menu data. Problem faced by BINUS School Serpong today is the time-consuming application update when using the native application while the application updates are very frequent. To resolve this problem, BINUS School Serpong mobile application will use the web service. This article showed the usage of web services with XML for retrieving data of student. The result from this study is that by using web service, smartphone can retrieve data consistently between multiple platforms. 

  18. Chemical Applications for Enhanced World Security

    Energy Technology Data Exchange (ETDEWEB)

    Leibman, Christopher Patrick [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

    2017-07-19

    The purpose of this project is to reduce complexity of chemical analysis by combining chemical and physical processing steps into on package; develop instrumentation that cost less and is easy to use in a field laboratory by non-experts; and develop this "chemical application" so uranium enrichment can be measured onsite, eliminating the need for radioactive sample transport.

  19. A Web System Trace Model and Its Application to Web Design

    OpenAIRE

    Kong, Xiaoying; Liu, Li; Lowe, David

    2007-01-01

    Traceability analysis is crucial to the development of web-centric systems, particularly those with frequent system changes, fine-grained evolution and maintenance, and high level of requirements uncertainty. A trace model at the level of the web system architecture is presented in this paper to address the specific challenges of developing web-centric systems. The trace model separates the concerns of different stakeholders in the web development life cycle into viewpoints; and c...

  20. THE DEVELOPMENT OF A WEB BASED DATABASE APPLICATIONS OF PROCUREMENT, INVENTORY, AND SALES AT PT. INTERJAYA SURYA MEGAH

    Directory of Open Access Journals (Sweden)

    Choirul Huda

    2011-10-01

    Full Text Available The objective of this research is to develop a web based database application for the procurement, inventory and sales at PT. Interjaya Surya Megah. The current system at PT. Interjaya Surya Megah is running manually, so the company has difficulty in carrying out its activities. The methodology, that is used in this research, includes interviews, observation, literature review, conceptual database design, logical database design and physical database design. The results are the establishment of a web-based database application at PT. Interjaya Surya Megah. The conclusion is the company can be easier to run the day-to-day activities because data processing becomes faster and more accurate, faster report generation and more accurate, more secure data storage.Keywords: database; application; procurement; inventory; sales

  1. Bed management team with Kanban web-based application.

    Science.gov (United States)

    Rocha, Hermano Alexandre Lima; Santos, Ana Kelly Lima da Cruz; Alcântara, Antônia Celia de Castro; Lima, Carmen Sulinete Suliano da Costa; Rocha, Sabrina Gabriele Maia Oliveira; Cardoso, Roberto Melo; Cremonin, Jair Rodrigues

    2018-05-15

    To measure the effectiveness of the bed management process that uses a web-based application with Kanban methodology to reduce hospitalization time of hospitalized patients. Before-after study was performed. The study was conducted between July 2013 and July 2017, at the Unimed Regional Hospital of Fortaleza, which has 300 beds, of which 60 are in the intensive care unit (ICU). It is accredited by International Society for Quality in Healthcare. Patients hospitalized in the referred period. Bed management with an application that uses color logic to signal at which stage of high flow the patients meet, in which each patient is interpreted as a card of the classical Kanban theory. It has an automatic user signaling system for process movement, and a system for monitoring and analyzing discharge forecasts. Length of hospital stay, number of customer complaints related to bed availability. After the intervention, the hospital's overall hospital stay time was reduced from 5.6 days to 4.9 days (P = 0.001). The units with the greatest reduction were the ICUs, with reduction from 6.0 days to 2.0 (P = 0.001). The relative percentage of complaints regarding bed availability in the hospital fell from 27% to 0%. We conclude that the use of an electronic tool based on Kanban methodology and accessed via the web by a bed management team is effective in reducing patients' hospital stay time.

  2. web cellHTS2: A web-application for the analysis of high-throughput screening data

    Directory of Open Access Journals (Sweden)

    Boutros Michael

    2010-04-01

    Full Text Available Abstract Background The analysis of high-throughput screening data sets is an expanding field in bioinformatics. High-throughput screens by RNAi generate large primary data sets which need to be analyzed and annotated to identify relevant phenotypic hits. Large-scale RNAi screens are frequently used to identify novel factors that influence a broad range of cellular processes, including signaling pathway activity, cell proliferation, and host cell infection. Here, we present a web-based application utility for the end-to-end analysis of large cell-based screening experiments by cellHTS2. Results The software guides the user through the configuration steps that are required for the analysis of single or multi-channel experiments. The web-application provides options for various standardization and normalization methods, annotation of data sets and a comprehensive HTML report of the screening data analysis, including a ranked hit list. Sessions can be saved and restored for later re-analysis. The web frontend for the cellHTS2 R/Bioconductor package interacts with it through an R-server implementation that enables highly parallel analysis of screening data sets. web cellHTS2 further provides a file import and configuration module for common file formats. Conclusions The implemented web-application facilitates the analysis of high-throughput data sets and provides a user-friendly interface. web cellHTS2 is accessible online at http://web-cellHTS2.dkfz.de. A standalone version as a virtual appliance and source code for platforms supporting Java 1.5.0 can be downloaded from the web cellHTS2 page. web cellHTS2 is freely distributed under GPL.

  3. WEB APPLICATION TO MANAGE DOCUMENTS USING THE GOOGLE WEB TOOLKIT AND APP ENGINE TECHNOLOGIES

    Directory of Open Access Journals (Sweden)

    Velázquez Santana Eugenio César

    2017-12-01

    Full Text Available The application of new information technologies such as Google Web Toolkit and App Engine are making a difference in the academic management of Higher Education Institutions (IES, who seek to streamline their processes as well as reduce infrastructure costs. However, they encounter the problems with regard to acquisition costs, the infrastructure necessary for their use, as well as the maintenance of the software; It is for this reason that the present research aims to describe the application of these new technologies in HEIs, as well as to identify their advantages and disadvantages and the key success factors in their implementation. As a software development methodology, SCRUM was used as well as PMBOK as a project management tool. The main results were related to the application of these technologies in the development of customized software for teachers, students and administrators, as well as the weaknesses and strengths of using them in the cloud. On the other hand, it was also possible to describe the paradigm shift that data warehouses are generating with respect to today's relational databases.

  4. Soil food web structure after wood ash application

    DEFF Research Database (Denmark)

    Mortensen, Louise Hindborg; Qin, Jiayi; Cruz-Paredes, Carla

    the consequences of returning wood ash to biofuel producing coniferous forest. We that the change in pH and increased availability of nutrients after ash application to forest floor can facilitate an increase in the bacteria to fungi ratio with possible effects for the soil food by applying ash of different...... concentrations to experimental plots in a coniferous forest the soil will be collected with varying intervals and subsequently analyzed. The food web included several trophic levels; bacteria/fungi, protozoa, nematodes, enchytraeids and microarthropods and arthropods. Results from 2014 indicated that bacteria...... and protozoa were stimulated in the uppermost soil layer (0-3 cm) two months ash application, whereas the enchytraeids seemed to be slightly negatively affected. Generally, nematodes also appeared to be negatively affected, although it differed between feeding groups. On the higher trophic levels, no effect...

  5. Application of electron beam curing in web-offset printing

    International Nuclear Information System (INIS)

    Rodrigues, A.M.; Newcomb, W.T.

    1984-01-01

    Four years ago, the first commercial installation of an electron beam processor, coupled with a high speed web offset printing press was described. This line has been in operation since and its success demonstrates the advantages and feasibility of such an application. Just recently, another company has announced that it is using electron beam curing in its printing lines. Judging from the amount of inquiries and opportunities being actively pursued one can state that the use of electron beam systems in printing applications has come of age. This paper describes the advantages of this process, the characteristics of the equipment that are important for industrial use in a multishift environment, and addresses its economics through analysis of some major cost elements

  6. StreamStats: A water resources web application

    Science.gov (United States)

    Ries, Kernell G.; Guthrie, John G.; Rea, Alan H.; Steeves, Peter A.; Stewart, David W.

    2008-01-01

    . Streamflow measurements are collected systematically over a period of years at partial-record stations to estimate peak-flow or low-flow statistics. Streamflow measurements usually are collected at miscellaneous-measurement stations for specific hydrologic studies with various objectives.StreamStats is a Web-based Geographic Information System (GIS) application that was created by the USGS, in cooperation with Environmental Systems Research Institute, Inc. (ESRI)1, to provide users with access to an assortment of analytical tools that are useful for water-resources planning and management. StreamStats functionality is based on ESRI’s ArcHydro Data Model and Tools, described on the Web at http://resources.arcgis.com/en/communities/hydro/01vn0000000s000000.htm. StreamStats allows users to easily obtain streamflow statistics, basin characteristics, and descriptive information for USGS data-collection stations and user-selected ungaged sites. It also allows users to identify stream reaches that are upstream and downstream from user-selected sites, and to identify and obtain information for locations along the streams where activities that may affect streamflow conditions are occurring. This functionality can be accessed through a map-based user interface that appears in the user’s Web browser, or individual functions can be requested remotely as Web services by other Web or desktop computer applications. StreamStats can perform these analyses much faster than historically used manual techniques.StreamStats was designed so that each state would be implemented as a separate application, with a reliance on local partnerships to fund the individual applications, and a goal of eventual full national implementation. Idaho became the first state to implement StreamStats in 2003. By mid-2008, 14 states had applications available to the public, and 18 other states were in various stages of implementation.

  7. Web service composition: a semantic web and automated planning technique application

    Directory of Open Access Journals (Sweden)

    Jaime Alberto Guzmán Luna

    2008-09-01

    Full Text Available This article proposes applying semantic web and artificial intelligence planning techniques to a web services composition model dealing with problems of ambiguity in web service description and handling incomplete web information. The model uses an OWL-S services and implements a planning technique which handles open world semantics in its reasoning process to resolve these problems. This resulted in a web services composition system incorporating a module for interpreting OWL-S services and converting them into a planning problem in PDDL (a planning module handling incomplete information and an execution service module concurrently interacting with the planner for executing each composition plan service.

  8. Computer security

    CERN Document Server

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  9. Beginning ASPNET Security

    CERN Document Server

    Dorrans, Barry

    2010-01-01

    Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and

  10. An Application for Data Preprocessing and Models Extractions in Web Usage Mining

    Directory of Open Access Journals (Sweden)

    Claudia Elena DINUCA

    2011-11-01

    Full Text Available Web servers worldwide generate a vast amount of information on web users’ browsing activities. Several researchers have studied these so-called clickstream or web access log data to better understand and characterize web users. The goal of this application is to analyze user behaviour by mining enriched web access log data. With the continued growth and proliferation of e-commerce, Web services, and Web-based information systems, the volumes of click stream and user data collected by Web-based organizations in their daily operations has reached astronomical proportions. This information can be exploited in various ways, such as enhancing the effectiveness of websites or developing directed web marketing campaigns. The discovered patterns are usually represented as collections of pages, objects, or re-sources that are frequently accessed by groups of users with common needs or interests. In this paper we will focus on displaying the way how it was implemented the application for data preprocessing and extracting different data models from web logs data, finding association as a data mining technique to extract potentially useful knowledge from web usage data. We find different data models navigation patterns by analysing the log files of the web-site. I implemented the application in Java using NetBeans IDE. For exemplification, I used the log files data from a commercial web site www.nice-layouts.com.

  11. Use of Computer-Generated Holograms in Security Hologram Applications

    Directory of Open Access Journals (Sweden)

    Bulanovs A.

    2016-10-01

    Full Text Available The article discusses the use of computer-generated holograms (CGHs for the application as one of the security features in the relief-phase protective holograms. An improved method of calculating CGHs is presented, based on ray-tracing approach in the case of interference of parallel rays.

  12. 1st International Workshop on Search and Mining Terrorist Online Content and Advances in Data Science for Cyber Security and Risk on the Web

    OpenAIRE

    Tsikrika, T.; Vrochidis, S.; Akhgar, B.; Burnap, P.; Katos, Vasilis; Williams, M.L.

    2017-01-01

    The deliberate misuse of technical infrastructure (including the Web and social media) for cyber deviant and cybercriminal behaviour, ranging from the spreading of extremist and terrorism-related material to online fraud and cyber security attacks, is on the rise. This workshop aims to better understand such phenomena and develop methods for tackling them in an effective and efficient manner. The workshop brings together interdisciplinary researchers and experts in Web search, security inform...

  13. Usage Of Asp.Net Ajax for Binus School Serpong Web Applications

    Directory of Open Access Journals (Sweden)

    Karto Iskandar

    2016-03-01

    Full Text Available Today web applications have become a necessity and many companies use them as a communication tool to keep in touch with their customers. The usage of Web Application in current time increases as the numberof internet users has been rised. For reason of Rich Internet Application, the desktop application developer wasmoved to web application developer with AJAX technology. BINUS School Serpong is a Cambridge Curriculum base International School that uses web application for access every information about the school. By usingAJAX, performance of web application should be improved and the bandwidth usage is decreased. Problems thatoccur at BINUS School Serpong is not all part of the web application that uses AJAX. This paper introducesusage of AJAX in ASP.NET with C# programming language in web application BINUS School Serpong. It is expected by using ASP.NET AJAX, BINUS School Serpong website performance will be faster because of reducing web page reload. The methodology used in this paper is literature study. Results from this study are to prove that the ASP.NET AJAX can be used easily and improve BINUS School Serpong website performance. Conclusion of this paper is the implementation of ASP.NET AJAX improves performance of web application in BINUS School Serpong.

  14. Demonstration: SpaceExplorer - A Tool for Designing Ubiquitous Web Applications for Collections of Displays

    DEFF Research Database (Denmark)

    Hansen, Thomas Riisgaard

    2007-01-01

    This demonstration presents a simple browser plug-in that grant web applications the ability to use multiple nearby devices for displaying web content. A web page can e.g. be designed to present additional information on nearby devices. The demonstration introduces a light weight peer-to-peer arc...

  15. Security in Context-aware Mobile Business Applications

    OpenAIRE

    Tatli, Emin Islam

    2008-01-01

    The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Busi...

  16. Developing BP-driven web application through the use of MDE techniques

    OpenAIRE

    Torres Bosch, Maria Victoria; Giner Blasco, Pau; Pelechano Ferragud, Vicente

    2012-01-01

    Model driven engineering (MDE) is a suitable approach for performing the construction of software systems (in particular in the Web application domain). There are different types of Web applications depending on their purpose (i.e., document-centric, interactive, transactional, workflow/business process-based, collaborative, etc). This work focusses on business process-based Web applications in order to be able to understand business processes in a broad sense, from the lightweight business p...

  17. Advancements in web-database applications for rabies surveillance

    Directory of Open Access Journals (Sweden)

    Bélanger Denise

    2011-08-01

    Full Text Available Abstract Background Protection of public health from rabies is informed by the analysis of surveillance data from human and animal populations. In Canada, public health, agricultural and wildlife agencies at the provincial and federal level are responsible for rabies disease control, and this has led to multiple agency-specific data repositories. Aggregation of agency-specific data into one database application would enable more comprehensive data analyses and effective communication among participating agencies. In Québec, RageDB was developed to house surveillance data for the raccoon rabies variant, representing the next generation in web-based database applications that provide a key resource for the protection of public health. Results RageDB incorporates data from, and grants access to, all agencies responsible for the surveillance of raccoon rabies in Québec. Technological advancements of RageDB to rabies surveillance databases include 1 automatic integration of multi-agency data and diagnostic results on a daily basis; 2 a web-based data editing interface that enables authorized users to add, edit and extract data; and 3 an interactive dashboard to help visualize data simply and efficiently, in table, chart, and cartographic formats. Furthermore, RageDB stores data from citizens who voluntarily report sightings of rabies suspect animals. We also discuss how sightings data can indicate public perception to the risk of racoon rabies and thus aid in directing the allocation of disease control resources for protecting public health. Conclusions RageDB provides an example in the evolution of spatio-temporal database applications for the storage, analysis and communication of disease surveillance data. The database was fast and inexpensive to develop by using open-source technologies, simple and efficient design strategies, and shared web hosting. The database increases communication among agencies collaborating to protect human health from

  18. The research of network database security technology based on web service

    Science.gov (United States)

    Meng, Fanxing; Wen, Xiumei; Gao, Liting; Pang, Hui; Wang, Qinglin

    2013-03-01

    Database technology is one of the most widely applied computer technologies, its security is becoming more and more important. This paper introduced the database security, network database security level, studies the security technology of the network database, analyzes emphatically sub-key encryption algorithm, applies this algorithm into the campus-one-card system successfully. The realization process of the encryption algorithm is discussed, this method is widely used as reference in many fields, particularly in management information system security and e-commerce.

  19. Development and challenges of using web-based GIS for health applications

    DEFF Research Database (Denmark)

    Gao, Sheng; Mioc, Darka; Boley, Harold

    2011-01-01

    Web-based GIS is increasingly used in health applications. It has the potential to provide critical information in a timely manner, support health care policy development, and educate decision makers and the general public. This paper describes the trends and recent development of health...... applications using a Web-based GIS. Recent progress on the database storage and geospatial Web Services has advanced the use of Web-based GIS for health applications, with various proprietary software, open source software, and Application Programming Interfaces (APIs) available. Current challenges in applying...... care planning, and public health participation....

  20. Solving Guesstimation Problems Using the Semantic Web:Four Lessons from an Application

    OpenAIRE

    Bundy, Alan; Sasnauskas, Gintautas; Chan, Michael

    2013-01-01

    We draw on our experience of implementing a semi-automated guesstimation application of the Semantic Web, gort, to draw four lessons, which we claim are of general applicability. These are:1. Inference can unleash the Semantic Web: The full power of the web will only be realised when we can use it to infer new knowledge from old.2. The Semantic Web does not constrain the inference mechanisms: Since we must anyway curate the knowledge we extract from the web, we can take the opportunity to tra...

  1. Microwave and millimeter-wave remote sensing for security applications

    CERN Document Server

    Nanzer, Jeffrey

    2012-01-01

    Microwave and millimeter-wave remote sensing techniques are fast becoming a necessity in many aspects of security as detection and classification of objects or intruders becomes more difficult. This groundbreaking resource offers you expert guidance in this burgeoning area. It provides you with a thorough treatment of the principles of microwave and millimeter-wave remote sensing for security applications, as well as practical coverage of the design of radiometer, radar, and imaging systems. You learn how to design active and passive sensors for intruder detection, concealed object detection,

  2. RESTful Web Services Cookbook

    CERN Document Server

    Allamaraju, Subbu

    2010-01-01

    While the REST design philosophy has captured the imagination of web and enterprise developers alike, using this approach to develop real web services is no picnic. This cookbook includes more than 100 recipes to help you take advantage of REST, HTTP, and the infrastructure of the Web. You'll learn ways to design RESTful web services for client and server applications that meet performance, scalability, reliability, and security goals, no matter what programming language and development framework you use. Each recipe includes one or two problem statements, with easy-to-follow, step-by-step i

  3. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. In general, all-solid-state cameras need to be improved in four areas before they can be used as wholesale replacements for tube cameras in exterior security applications: resolution, sensitivity, contrast, and smear. However, with careful design some of the higher performance cameras can be used for perimeter security systems, and all of the cameras have applications where they are uniquely qualified. Many of the cameras are well suited for interior assessment and surveillance uses, and several of the cameras are well designed as robotics and machine vision devices

  4. Achieving Security Assurance with Assertion-based Application Construction

    Directory of Open Access Journals (Sweden)

    Carlos E. Rubio-Medrano

    2015-12-01

    Full Text Available Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs, which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may consequently occur. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.

  5. The Handicap Principle for Trust in Computer Security, the Semantic Web and Social Networking

    Science.gov (United States)

    Ma, Zhanshan (Sam); Krings, Axel W.; Hung, Chih-Cheng

    computer science, especially secure and resilient computing, the semantic web, and social networking. One important thread unifying the three aspects is the evolutionary game theory modeling or its extensions with survival analysis and agreement algorithms [19][20], which offer powerful game models for describing time-, space-, and covariate-dependent frailty (uncertainty and vulnerability) and deception (honesty).

  6. VennDiagramWeb: a web application for the generation of highly customizable Venn and Euler diagrams.

    Science.gov (United States)

    Lam, Felix; Lalansingh, Christopher M; Babaran, Holly E; Wang, Zhiyuan; Prokopec, Stephenie D; Fox, Natalie S; Boutros, Paul C

    2016-10-03

    Visualization of data generated by high-throughput, high-dimensionality experiments is rapidly becoming a rate-limiting step in computational biology. There is an ongoing need to quickly develop high-quality visualizations that can be easily customized or incorporated into automated pipelines. This often requires an interface for manual plot modification, rapid cycles of tweaking visualization parameters, and the generation of graphics code. To facilitate this process for the generation of highly-customizable, high-resolution Venn and Euler diagrams, we introduce VennDiagramWeb: a web application for the widely used VennDiagram R package. VennDiagramWeb is hosted at http://venndiagram.res.oicr.on.ca/ . VennDiagramWeb allows real-time modification of Venn and Euler diagrams, with parameter setting through a web interface and immediate visualization of results. It allows customization of essentially all aspects of figures, but also supports integration into computational pipelines via download of R code. Users can upload data and download figures in a range of formats, and there is exhaustive support documentation. VennDiagramWeb allows the easy creation of Venn and Euler diagrams for computational biologists, and indeed many other fields. Its ability to support real-time graphics changes that are linked to downloadable code that can be integrated into automated pipelines will greatly facilitate the improved visualization of complex datasets. For application support please contact Paul.Boutros@oicr.on.ca.

  7. Specification of application logic in web information systems

    NARCIS (Netherlands)

    Barna, P.

    2007-01-01

    The importance of the World Wide Web has grown tremendously over the past decade (or decade and a half). With a quickly growing amount of information published on the Web and its rapidly growing audience, requirements put on Web-based Information Systems (WIS), their developers and maintainers have

  8. Empower the patients with a dialogue-based web application.

    Science.gov (United States)

    Bjørnes, Charlotte D; Cummings, Elizabeth; Nøhr, Christian

    2012-01-01

    Based on a clinical intervention study this paper adds to the significance of users involvement in design processes and substantiate the potential of online, flexible health informatics tools as useful components to accommodate organizational changes that short stay treatment demands. A dialogue-based web application was designed and implemented to accommodate patients' information and communication needs in short stay hospital settings. To ensure the system meet the patients' needs, both patients and healthcare professionals were involved in the design process by applying various participatory methods. Contextualization of the new application was also central in all phases to ensure a focus not only on the technology itself, but also the way it is used and in which relations and contexts. In evaluation of the tool, the patients' descriptions as user substantiate that the use of Internet applications can expand the time for dialogue between the individual patient and healthcare professionals. The patients experience being partners in an on going dialogue, and thereby are empowered, e.g. in managing their care even at home, as these dialogues generate individualized information.

  9. Analysing and Enriching Focused Semantic Web Archives for Parliament Applications

    Directory of Open Access Journals (Sweden)

    Elena Demidova

    2014-07-01

    Full Text Available The web and the social web play an increasingly important role as an information source for Members of Parliament and their assistants, journalists, political analysts and researchers. It provides important and crucial background information, like reactions to political events and comments made by the general public. The case study presented in this paper is driven by two European parliaments (the Greek and the Austrian parliament and targets an effective exploration of political web archives. In this paper, we describe semantic technologies deployed to ease the exploration of the archived web and social web content and present evaluation results.

  10. Application distribution model and related security attacks in VANET

    Science.gov (United States)

    Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

    2013-03-01

    In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

  11. USING WEB MINING IN E-COMMERCE APPLICATIONS

    Directory of Open Access Journals (Sweden)

    Claudia Elena Dinucă

    2011-09-01

    Full Text Available Nowadays, the web is an important part of our daily life. The web is now the best medium of doing business. Large companies rethink their business strategy using the web to improve business. Business carried on the Web offers the opportunity to potential customers or partners where their products and specific business can be found. Business presence through a company web site has several advantages as it breaks the barrier of time and space compared with the existence of a physical office. To differentiate through the Internet economy, winning companies have realized that e-commerce transactions is more than just buying / selling, appropriate strategies are key to improve competitive power. One effective technique used for this purpose is data mining. Data mining is the process of extracting interesting knowledge from data. Web mining is the use of data mining techniques to extract information from web data. This article presents the three components of web mining: web usage mining, web structure mining and web content mining.

  12. Practical Pocket PC Application w/Biometric Security

    Science.gov (United States)

    Logan, Julian

    2004-01-01

    I work in the Flight Software Engineering Branch, where we provide design and development of embedded real-time software applications for flight and supporting ground systems to support the NASA Aeronautics and Space Programs. In addition, this branch evaluates, develops and implements new technologies for embedded real-time systems, and maintains a laboratory for applications of embedded technology. The majority of microchips that are used in modern society have been programmed using embedded technology. These small chips can be found in microwaves, calculators, home security systems, cell phones and more. My assignment this summer entails working with an iPAQ HP 5500 Pocket PC. This top-of-the-line hand-held device is one of the first mobile PC's to introduce biometric security capabilities. Biometric security, in this case a fingerprint authentication system, is on the edge of technology as far as securing information. The benefits of fingerprint authentication are enormous. The most significant of them are that it is extremely difficult to reproduce someone else's fingerprint, and it is equally difficult to lose or forget your own fingerprint as opposed to a password or pin number. One of my goals for this summer is to integrate this technology with another Pocket PC application. The second task for the summer is to develop a simple application that provides an Astronaut EVA (Extravehicular Activity) Log Book capability. The Astronaut EVA Log Book is what an astronaut would use to report the status of field missions, crew physical health, successes, future plans, etc. My goal is to develop a user interface into which these data fields can be entered and stored. The applications that I am developing are created using eMbedded Visual C++ 4.0 with the Pocket PC 2003 Software Development Kit provided by Microsoft.

  13. Potential National Security Applications of Nuclear Resonance Fluorescence Methods

    International Nuclear Information System (INIS)

    Warren, Glen A.; Peplowski, Patrick N.; Caggiano, Joseph A.

    2009-01-01

    The objective of this report is to document the initial investigation into the possible research issues related to the development of NRF-based national security applications. The report discusses several potential applications ranging from measuring uranium enrichment in UF6 canisters to characterization of gas samples. While these applications are varied, there are only a few research issues that need to be addressed to understand the limitation of NRF in solving these problems. These research issues range from source and detector development to measuring small samples. The next effort is to determine how best to answer the research issues, followed by a prioritization of those questions to ensure that the most important are addressed. These issues will be addressed through either analytical calculations, computer simulations, analysis of previous data or collection of new measurements. It will also be beneficial to conduct a thorough examination of a couple of the more promising applications in order to develop concrete examples of how NRF may be applied in specific situations. The goals are to develop an understanding of whether the application of NRF is limited by technology or physics in addressing national security applications, to gain a motivation to explore those possible applications, and to develop a research roadmap so that those possibilities may be made reality.

  14. The definitive guide to HTML5 WebSocket

    CERN Document Server

    Wang, Vanessa; Moskovits, Peter

    2013-01-01

    The Definitive Guide to HTML5 WebSocket is the ultimate insider's WebSocket resource. This revolutionary new web technology enables you to harness the power of true real-time connectivity and build responsive, modern web applications.   This book contains everything web developers and architects need to know about WebSocket. It discusses how WebSocket-based architectures provide a dramatic reduction in unnecessary network overhead and latency compared to older HTTP (Ajax) architectures, how to layer widely used protocols such as XMPP and STOMP on top of WebSocket, and how to secure WebSocket c

  15. External Insider Threat: a Real Security Challenge in Enterprise Value Webs

    NARCIS (Netherlands)

    Nunes Leal Franqueira, V.; van Cleeff, A.; van Eck, Pascal; Wieringa, Roelf J.

    2010-01-01

    Increasingly, organizations collaborate with other organizations in value webs with various arrangements, such as outsourcing, partnering, joint ventures, or subcontracting. As the Jericho Forum (an industry consortium of the Open Group) observed, in all these forms of collaboration, the boundaries

  16. VoSeq: a voucher and DNA sequence web application.

    Directory of Open Access Journals (Sweden)

    Carlos Peña

    Full Text Available There is an ever growing number of molecular phylogenetic studies published, due to, in part, the advent of new techniques that allow cheap and quick DNA sequencing. Hence, the demand for relational databases with which to manage and annotate the amassing DNA sequences, genes, voucher specimens and associated biological data is increasing. In addition, a user-friendly interface is necessary for easy integration and management of the data stored in the database back-end. Available databases allow management of a wide variety of biological data. However, most database systems are not specifically constructed with the aim of being an organizational tool for researchers working in phylogenetic inference. We here report a new software facilitating easy management of voucher and sequence data, consisting of a relational database as back-end for a graphic user interface accessed via a web browser. The application, VoSeq, includes tools for creating molecular datasets of DNA or amino acid sequences ready to be used in commonly used phylogenetic software such as RAxML, TNT, MrBayes and PAUP, as well as for creating tables ready for publishing. It also has inbuilt BLAST capabilities against all DNA sequences stored in VoSeq as well as sequences in NCBI GenBank. By using mash-ups and calls to web services, VoSeq allows easy integration with public services such as Yahoo! Maps, Flickr, Encyclopedia of Life (EOL and GBIF (by generating data-dumps that can be processed with GBIF's Integrated Publishing Toolkit.

  17. E-commerce Systems and E-shop Web Sites Security

    OpenAIRE

    Suchánek, Petr

    2009-01-01

    Fruitfulnes of contemporary companies rests on new business model development, elimination of communication obstacles, simplification of industrial processes, possibilities of responding in real-time and above all meeting the floating custom needs. Quite a number of company activities and transactions are realized within the framework of e-business. Business transactions are supported by e-commerce systems. One of the e-commerce system part is web interface (web sites). Present trend is putti...

  18. Perceptions of Accounting Practitioners and Educators on E-Business Curriculum and Web Security Issues

    Science.gov (United States)

    Ragothaman, Srinivasan; Lavin, Angeline; Davies, Thomas

    2007-01-01

    This research examines, through survey administration, the perceptions of accounting practitioners and educators with respect to the multi-faceted security issues of e-commerce payment systems as well as e-business curriculum issues. Specific security issues explored include misuse/theft of personal and credit card information, spam e-mails,…

  19. Supporting Case-Based Learning in Information Security with Web-Based Technology

    Science.gov (United States)

    He, Wu; Yuan, Xiaohong; Yang, Li

    2013-01-01

    Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security…

  20. Extended eTVRA vs. Security Checklist: Experiences in a Value-Web

    NARCIS (Netherlands)

    Morali, A.; Zambon, Emmanuele; Houmb, S.H.; Sallhammar, Karin; Etalle, Sandro

    2008-01-01

    Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a Common Criteria evaluation. To support security evaluation, the European Telecommunications Standards

  1. Extended eTVRA vs. Security Checklist: Experiences in a Value-Web

    NARCIS (Netherlands)

    Morali, A.; Zambon, Emmanuele; Houmb, S.H.; Sallhammar, Karin; Etalle, Sandro

    2009-01-01

    Security evaluation according to ISO 15408 (common criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a common criteria evaluation. To support security evaluation, the European Telecommunications Standards

  2. Extended eTVRA vs. security checklist: Experiences in a value-web

    NARCIS (Netherlands)

    Morali, A.; Zambon, E.; Houmb, S.H.; Sallhammar, K.; Etalle, S.

    2009-01-01

    Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a Common Criteria evaluation. To support security evaluation, the European Telecommunications Standards

  3. Quantitative Security Risk Assessment of Android Permissions and Applications

    OpenAIRE

    Wang , Yang; Zheng , Jun; Sun , Chen; Mukkamala , Srinivas

    2013-01-01

    Part 6: Mobile Computing; International audience; The booming of the Android platform in recent years has attracted the attention of malware developers. However, the permissions-based model used in Android system to prevent the spread of malware, has shown to be ineffective. In this paper, we propose DroidRisk, a framework for quantitative security risk assessment of both Android permissions and applications (apps) based on permission request patterns from benign apps and malware, which aims ...

  4. Security issues of cloud computing environment in possible military applications

    OpenAIRE

    Samčović, Andreja B.

    2013-01-01

    The evolution of cloud computing over the past few years is potentially one of major advances in the history of computing and telecommunications. Although there are many benefits of adopting cloud computing, there are also some significant barriers to adoption, security issues being the most important of them. This paper introduces the concept of cloud computing; looks at relevant technologies in cloud computing; takes into account cloud deployment models and some military applications. Addit...

  5. Military Applications of Nanotechnology: Implications for Strategic Security I

    OpenAIRE

    Kosal, Margaret E.

    2014-01-01

    PASCC Final Report Nanotechnology has emerged as a major science and technology focus of the 21st century. Proponents assert that military applications of nanotechnology have even greater potential than nuclear weapons to radically change the balance of power internationally. The suggestion that nanotechnology will enable a new class of weapons that will alter the geopolitical landscape remains to be realized. A number of unresolved security puzzles underlying the emergence of nanotechn...

  6. 77 FR 74278 - Proposed Information Collection (Internet Student CPR Web Registration Application); Comment Request

    Science.gov (United States)

    2012-12-13

    ... (Internet Student CPR Web Registration Application); Comment Request AGENCY: Veterans Health Administration.... Title: Internet Student CPR Web Registration Application, VA Form 10-0468. OMB Control Number: 2900-0746... Minneapolis VA Medical Center Education Service. Students will be able to identify and register for a training...

  7. Computer Security: the security marathon

    CERN Multimedia

    Computer Security Team

    2014-01-01

    If you believe that “security” is a sprint, that a quick hack is invulnerable, that quick bug fixing is sufficient, that plugging security measures on top of existing structures is good, that once you are secure your life will be easy... then let me convince you otherwise.   An excellent example of this is when the summer students join us at CERN. As the summer period is short, software projects must be accomplished quickly, like a sprint. Rush, rush! But often, this sprint ends with aching muscles. Regularly, these summer students approach us to have their project or web server made visible to the Internet. Regularly, quick security reviews of those web servers diagnose severe underperformance with regards to security: the web applications are flawed or use insecure protocols; the employed software tools, databases or web frameworks are sub-optimal and not adequately chosen for that project; the operating system is non-standard and has never been brought up-to-date; and ...

  8. An ethernet/IP security review with intrusion detection applications

    International Nuclear Information System (INIS)

    Laughter, S. A.; Williams, R. D.

    2006-01-01

    Supervisory Control and Data Acquisition (SCADA) and automation networks, used throughout utility and manufacturing applications, have their own specific set of operational and security requirements when compared to corporate networks. The modern climate of heightened national security and awareness of terrorist threats has made the security of these systems of prime concern. There is a need to understand the vulnerabilities of these systems and how to monitor and protect them. Ethernet/IP is a member of a family of protocols based on the Control and Information Protocol (CIP). Ethernet/IP allows automation systems to be utilized on and integrated with traditional TCP/IP networks, facilitating integration of these networks with corporate systems and even the Internet. A review of the CIP protocol and the additions Ethernet/IP makes to it has been done to reveal the kind of attacks made possible through the protocol. A set of rules for the SNORT Intrusion Detection software is developed based on the results of the security review. These can be used to monitor, and possibly actively protect, a SCADA or automation network that utilizes Ethernet/IP in its infrastructure. (authors)

  9. The security system analyzer: An application of the Prolog language

    International Nuclear Information System (INIS)

    Zimmerman, B.D.; Seeman, S.E.

    1986-01-01

    The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs

  10. 17 CFR 270.6b-1 - Exemption of employees' securities company pending determination of application.

    Science.gov (United States)

    2010-04-01

    ...' securities company pending determination of application. 270.6b-1 Section 270.6b-1 Commodity and Securities... 1940 § 270.6b-1 Exemption of employees' securities company pending determination of application. Any... Act (54 Stat. 801; 15 U.S.C. 80a-6) shall be exempt, pending final determination of such application...

  11. DEVELOPMENT OF A WEB-BASED PROXIMITY BASED MEDIA SHARING APPLICATION

    OpenAIRE

    Erol Ozan

    2016-01-01

    This article reports the development of Vissou, which is a location based web application that enables media recording and sharing among users who are in close proximity to each other. The application facilitates the automated hand-over of the recorded media files from one user to another. There are many social networking applications and web sites that provide digital media sharing and editing functionalities. What differentiates Vissou from other similar applications is the functions and us...

  12. Defence and security applications of quantum cascade lasers

    Science.gov (United States)

    Grasso, Robert J.

    2016-09-01

    Quantum Cascade Lasers (QCL) have seen tremendous recent application in the realm of Defence and Security. And, in many instances replacing traditional solid state lasers as the source of choice for Countermeasures, Remote Sensing, In-situ Sensing, Through-Barrier Sensing, and many others. Following their development and demonstration in the early 1990's, QCL's reached some maturity and specific defence and security application prior to 2005; with much initial development fostered by DARPA initiatives in the US, dstl, MoD, and EOARD funding initiatives in the UK, and University level R&D such as those by Prof Manijeh Razeghi at Northwestern University [1], and Prof Ted Masselink at Humboldt University [2]. As QCL's provide direct mid-IR laser output for electrical input, they demonstrate high quantum efficiency compared with diode pumped solid state lasers with optical parametric oscillators (OPOs) to generate mid-Infrared output. One particular advantage of QCL's is their very broad operational bandwidth, extending from the terahertz to the near-infrared spectral regions. Defence and Security areas benefiting from QCL's include: Countermeasures, Remote Sensing, Through-the-Wall Sensing, and Explosive Detection. All information used to construct this paper obtained from open sources.

  13. Development of grid-like applications for public health using Web 2.0 mashup techniques.

    Science.gov (United States)

    Scotch, Matthew; Yip, Kevin Y; Cheung, Kei-Hoi

    2008-01-01

    Development of public health informatics applications often requires the integration of multiple data sources. This process can be challenging due to issues such as different file formats, schemas, naming systems, and having to scrape the content of web pages. A potential solution to these system development challenges is the use of Web 2.0 technologies. In general, Web 2.0 technologies are new internet services that encourage and value information sharing and collaboration among individuals. In this case report, we describe the development and use of Web 2.0 technologies including Yahoo! Pipes within a public health application that integrates animal, human, and temperature data to assess the risk of West Nile Virus (WNV) outbreaks. The results of development and testing suggest that while Web 2.0 applications are reasonable environments for rapid prototyping, they are not mature enough for large-scale public health data applications. The application, in fact a "systems of systems," often failed due to varied timeouts for application response across web sites and services, internal caching errors, and software added to web sites by administrators to manage the load on their servers. In spite of these concerns, the results of this study demonstrate the potential value of grid computing and Web 2.0 approaches in public health informatics.

  14. Research of web application based on B/S structure testing

    International Nuclear Information System (INIS)

    Ou Ge; Zhang Hongmei; Song Liming

    2007-01-01

    Software testing is very important method used to assure the quality of Web application. With the fast development of Web application, the old testing techniques can not satisfied the require any more. Because of this people begin to classify different part of the application, find out the content that can be tested by the test tools and studies the structure of testing to enhance his efficiency. This paper analyses the testing based on the feature of Web application, sums up the testing method and gives some improvements of them. (authors)

  15. Developing Dynamic Single Page Web Applications Using Meteor : Comparing JavaScript Frameworks: Blaze and React

    OpenAIRE

    Yetayeh, Asabeneh

    2017-01-01

    This paper studies Meteor which is a JavaScript full-stack framework to develop interactive single page web applications. Meteor allows building web applications entirely in JavaScript. Meteor uses Blaze, React or AngularJS as a view layer and Node.js and MongoDB as a back-end. The main purpose of this study is to compare the performance of Blaze and React. A multi-user Blaze and React web applications with similar HTML and CSS were developed. Both applications were deployed on Heroku’s w...

  16. A Web of applicant attraction: person-organization fit in the context of Web-based recruitment.

    Science.gov (United States)

    Dineen, Brian R; Ash, Steven R; Noe, Raymond A

    2002-08-01

    Applicant attraction was examined in the context of Web-based recruitment. A person-organization (P-O) fit framework was adopted to examine how the provision of feedback to individuals regarding their potential P-O fit with an organization related to attraction. Objective and subjective P-O fit, agreement with fit feedback, and self-esteem also were examined in relation to attraction. Results of an experiment that manipulated fit feedback level after a self-assessment provided by a fictitious company Web site found that both feedback level and objective P-O fit were positively related to attraction. These relationships were fully mediated by subjective P-O fit. In addition, attraction was related to the interaction of objective fit, feedback, and agreement and objective fit, feedback, and self-esteem. Implications and future Web-based recruitment research directions are discussed.

  17. Key Technologies and Applications of Satellite and Sensor Web-coupled Real-time Dynamic Web Geographic Information System

    Directory of Open Access Journals (Sweden)

    CHEN Nengcheng

    2017-10-01

    Full Text Available The geo-spatial information service has failed to reflect the live status of spot and meet the needs of integrated monitoring and real-time information for a long time. To tackle the problems in observation sharing and integrated management of space-borne, air-borne, and ground-based platforms and efficient service of spatio-temporal information, an observation sharing model was proposed. The key technologies in real-time dynamic geographical information system (GIS including maximum spatio-temporal coverage-based optimal layout of earth-observation sensor Web, task-driven and feedback-based control, real-time access of streaming observations, dynamic simulation, warning and decision support were detailed. An real-time dynamic Web geographical information system (WebGIS named GeoSensor and its applications in sensing and management of spatio-temporal information of Yangtze River basin including navigation, flood prevention, and power generation were also introduced.

  18. THE DIFFERENCE BETWEEN DEVELOPING SINGLE PAGE APPLICATION AND TRADITIONAL WEB APPLICATION BASED ON MECHATRONICS ROBOT LABORATORY ONAFT APPLICATION

    Directory of Open Access Journals (Sweden)

    V. Solovei

    2018-04-01

    Full Text Available Today most of desktop and mobile applications have analogues in the form of web-based applications.  With evolution of development technologies and web technologies web application increased in functionality to desktop applications. The Web application consists of two parts of the client part and the server part. The client part is responsible for providing the user with visual information through the browser. The server part is responsible for processing and storing data.MPA appeared simultaneously with the Internet. Multiple-page applications work in a "traditional" way. Every change eg. display the data or submit data back to the server. With the advent of AJAX, MPA learned to load not the whole page, but only a part of it, which eventually led to the appearance of the SPA. SPA is the principle of development when only one page is transferred to the client part, and the content is downloaded only to a certain part of the page, without rebooting it, which allows to speed up the application and simplify the user experience of using the application to the level of desktop applications.Based on the SPA, the Mechatronics Robot Laboratory ONAFT application was designed to automate the management process. The application implements the client-server architecture. The server part consists of a RESTful API, which allows you to get unified access to the application functionality, and a database for storing information. Since the client part is a spa, this allows you to reduce the load on the connection to the server and improve the user experience

  19. Efficient development of web applications for remote participation using Ruby on Rails

    International Nuclear Information System (INIS)

    Emoto, M.; Yoshida, M.; Iwata, C.; Inagaki, S.; Nagayama, Y.

    2010-01-01

    Large-scale experiments such as ITER require international collaboration, and remote participation plays an important role in carrying out such experiments. Web-based applications are useful tools for scientists participating in experiments remotely using personal computers. Since the participants typically download web-based applications to their computer each time they access the web servers, they do not need to install extra software in order to use these applications. In addition, the application developers do not need to distribute the latest program files each time they are modified, thus reducing maintenance costs for remote participation systems. For these reasons, we have been developing web-based applications for the LHD experiments at NIFS. In a previous study, we showed the benefits of using Ruby on Rails (RoR) to develop web-based applications for analysis code. We thought this approach would also be useful for developing applications for remote participation. Therefore, we have developed several web-based applications using RoR for participating in the LHD experiments. These applications include a data viewer and a scheduler of experiments. The main reason to adopt RoR for this purpose is its efficiency for developing web-based applications. For example, to develop a data viewer, we used an existing program running on an X-Windows System. Using RoR, we could minimize the modifications of the existing programs to add web interfaces. In this paper, we will report a web-based application developed using RoR for the LHD experiment. We will also discuss the benefits of using RoR in developing remote participation tools.

  20. Preliminary field evaluation of solid state cameras for security applications

    International Nuclear Information System (INIS)

    Murray, D.W.

    1987-01-01

    Recent developments in solid state imager technology have resulted in a series of compact, lightweight, all-solid-state closed circuit television (CCTV) cameras. Although it is widely known that the various solid state cameras have less light sensitivity and lower resolution than their vacuum tube counterparts, the potential for having a much longer Mean Time Between Failure (MTBF) for the all-solid-state cameras is generating considerable interest within the security community. Questions have been raised as to whether the newest and best of the solid state cameras are a viable alternative to the high maintenance vacuum tube cameras in exterior security applications. To help answer these questions, a series of tests were performed by Sandia National Laboratories at various test sites and under several lighting conditions. The results of these tests as well as a description of the test equipment, test sites, and procedures are presented in this report

  1. HOMOMORPHIC ENCRYPTION: CLOUD COMPUTING SECURITY AND OTHER APPLICATIONS (A SURVEY

    Directory of Open Access Journals (Sweden)

    A. I. Trubei

    2015-01-01

    Full Text Available Homomorphic encryption is a form of encryption which allows specific types of computations to be carried out on cipher text and to obtain an encrypted result which matches the result of operations performed on the plain text. The article presents a basic concept of the homomorphic encryption and various encryption algorithms in accordance with the fundamental properties of the homomorphic encryption. The examples of various principles and properties of homomorphic encryption, some homomorphic algorithms using asymmetric key systems such as RSA, ElGamal, Paillier algorithms as well as various homomorphic encryption schemes are given. Prospects of homomorphic encryption application in the field of secure cloud computing, electronic voting, cipher text searching, encrypted mail filtering, mobile cipher and secure feedback systems are considered.

  2. Un sistema de discusión seguro con participación anónima a través de servicios Web A secure discussion system with anonymous participation through Web services

    Directory of Open Access Journals (Sweden)

    Daniel Vásquez

    2013-04-01

    Full Text Available Un desafío para la deliberación democrática en un entorno informático es proveer seguridad en el proceso, tanto para el ciudadano individual como para el grupo social. En este sentido, es importante ofrecer garantías de protección a los ciudadanos de forma que no se vea afectada su libertad de expresión y de seguridad en el intercambio de mensajes, de manera que estos sean confiables para todos los participantes. Como parte de este proyecto se ha diseñado y construido un sistema informático de discusión que permite a los usuarios intercambiar opiniones de forma segura, a través de la aplicación de técnicas de criptografía. El sistema permite varios niveles de seguridad e identificación. Se permite la participación identificada a través del uso de firma digital y certificados. Además, se implementa un esquema de participación anónima a través de la firma de mensajes utilizando una credencial obtenida mediante un procedimiento de firma ciega. También se aplican atributos de seguridad para asegurar la integridad, confidencialidad y no repudio de estos. El sistema de discusión se ha construido inmerso en una plataforma de servicios Web orientada a proveer funcionalidades de apoyo a la democracia digital.A challenge for democratic deliberation in a computing environment is to provide security in the process, both for the individual citizen and the social group. In this regard, it is important to provide guarantees of protection to the citizens so as not to affect their freedom of expression and security on the exchange of messages, so they are reliable for all participants. As part of this project a discussion system has been designed and built that allows users to exchange opinions safely, through the application of cryptographic techniques. The system allows multiple levels of security and identification. It allows the participation identified through the use of digital signatures and certificates. Furthermore, it implements

  3. Mindcontrol: A web application for brain segmentation quality control.

    Science.gov (United States)

    Keshavan, Anisha; Datta, Esha; M McDonough, Ian; Madan, Christopher R; Jordan, Kesshi; Henry, Roland G

    2018-04-15

    Tissue classification plays a crucial role in the investigation of normal neural development, brain-behavior relationships, and the disease mechanisms of many psychiatric and neurological illnesses. Ensuring the accuracy of tissue classification is important for quality research and, in particular, the translation of imaging biomarkers to clinical practice. Assessment with the human eye is vital to correct various errors inherent to all currently available segmentation algorithms. Manual quality assurance becomes methodologically difficult at a large scale - a problem of increasing importance as the number of data sets is on the rise. To make this process more efficient, we have developed Mindcontrol, an open-source web application for the collaborative quality control of neuroimaging processing outputs. The Mindcontrol platform consists of a dashboard to organize data, descriptive visualizations to explore the data, an imaging viewer, and an in-browser annotation and editing toolbox for data curation and quality control. Mindcontrol is flexible and can be configured for the outputs of any software package in any data organization structure. Example configurations for three large, open-source datasets are presented: the 1000 Functional Connectomes Project (FCP), the Consortium for Reliability and Reproducibility (CoRR), and the Autism Brain Imaging Data Exchange (ABIDE) Collection. These demo applications link descriptive quality control metrics, regional brain volumes, and thickness scalars to a 3D imaging viewer and editing module, resulting in an easy-to-implement quality control protocol that can be scaled for any size and complexity of study. Copyright © 2017 The Authors. Published by Elsevier Inc. All rights reserved.

  4. Intelligent Facial Recognition Systems: Technology advancements for security applications

    Energy Technology Data Exchange (ETDEWEB)

    Beer, C.L.

    1993-07-01

    Insider problems such as theft and sabotage can occur within the security and surveillance realm of operations when unauthorized people obtain access to sensitive areas. A possible solution to these problems is a means to identify individuals (not just credentials or badges) in a given sensitive area and provide full time personnel accountability. One approach desirable at Department of Energy facilities for access control and/or personnel identification is an Intelligent Facial Recognition System (IFRS) that is non-invasive to personnel. Automatic facial recognition does not require the active participation of the enrolled subjects, unlike most other biological measurement (biometric) systems (e.g., fingerprint, hand geometry, or eye retinal scan systems). It is this feature that makes an IFRS attractive for applications other than access control such as emergency evacuation verification, screening, and personnel tracking. This paper discusses current technology that shows promising results for DOE and other security applications. A survey of research and development in facial recognition identified several companies and universities that were interested and/or involved in the area. A few advanced prototype systems were also identified. Sandia National Laboratories is currently evaluating facial recognition systems that are in the advanced prototype stage. The initial application for the evaluation is access control in a controlled environment with a constant background and with cooperative subjects. Further evaluations will be conducted in a less controlled environment, which may include a cluttered background and subjects that are not looking towards the camera. The outcome of the evaluations will help identify areas of facial recognition systems that need further development and will help to determine the effectiveness of the current systems for security applications.

  5. AmWeb: a novel interactive web tool for antimicrobial resistance surveillance, applicable to both community and hospital patients.

    Science.gov (United States)

    Ironmonger, Dean; Edeghere, Obaghe; Gossain, Savita; Bains, Amardeep; Hawkey, Peter M

    2013-10-01

    Antimicrobial resistance (AMR) is recognized as one of the most significant threats to human health. Local and regional AMR surveillance enables the monitoring of temporal changes in susceptibility to antibiotics and can provide prescribing guidance to healthcare providers to improve patient management and help slow the spread of antibiotic resistance in the community. There is currently a paucity of routine community-level AMR surveillance information. The HPA in England sponsored the development of an AMR surveillance system (AmSurv) to collate local laboratory reports. In the West Midlands region of England, routine reporting of AMR data has been established via the AmSurv system from all diagnostic microbiology laboratories. The HPA Regional Epidemiology Unit developed a web-enabled database application (AmWeb) to provide microbiologists, pharmacists and other stakeholders with timely access to AMR data using user-configurable reporting tools. AmWeb was launched in the West Midlands in January 2012 and is used by microbiologists and pharmacists to monitor resistance profiles, perform local benchmarking and compile data for infection control reports. AmWeb is now being rolled out to all English regions. It is expected that AmWeb will become a valuable tool for monitoring the threat from newly emerging or currently circulating resistant organisms and helping antibiotic prescribers to select the best treatment options for their patients.

  6. Possibilities of contactless control of web map applications by sight

    Directory of Open Access Journals (Sweden)

    Rostislav Netek

    2012-03-01

    Full Text Available This paper assesses possibilities of a new approach of control map applications on the screen without locomotive system. There is a project about usability of Eye Tracking System in Geoinformatic and Cartographic fields at Department of Geoinformatics at Palacky University. The eye tracking system is a device for measuring eye/gaze positions and eye/gaze movement ("where we are looking". There is a number of methods and outputs, but the most common are "heat-maps" of intensity and/or time. Just this method was used in the first part, where was analyzed the number of common web map portals, especially distribution of their tools and functions on the screen. The aim of research is to localize by heat-maps the best distribution of control tools for movement with map (function "pan". It can analyze how sensitive are people on perception of control tools in different web pages and platforms. It is a great experience to compare accurate survey data with personal interpretation and knowledge. Based on these results is the next step – design of "control tools" which is command by eye-tracking device. There has been elected rectangle areas located on the edge of map (AOI – areas of interest, with special function which have defined some time delay. When user localizes one of these areas the map automatically moves to the way on which edge is localized on, and time delay prevents accidental movement. The technology for recording the eye movements on the screen offers this option because if you properly define the layout and function controls of the map, you need only connect these two systems. At this moment, there is a technical constrain. The solution of movement control is based on data transmission between eye-tracking-device-output and converter in real-time. Just real-time transfer is not supported in every case of SMI (SensoMotoric Instruments company devices. More precisely it is the problem of money, because eye-tracking device and every

  7. 78 FR 46622 - Application of Topaz Exchange, LLC for Registration as a National Securities Exchange; Findings...

    Science.gov (United States)

    2013-08-01

    ... Exchange, LLC for Registration as a National Securities Exchange; Findings, Opinion, and Order of the... Registration as a National Securities Exchange (``Form 1 Application'') \\1\\ under Section 6 of the Securities... substantive, are consistent with the existing rules of other registered national securities exchanges, or are...

  8. Development of Grid-like Applications for Public Health Using Web 2.0 Mashup Techniques

    OpenAIRE

    Scotch, Matthew; Yip, Kevin Y.; Cheung, Kei-Hoi

    2008-01-01

    Development of public health informatics applications often requires the integration of multiple data sources. This process can be challenging due to issues such as different file formats, schemas, naming systems, and having to scrape the content of web pages. A potential solution to these system development challenges is the use of Web 2.0 technologies. In general, Web 2.0 technologies are new internet services that encourage and value information sharing and collaboration among individuals....

  9. Recent trends in print portals and Web2Print applications

    Science.gov (United States)

    Tuijn, Chris

    2009-01-01

    case, the ordering process is, of course, not fully automated. Standardized products, on the other hand, are easily identified and the cost charged to the print buyer can be retrieved from predefined price lists. Typically, higher volumes will result in more attractive prices. An additional advantage of this type of products is that they are often defined such that they can be produced in bulk using conventional printing techniques. If one wants to automate the ganging, a connection must be established between the on-line ordering and the production planning system. (For digital printing, there typically is no need to gang products since they can be produced more effectively separately.) Many of the on-line print solutions support additional features also available in general purpose e-commerce sites. We here think of the availability of virtual shopping baskets, the connectivity with payment gateways and the support of special facilities for interfacing with courier services (bar codes, connectivity to courier web sites for tracking shipments etc.). Supporting these features also assumes an intimate link with the print production system. Another development that goes beyond the on-line ordering of printed material and the submission of full pages and/or documents, is the interactive, on-line definition of the content itself. Typical applications in this respect are, e.g., the creation of business cards, leaflets, letter heads etc. On a more professional level, we also see that more and more publishing organizations start using on-line publishing platforms to organize their work. These professional platforms can also be connected directly to printing portals and thus enable extra automation. In this paper, we will discuss for each of the different applications presented above (traditional Print Portals, Web2Print applications and professional, on-line publishing platforms) how they interact with prepress and print production systems and how they contribute to the

  10. A web-based application for initial screening of living kidney donors: development, implementation and evaluation.

    Science.gov (United States)

    Moore, D R; Feurer, I D; Zavala, E Y; Shaffer, D; Karp, S; Hoy, H; Moore, D E

    2013-02-01

    Most centers utilize phone or written surveys to screen candidates who self-refer to be living kidney donors. To increase efficiency and reduce resource utilization, we developed a web-based application to screen kidney donor candidates. The aim of this study was to evaluate the use of this web-based application. Method and time of referral were tabulated and descriptive statistics summarized demographic characteristics. Time series analyses evaluated use over time. Between January 1, 2011 and March 31, 2012, 1200 candidates self-referred to be living kidney donors at our center. Eight hundred one candidates (67%) completed the web-based survey and 399 (33%) completed a phone survey. Thirty-nine percent of donors accessed the application on nights and weekends. Postimplementation of the web-based application, there was a statistically significant increase (p web-based application as opposed to telephone contact. Also, there was a significant increase (p = 0.025) in the total number of self-referrals post-implementation from 61 to 116 per month. An interactive web-based application is an effective strategy for the initial screening of donor candidates. The web-based application increased the ability to interface with donors, process them efficiently and ultimately increased donor self-referral at our center. © Copyright 2012 The American Society of Transplantation and the American Society of Transplant Surgeons.

  11. Designing Intelligent Secure Android Application for Effective Chemical Inventory

    Science.gov (United States)

    Shukran, Mohd Afizi Mohd; Naim Abdullah, Muhammad; Nazri Ismail, Mohd; Maskat, Kamaruzaman; Isa, Mohd Rizal Mohd; Shahfee Ishak, Muhammad; Adib Khairuddin, Muhamad

    2017-08-01

    Mobile services support various situations in everyday life and with the increasing sophistication of phone functions, the daily life is much more easier and better especially in term of managing tools and apparatus. Since chemical inventory management system has been experiencing a new revolution from antiquated to an automated inventory management system, some additional features should be added in current chemical inventory system. Parallel with the modern technologies, chemical inventory application using smart phone has been developed. Several studies about current related chemical inventory management using smart phone application has been done in this paper in order to obtain an overview on recent studies in smartphone application for chemical inventory system which are needed in schools, universities or other education institutions. This paper also discuss about designing the proposed secure mobile chemical inventory system. The study of this paper can provide forceful review analysis support for the chemical inventory management system related research.

  12. SBMLmod: a Python-based web application and web service for efficient data integration and model simulation.

    Science.gov (United States)

    Schäuble, Sascha; Stavrum, Anne-Kristin; Bockwoldt, Mathias; Puntervoll, Pål; Heiland, Ines

    2017-06-24

    Systems Biology Markup Language (SBML) is the standard model representation and description language in systems biology. Enriching and analysing systems biology models by integrating the multitude of available data, increases the predictive power of these models. This may be a daunting task, which commonly requires bioinformatic competence and scripting. We present SBMLmod, a Python-based web application and service, that automates integration of high throughput data into SBML models. Subsequent steady state analysis is readily accessible via the web service COPASIWS. We illustrate the utility of SBMLmod by integrating gene expression data from different healthy tissues as well as from a cancer dataset into a previously published model of mammalian tryptophan metabolism. SBMLmod is a user-friendly platform for model modification and simulation. The web application is available at http://sbmlmod.uit.no , whereas the WSDL definition file for the web service is accessible via http://sbmlmod.uit.no/SBMLmod.wsdl . Furthermore, the entire package can be downloaded from https://github.com/MolecularBioinformatics/sbml-mod-ws . We envision that SBMLmod will make automated model modification and simulation available to a broader research community.

  13. An Introduction to Testing Web Applications with twill and Selenium

    CERN Document Server

    Brown, Titus; Huggins, Jason

    2007-01-01

    This Short Cut is an introduction tobuilding automated web tests using twotools, twill and Selenium. twill is a simpleweb scripting language that can be usedto automate web tests, while Selenium isa web testing framework that runs in anybrowser and can be used to test complexweb sites that make extensive use ofJavaScript. The best way to use this Short Cut is torun through the examples. We expectthat within an hour you can start writingyour own functional tests in either twillor Selenium, and within a day you willunderstand most, if not all, of the possibilitiesand the limitations of these t

  14. Towards the multilingual semantic web principles, methods and applications

    CERN Document Server

    Buitelaar, Paul

    2014-01-01

    To date, the relation between multilingualism and the Semantic Web has not yet received enough attention in the research community. One major challenge for the Semantic Web community is to develop architectures, frameworks and systems that can help in overcoming national and language barriers, facilitating equal access to information produced in different cultures and languages. As such, this volume aims at documenting the state-of-the-art with regard to the vision of a Multilingual Semantic Web, in which semantic information will be accessible in and across multiple languages. The Multiling

  15. Search-based Tier Assignment for Optimising Offline Availability in Multi-tier Web Applications

    OpenAIRE

    Philips, Laure; De Koster, Joeri; De Meuter, Wolfgang; De Roover, Coen

    2017-01-01

    Web programmers are often faced with several challenges in the development process of modern, rich internet applications. Technologies for the different tiers of the application have to be selected: a server-side language, a combination of JavaScript, HTML and CSS for the client, and a database technology. Meeting the expectations of contemporary web applications requires even more effort from the developer: many state of the art libraries must be mastered and glued together. This leads to an...

  16. He-4 fast neutron detectors in nuclear security applications

    International Nuclear Information System (INIS)

    Murer, D. E.

    2014-01-01

    This work presents studies of "4He fast neutron detectors for nuclear security applications. Such devices are high pressure gas scintillation detectors, sensitive to neutrons in the energy range of fission sources. First, an introduction to the scope of the intended application is given. This is followed by a description of all components relevant to the operation of the detector. The next chapter presents studies of various characteristics of the neutron detector, among them properties of its scintillation response, differences between neutron and gamma interactions and effects of the light collection process. The results of the detector characterization are used to develop neutron gamma discrimination methods. These methods are put to the test using measurements with a high gamma flux, and the results are compared to performance requirements of Radiation Portal Monitors. Background neutron measurements are presented next. Measured neutron rates are compared to values published in scientific literature. The fluctuation of the background count rate was studied, and the contribution of muons evaluated. Two applications of the detectors in the field of nuclear security are discussed in the last two chapters. The first one is a novel method to measure the plutonium mass in a container filled with Mixed Oxide Fuel. The last chapter presents the development of a Radiation Portal Monitor which, in addition to neutron and gamma counting, exploits time correlation to detect threats such as plutonium and "6"0Co. (author)

  17. He-4 fast neutron detectors in nuclear security applications

    Energy Technology Data Exchange (ETDEWEB)

    Murer, D. E.

    2014-07-01

    This work presents studies of {sup 4}He fast neutron detectors for nuclear security applications. Such devices are high pressure gas scintillation detectors, sensitive to neutrons in the energy range of fission sources. First, an introduction to the scope of the intended application is given. This is followed by a description of all components relevant to the operation of the detector. The next chapter presents studies of various characteristics of the neutron detector, among them properties of its scintillation response, differences between neutron and gamma interactions and effects of the light collection process. The results of the detector characterization are used to develop neutron gamma discrimination methods. These methods are put to the test using measurements with a high gamma flux, and the results are compared to performance requirements of Radiation Portal Monitors. Background neutron measurements are presented next. Measured neutron rates are compared to values published in scientific literature. The fluctuation of the background count rate was studied, and the contribution of muons evaluated. Two applications of the detectors in the field of nuclear security are discussed in the last two chapters. The first one is a novel method to measure the plutonium mass in a container filled with Mixed Oxide Fuel. The last chapter presents the development of a Radiation Portal Monitor which, in addition to neutron and gamma counting, exploits time correlation to detect threats such as plutonium and {sup 60}Co. (author)

  18. A dialogue-based web application enhances personalized access to healthcare professionals – an intervention study

    Directory of Open Access Journals (Sweden)

    Bjoernes Charlotte D

    2012-09-01

    Full Text Available Abstract Background In today’s short stay hospital settings the contact time for patients is reduced. However, it seems to be more important for the patients that the healthcare professionals are easy to get in contact with during the whole course of treatment, and to have the opportunity to exchange information, as a basis for obtaining individualized information and support. Therefore, the aim was to explore the ability of a dialogue-based application to contribute to accessibility of the healthcare professionals and exchangeability of information. Method An application for online written and asynchronous contacts was developed, implemented in clinical practice, and evaluated. The qualitative effect of the online contact was explored using a Web-based survey comprised of open-ended questions. Results Patients valued the online contacts and experienced feelings of partnership in dialogue, in a flexible and calm environment, which supported their ability to be active partners and feelings of freedom and security. Conclusion The online asynchronous written environment can contribute to accessibility and exchangeability, and add new possibilities for dialogues from which the patients can benefit. The individualized information obtained via online contact empowers the patients. The Internet-based contacts are a way to differentiate and expand the possibilities for contacts outside the few scheduled face-to-face hospital contacts.

  19. Using Science Driven Technologies for the Defense and Security Applications

    Science.gov (United States)

    Habib, Shahid; Zukor, Dorthy; Ambrose, Stephen D.

    2004-01-01

    For the past three decades, Earth science remote sensing technologies have been providing enormous amounts of useful data and information in broadening our understanding of our home planet as a system. This research, as it has expanded our learning process, has also generated additional questions. This has further resulted in establishing new science requirements, which have culminated in defining and pushing the state-of-the-art technology needs. NASA s Earth science program has deployed 18 highly complex satellites, with a total of 80 sensors, so far and is in a process of defining and launching multiple observing systems in the next decade. Due to the heightened security alert of the nation, researchers and technologists are paying serious attention to the use of these science driven technologies for dual use. In other words, how such sophisticated observing and measuring systems can be used in detecting multiple types of security concerns with a substantial lead time so that the appropriate law enforcement agencies can take adequate steps to defuse any potential risky scenarios. This paper examines numerous NASA technologies such as laser/lidar systems, microwave and millimeter wave technologies, optical observing systems, high performance computational techniques for rapid analyses, and imaging products that can have a tremendous pay off for security applications.

  20. Using Genetic Algorithms in Secured Business Intelligence Mobile Applications

    Directory of Open Access Journals (Sweden)

    Silvia TRIF

    2011-01-01

    Full Text Available The paper aims to assess the use of genetic algorithms for training neural networks used in secured Business Intelligence Mobile Applications. A comparison is made between classic back-propagation method and a genetic algorithm based training. The design of these algorithms is presented. A comparative study is realized for determining the better way of training neural networks, from the point of view of time and memory usage. The results show that genetic algorithms based training offer better performance and memory usage than back-propagation and they are fit to be implemented on mobile devices.

  1. Using Semantic Web Services for Context-Aware Mobile Applications

    OpenAIRE

    Sheshagiri , Mithun; Sadeh , Norman; Gandon , Fabien

    2004-01-01

    International audience; One way of overcoming the challenges associated with mobile and pervasive computing environments involves providing users with higher levels of automation. This in turn requires capturing the context within which the user operates. In this paper, we describe ongoing research aimed leveraging Semantic Web Services in support of context awareness. This includes modeling sources of contextual information as web services that can be automatically discovered and accessed by...

  2. Gender Divide and Acceptance of Collaborative Web 2.0 Applications for Learning in Higher Education

    Science.gov (United States)

    Huang, Wen-Hao David; Hood, Denice Ward; Yoo, Sun Joo

    2013-01-01

    Situated in the gender digital divide framework, this survey study investigated the role of computer anxiety in influencing female college students' perceptions toward Web 2.0 applications for learning. Based on 432 college students' "Web 2.0 for learning" perception ratings collected by relevant categories of "Unified Theory of Acceptance and Use…

  3. An Offline-Online Android Application for Hazard Event Mapping Using WebGIS Open Source Technologies

    Science.gov (United States)

    Olyazadeh, Roya; Jaboyedoff, Michel; Sudmeier-Rieux, Karen; Derron, Marc-Henri; Devkota, Sanjaya

    2016-04-01

    Nowadays, Free and Open Source Software (FOSS) plays an important role in better understanding and managing disaster risk reduction around the world. National and local government, NGOs and other stakeholders are increasingly seeking and producing data on hazards. Most of the hazard event inventories and land use mapping are based on remote sensing data, with little ground truthing, creating difficulties depending on the terrain and accessibility. Open Source WebGIS tools offer an opportunity for quicker and easier ground truthing of critical areas in order to analyse hazard patterns and triggering factors. This study presents a secure mobile-map application for hazard event mapping using Open Source WebGIS technologies such as Postgres database, Postgis, Leaflet, Cordova and Phonegap. The objectives of this prototype are: 1. An Offline-Online android mobile application with advanced Geospatial visualisation; 2. Easy Collection and storage of events information applied services; 3. Centralized data storage with accessibility by all the service (smartphone, standard web browser); 4. Improving data management by using active participation in hazard event mapping and storage. This application has been implemented as a low-cost, rapid and participatory method for recording impacts from hazard events and includes geolocation (GPS data and Internet), visualizing maps with overlay of satellite images, viewing uploaded images and events as cluster points, drawing and adding event information. The data can be recorded in offline (Android device) or online version (all browsers) and consequently uploaded through the server whenever internet is available. All the events and records can be visualized by an administrator and made public after approval. Different user levels can be defined to access the data for communicating the information. This application was tested for landslides in post-earthquake Nepal but can be used for any other type of hazards such as flood, avalanche

  4. The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers

    Science.gov (United States)

    2014-07-07

    POST re- quest, LastPass will store h’ as authenticating Alice. Mallory can then use otp’ to log-in to LastPass us- ing otp’. Of course , decrypting the...everywhere. [36] M. Rochkind. Security, forms, and error handling. In Expert PHP and MySQL , pages 191–247. Springer, 2013. [37] D. Silver, S. Jana, E

  5. Securing the anonymity of content providers in the World Wide Web

    Science.gov (United States)

    Demuth, Thomas; Rieke, Andreas

    1999-04-01

    Nowadays the World Wide Web (WWW) is an established service used by people all over the world. Most of them do not recognize the fact that they reveal plenty of information about themselves or their affiliation and computer equipment to the providers of web pages they connect to. As a result, a lot of services offer users to access web pages unrecognized or without risk of being backtracked, respectively. This kind of anonymity is called user or client anonymity. But on the other hand, an equivalent protection for content providers does not exist, although this feature is desirable for many situations in which the identity of a publisher or content provider shall be hidden. We call this property server anonymity. We will introduce the first system with the primary target to offer anonymity for providers of information in the WWW. Beside this property, it provides also client anonymity. Based on David Chaum's idea of mixes and in relation to the context of the WWW, we explain the term 'server anonymity' motivating the system JANUS which offers both client and server anonymity.

  6. Displaying R spatial statistics on Google dynamic maps with web applications created by Rwui

    Science.gov (United States)

    2012-01-01

    Background The R project includes a large variety of packages designed for spatial statistics. Google dynamic maps provide web based access to global maps and satellite imagery. We describe a method for displaying directly the spatial output from an R script on to a Google dynamic map. Methods This is achieved by creating a Java based web application which runs the R script and then displays the results on the dynamic map. In order to make this method easy to implement by those unfamiliar with programming Java based web applications, we have added the method to the options available in the R Web User Interface (Rwui) application. Rwui is an established web application for creating web applications for running R scripts. A feature of Rwui is that all the code for the web application being created is generated automatically so that someone with no knowledge of web programming can make a fully functional web application for running an R script in a matter of minutes. Results Rwui can now be used to create web applications that will display the results from an R script on a Google dynamic map. Results may be displayed as discrete markers and/or as continuous overlays. In addition, users of the web application may select regions of interest on the dynamic map with mouse clicks and the coordinates of the region of interest will automatically be made available for use by the R script. Conclusions This method of displaying R output on dynamic maps is designed to be of use in a number of areas. Firstly it allows statisticians, working in R and developing methods in spatial statistics, to easily visualise the results of applying their methods to real world data. Secondly, it allows researchers who are using R to study health geographics data, to display their results directly onto dynamic maps. Thirdly, by creating a web application for running an R script, a statistician can enable users entirely unfamiliar with R to run R coded statistical analyses of health geographics

  7. Cloud Computing Application of Personal Information's Security in Network Sales-channels

    OpenAIRE

    Sun Qiong; Min Liu; Shiming Pang

    2013-01-01

    With the promotion of Internet sales, the security of personal information to network users have become increasingly demanding. The existing network of sales channels has personal information security risks, vulnerable to hacker attacking. Taking full advantage of cloud security management strategy, cloud computing security management model is introduced to the network sale of personal information security applications, which is to solve the problem of information leakage. Then we proposed me...

  8. Secure and Efficient Transmission of Hyperspectral Images for Geosciences Applications

    Science.gov (United States)

    Carpentieri, Bruno; Pizzolante, Raffaele

    2017-12-01

    Hyperspectral images are acquired through air-borne or space-borne special cameras (sensors) that collect information coming from the electromagnetic spectrum of the observed terrains. Hyperspectral remote sensing and hyperspectral images are used for a wide range of purposes: originally, they were developed for mining applications and for geology because of the capability of this kind of images to correctly identify various types of underground minerals by analysing the reflected spectrums, but their usage has spread in other application fields, such as ecology, military and surveillance, historical research and even archaeology. The large amount of data obtained by the hyperspectral sensors, the fact that these images are acquired at a high cost by air-borne sensors and that they are generally transmitted to a base, makes it necessary to provide an efficient and secure transmission protocol. In this paper, we propose a novel framework that allows secure and efficient transmission of hyperspectral images, by combining a reversible invisible watermarking scheme, used in conjunction with digital signature techniques, and a state-of-art predictive-based lossless compression algorithm.

  9. Nano/micromotors for security/defense applications. A review

    Science.gov (United States)

    Singh, Virendra V.; Wang, Joseph

    2015-11-01

    The new capabilities of man-made micro/nanomotors open up considerable opportunities for diverse security and defense applications. This review highlights new micromotor-based strategies for enhanced security monitoring and detoxification of chemical and biological warfare agents (CBWA). The movement of receptor-functionalized nanomotors offers great potential for sensing and isolating target bio-threats from complex samples. New mobile reactive materials based on zeolite or activated carbon offer considerable promise for the accelerated removal of chemical warfare agents. A wide range of proof-of-concept motor-based approaches, including the detection and destruction of anthrax spores, `on-off' nerve-agent detection or effective neutralization of chemical warfare agents have thus been demonstrated. The propulsion of micromotors and their corresponding bubble tails impart significant mixing that greatly accelerates such detoxification processes. These nanomotors will thus empower sensing and destruction where stirring large quantities of decontaminating reagents and controlled mechanical agitation are impossible or undesired. New technological breakthroughs and greater sophistication of micro/nanoscale machines will lead to rapid translation of the micromotor research activity into practical defense applications, addressing the escalating threat of CBWA.

  10. InkTag: Secure Applications on an Untrusted Operating System.

    Science.gov (United States)

    Hofmann, Owen S; Kim, Sangman; Dunn, Alan M; Lee, Michael Z; Witchel, Emmett

    2013-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

  11. Multimedia forensics and security foundations, innovations, and applications

    CERN Document Server

    Fouad, Mohamed; Manaf, Azizah; Zamani, Mazdak; Ahmad, Rabiah; Kacprzyk, Janusz

    2017-01-01

    This book presents recent applications and approaches as well as challenges in digital forensic science. One of the evolving challenges that is covered in the book is the cloud forensic analysis which applies the digital forensic science over the cloud computing paradigm for conducting either live or static investigations within the cloud environment. The book also covers the theme of multimedia forensics and watermarking in the area of information security. That includes highlights on intelligence techniques designed for detecting significant changes in image and video sequences. Moreover, the theme proposes recent robust and computationally efficient digital watermarking techniques. The last part of the book provides several digital forensics related applications, including areas such as evidence acquisition enhancement, evidence evaluation, cryptography, and finally, live investigation through the importance of reconstructing the botnet attack scenario to show the malicious activities and files as evidence...

  12. InkTag: Secure Applications on an Untrusted Operating System

    Science.gov (United States)

    Hofmann, Owen S.; Kim, Sangman; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett

    2014-01-01

    InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes. PMID:24429939

  13. Geospatial informatics applications for assessment of pipeline safety and security

    Energy Technology Data Exchange (ETDEWEB)

    Roper, W. [George Mason University, Fairfax, VA (United States). Dept. of Civil, Environmental and Infrastructure

    2005-07-01

    A variety of advanced technologies are available to enhance planning, designing, managing, operating and maintaining the components of the electric utility system. Aerial and satellite remote sensing represents one area of rapid development that can be leveraged to address some of these challenges. Airborne remote sensing can be an effective technology to assist pipeline risk management to assure safety in design, construction, operation, maintenance, and emergency response of pipeline facilities. Industrial and scientific advances in airborne and satellite remote sensing systems and data processing techniques are opening new technological opportunities for developing an increased capability of accomplishing the pipeline mapping and safety needs of the industry. These technologies have significant and unique potential for application to a number of cross cutting energy system security issues. This paper addresses some of the applications of these technologies to pipeline and power industry infrastructure, economics and relative effectiveness of these technologies and issues related to technology implementation and diffusion. (Author)

  14. Magnetic induction tomography of objects for security applications

    Science.gov (United States)

    Ward, Rob; Joseph, Max; Langley, Abbi; Taylor, Stuart; Watson, Joe C.

    2017-10-01

    A coil array imaging system has been further developed from previous investigations, focusing on designing its application for fast screening of small bags or parcels, with a view to the production of a compact instrument for security applications. In addition to reducing image acquisition times, work was directed toward exploring potential cost effective manufacturing routes. Based on magnetic induction tomography and eddy-current principles, the instrument captured images of conductive targets using a lock-in amplifier, individually multiplexing signals between a primary driver coil and a 20 by 21 imaging array of secondary passive coils constructed using a reproducible multiple tile design. The design was based on additive manufacturing techniques and provided 2 orthogonal imaging planes with an ability to reconstruct images in less than 10 seconds. An assessment of one of the imaging planes is presented. This technique potentially provides a cost effective threat evaluation technique that may compliment conventional radiographic approaches.

  15. Web portals to secure long-term customer loyalty; Webportale sollen die Kunden langfristig binden

    Energy Technology Data Exchange (ETDEWEB)

    Knechtel, Karsten [Process Management Consulting GmbH, Muenchen (Germany)

    2011-08-15

    The primary motivation in presenting service offerings on the Internet is to secure long-term customer loyalty. To date the large majority of suppliers in the gas and electricity industries already make a respectable appearance on the Internet. However, customer development campaigns still offer many an opportunity for distinguishing oneself more from one's competitors. In 2002 an independent survey was initiated which has served as an independent industry barometer in the ten years since. The idea is for users to investigate to what extent standard business processes have been implemented on the Internet in a promising manner, with due consideration to customer needs as well appropriate security measures to gain the customers' confidence.

  16. C#: Connecting a Mobile Application to Oracle Server via Web Services

    Directory of Open Access Journals (Sweden)

    Daniela Ilea

    2008-01-01

    Full Text Available This article is focused on mobile development using Visual Studio 2005, web services and their connection to Oracle Server, willing to help programmers to realize simple and useful mobile applications.

  17. Nuun: A System for Developing Platform and Browser Independent Arabic Web Applications

    National Research Council Canada - National Science Library

    Habash, Nizar Y

    2001-01-01

    .... Arabic web applications are far from this state of ubiquitous support. Full support is available only under Arabic Windows, while little support is provided under other versions of Windows, and no support at all under UNIX systems...

  18. Launch of Village Blue Web Application Shares Water Monitoring Data with Baltimore Community

    Science.gov (United States)

    EPA and the U.S. Geological Survey (USGS) have launched their mobile-friendly web application for Village Blue, a project that provides real-time water quality monitoring data to the Baltimore, Maryland community.

  19. Real-time web application development with Vert.x 2.0

    CERN Document Server

    Parviainen, Tero

    2013-01-01

    A quick, clear, and concise tutorial-guide-based approach that helps you to develop a web application based on Vert.x.Real-time Web Application Development with Vert.x is written for web developers who want to take the next step and dive into real-time web application development.This book uses JavaScript (and some Java) to introduce the Vert.x platform, so basic JavaScript knowledge is expected. If you're planning to write your applications using some of the other Vert.x languages, all the techniques and concepts will translate to them directly. All you need to do is refer to the Vert.x API r

  20. Comprehensive NASA Cis-Lunar Earth Moon Libration Orbit Reference and Web Application

    Data.gov (United States)

    National Aeronautics and Space Administration — This work will provide research and trajectory design analysis to develop a NASA Cis-Lunar / Earth-Moon Libration Orbit Reference and Web Application. A compendium...

  1. AMP: a science-driven web-based application for the TeraGrid

    Science.gov (United States)

    Woitaszek, M.; Metcalfe, T.; Shorrock, I.

    The Asteroseismic Modeling Portal (AMP) provides a web-based interface for astronomers to run and view simulations that derive the properties of Sun-like stars from observations of their pulsation frequencies. In this paper, we describe the architecture and implementation of AMP, highlighting the lightweight design principles and tools used to produce a functional fully-custom web-based science application in less than a year. Targeted as a TeraGrid science gateway, AMP's architecture and implementation are intended to simplify its orchestration of TeraGrid computational resources. AMP's web-based interface was developed as a traditional standalone database-backed web application using the Python-based Django web development framework, allowing us to leverage the Django framework's capabilities while cleanly separating the user interface development from the grid interface development. We have found this combination of tools flexible and effective for rapid gateway development and deployment.

  2. Computer-aided diagnosis workstation and teleradiology network system for chest diagnosis using the web medical image conference system with a new information security solution

    Science.gov (United States)

    Satoh, Hitoshi; Niki, Noboru; Eguchi, Kenji; Ohmatsu, Hironobu; Kaneko, Masahiro; Kakinuma, Ryutaro; Moriyama, Noriyuki

    2010-03-01

    Diagnostic MDCT imaging requires a considerable number of images to be read. Moreover, the doctor who diagnoses a medical image is insufficient in Japan. Because of such a background, we have provided diagnostic assistance methods to medical screening specialists by developing a lung cancer screening algorithm that automatically detects suspected lung cancers in helical CT images, a coronary artery calcification screening algorithm that automatically detects suspected coronary artery calcification and a vertebra body analysis algorithm for quantitative evaluation of osteoporosis. We also have developed the teleradiology network system by using web medical image conference system. In the teleradiology network system, the security of information network is very important subjects. Our teleradiology network system can perform Web medical image conference in the medical institutions of a remote place using the web medical image conference system. We completed the basic proof experiment of the web medical image conference system with information security solution. We can share the screen of web medical image conference system from two or more web conference terminals at the same time. An opinion can be exchanged mutually by using a camera and a microphone that are connected with the workstation that builds in some diagnostic assistance methods. Biometric face authentication used on site of teleradiology makes "Encryption of file" and "Success in login" effective. Our Privacy and information security technology of information security solution ensures compliance with Japanese regulations. As a result, patients' private information is protected. Based on these diagnostic assistance methods, we have developed a new computer-aided workstation and a new teleradiology network that can display suspected lesions three-dimensionally in a short time. The results of this study indicate that our radiological information system without film by using computer-aided diagnosis

  3. Use and utility of Web-based residency program information: a survey of residency applicants.

    Science.gov (United States)

    Embi, Peter J; Desai, Sima; Cooney, Thomas G

    2003-01-01

    The Internet has become essential to the residency application process. In recent years, applicants and residency programs have used the Internet-based tools of the National Residency Matching Program (NRMP, the Match) and the Electronic Residency Application Service (ERAS) to process and manage application and Match information. In addition, many residency programs have moved their recruitment information from printed brochures to Web sites. Despite this change, little is known about how applicants use residency program Web sites and what constitutes optimal residency Web site content, information that is critical to developing and maintaining such sites. To study the use and perceived utility of Web-based residency program information by surveying applicants to an internal medicine program. Our sample population was the applicants to the Oregon Health & Science University Internal Medicine Residency Program who were invited for an interview. We solicited participation using the group e-mail feature available through the Electronic Residency Application Service Post-Office application. To minimize the possibility for biased responses, the study was confined to the period between submission of National Residency Matching Program rank-order lists and release of Match results. Applicants could respond using an anonymous Web-based form or by reply to the e-mail solicitation. We tabulated responses, calculated percentages for each, and performed a qualitative analysis of comments. Of the 431 potential participants, 218 responded (51%) during the study period. Ninety-nine percent reported comfort browsing the Web; 52% accessed the Web primarily from home. Sixty-nine percent learned about residency Web sites primarily from residency-specific directories while 19% relied on general directories. Eighty percent found these sites helpful when deciding where to apply, 69% when deciding where to interview, and 36% when deciding how to rank order programs for the Match. Forty

  4. Computer-Mediated Security Threats into the Web 2.0 Society

    Directory of Open Access Journals (Sweden)

    Bogdan Nadolu

    2016-03-01

    Full Text Available This paper is focused on a contemporary very complex and controversial issue related to the ICT using: should the Internet be censured, or not? The promise of the 4 of A – Anyone to be able to send Anything, Anywhere, Anytime is almost achieved. Into the digital universe we can find plenty of useful information for positive or negative actions. The global info-sphere has developed a distinct chapter of dark and deep web, where the tracking of information and users is blocked, and thus contents over the laws limits can be easily accessed. 

  5. Optimizing Anti-Phishing Solutions Based on User Awareness, Education and the Use of the Latest Web Security Solutions

    Directory of Open Access Journals (Sweden)

    Ion LUNGU

    2010-01-01

    Full Text Available Phishing has grown significantly in volume over the time, becoming the most usual web threat today. The present economic crisis is an added argument for the great increase in number of attempts to cheat internet users, both businesses and private ones. The present research is aimed at helping the IT environment get a more precise view over the phishing attacks in Romania; in order to achieve this goal we have designed an application able to retrieve and interpret phishing related data from five other trusted web sources and compile them into a meaningful and more targeted report. As a conclusion, besides making available regular reports, we underline the need for a higher degree of awareness related to this issue.

  6. A NEW APPROACH FOR IMPROVING QUALITY OF WEB APPLICATIONS USING DESIGN PATTERNS

    OpenAIRE

    J. Srikanth R. Savithri

    2012-01-01

    Design patterns are descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context, they describes the problem and its corresponding solution. Professional software engineers always use Design patterns for introducing abstractions in software and by the way they can build complex web applications. The right adoption of Design Patterns while designing web applications can promote the factors like reusability and consistency of th...

  7. Analysis and Design of Web-Based Database Application for Culinary Community

    OpenAIRE

    Huda, Choirul; Awang, Osel Dharmawan; Raymond, Raymond; Raynaldi, Raynaldi

    2017-01-01

    This research is based on the rapid development of the culinary and information technology. The difficulties in communicating with the culinary expert and on recipe documentation make a proper support for media very important. Therefore, a web-based database application for the public is important to help the culinary community in communication, searching and recipe management. The aim of the research was to design a web-based database application that could be used as social media for the cu...

  8. Soil food web structure after wood ash application

    DEFF Research Database (Denmark)

    Mortensen, L. H.; Qin, J.; Krogh, Paul Henning

    with varying intervals and subsequently analyzed. The food web analysis includes several trophic levels; bacteria/fungi, protozoa, nematodes, enchytraeids, microarthropods and arthropods. The initial results indicate that bacteria and protozoa are stimulated in the uppermost soil layer (0-3 cm) two months...... can facilitate an increase in the bacteria to fungi ratio with possible cascading effects for the soil food web structure. This is tested by applying ash of different concentrations to experimental plots in a coniferous forest. During the course of the project soil samples will be collected...

  9. Developing web map application based on user centered design

    Directory of Open Access Journals (Sweden)

    Petr Voldan

    2012-03-01

    Full Text Available User centred design is an approach in process of development any kind of human product where the main idea is to create a product for the end user. This article presents User centred design method in developing web mapping services. This method can be split into four main phases – user research, creation of concepts, developing with usability research and lunch of product. The article describes each part of this phase with an aim to provide guidelines for developers and primarily with an aim to improve the usability of web mapping services.

  10. Applications of nuclear safety probabilistic risk assessment to nuclear security for optimized risk mitigation

    Energy Technology Data Exchange (ETDEWEB)

    Donnelly, S.K.; Harvey, S.B. [Amec Foster Wheeler, Toronto, Ontario (Canada)

    2016-06-15

    Critical infrastructure assets such as nuclear power generating stations are potential targets for malevolent acts. Probabilistic methodologies can be applied to evaluate the real-time security risk based upon intelligence and threat levels. By employing this approach, the application of security forces and other protective measures can be optimized. Existing probabilistic safety analysis (PSA) methodologies and tools employed. in the nuclear industry can be adapted to security applications for this purpose. Existing PSA models can also be adapted and enhanced to consider total plant risk, due to nuclear safety risks as well as security risks. By creating a Probabilistic Security Model (PSM), safety and security practitioners can maximize the safety and security of the plant while minimizing the significant costs associated with security upgrades and security forces. (author)

  11. ROPUESTA DE MODELO EN CINCO CAPAS PARA APLICACIONES WEB I PROPOSAL OF A FIVE LAYERS MODEL FOR WEB APPLICATIONS

    Directory of Open Access Journals (Sweden)

    Loly Valentina Gómez Fermín

    2018-04-01

    Full Text Available The ability to create cross-platform programs is a goal for many software developers; however, it is complex to achieve. At present, web applications have been introduced as the chosen way to achieve this desired goal, but being the project tied to a software or hardware platform it is, inevitably, subject to obsolescence. This is not unique to the client application, but also applies to the server side, so that when developing software, even unwillingly, there are strings attached to a database and other applications. Because of this, to develop systems capable of operating with multiple databases and not dependent on a specific platform becomes a Herculean task for a development team. Therefore, this research proposes a working model which enables web applications capable of operating in a layered structure, where each defined layer can be replaced without the need to rewrite the other, and allowing real abstraction for application on any platform software or hardware, both on the client and server sides. For this purpose, the research is supported by Sommerville (2005, who presents a detailed classification of models of software development, according to its organization and modular decomposition, which layed the basis for the development of this proposal. This research is documentary in nature, since it is based on the collection of bibliographic material relating to existing software architectures.

  12. Application Security for the Android Platform Processes, Permissions, and Other Safeguards

    CERN Document Server

    Six, Jeff

    2011-01-01

    This book will educate readers on the need for application security and secure coding practices when designing any app. No prior knowledge of security or secure programming techniques is assumed. The book will discuss the need for such practices, how the Android environment is structured with respect to security considerations, what services and techniques are available on the platform to protect data, and how developers can build and code applications that address the risk to their applications and the data processed by them. This text is especially important now, as Android is fast becoming

  13. Web-based recruitment: effects of information, organizational brand, and attitudes toward a Web site on applicant attraction.

    Science.gov (United States)

    Allen, David G; Mahto, Raj V; Otondo, Robert F

    2007-11-01

    Recruitment theory and research show that objective characteristics, subjective considerations, and critical contact send signals to prospective applicants about the organization and available opportunities. In the generating applicants phase of recruitment, critical contact may consist largely of interactions with recruitment sources (e.g., newspaper ads, job fairs, organization Web sites); however, research has yet to fully address how all 3 types of signaling mechanisms influence early job pursuit decisions in the context of organizational recruitment Web sites. Results based on data from 814 student participants searching actual organization Web sites support and extend signaling and brand equity theories by showing that job information (directly) and organization information (indirectly) are related to intentions to pursue employment when a priori perceptions of image are controlled. A priori organization image is related to pursuit intentions when subsequent information search is controlled, but organization familiarity is not, and attitudes about a recruitment source also influence attraction and partially mediate the effects of organization information. Theoretical and practical implications for recruitment are discussed. (c) 2007 APA

  14. Using Web Speech Technology with Language Learning Applications

    Science.gov (United States)

    Daniels, Paul

    2015-01-01

    In this article, the author presents the history of human-to-computer interaction based upon the design of sophisticated computerized speech recognition algorithms. Advancements such as the arrival of cloud-based computing and software like Google's Web Speech API allows anyone with an Internet connection and Chrome browser to take advantage of…

  15. InCHlib - interactive cluster heatmap for web applications

    Czech Academy of Sciences Publication Activity Database

    Škuta, Ctibor; Bartůněk, Petr; Svozil, Daniel

    2014-01-01

    Roč. 6, č. 44 (2014) ISSN 1758-2946 R&D Projects: GA MŠk LO1220 Institutional support: RVO:68378050 Keywords : Data clustering * Cluster heatmap * Scientific visualization * Web integration * Client-side scripting * JavaScript library * Big data * Exploration Subject RIV: EB - Genetics ; Molecular Biology Impact factor: 4.547, year: 2014

  16. Web 2.0 Technologies: Applications for Community Colleges

    Science.gov (United States)

    Bajt, Susanne K.

    2011-01-01

    The current generation of new students, referred to as the Millennial Generation, brings a new set of challenges to the community college. The influx of these technologically sophisticated students, who interact through the social phenomenon of Web 2.0 technology, bring expectations that may reshape institutions of higher learning. This chapter…

  17. Evolution of Web Applications with Aspect-Oriented Design Patterns

    DEFF Research Database (Denmark)

    Bebjak, Michal; Vranic, Valentino; Dolog, Peter

    2007-01-01

    It is more convenient to talk about changes in a domainspecific way than to formulate them at the programming construct level or-even worse-purely lexical level. Using aspect-oriented programming, changes can be modularized and made reapplicable. In this paper, selected change types in web...

  18. Establishing and Applying Criteria for Evaluating the Ease of Use of Dynamic Platforms for Teaching Web Application Development

    Science.gov (United States)

    Dehinbo, Johnson

    2011-01-01

    The widespread use of the Internet and the World Wide Web led to the availability of many platforms for developing dynamic Web application and the problem of choosing the most appropriate platform that will be easy to use for undergraduate students of web applications development in tertiary institutions. Students beginning to learn web…

  19. Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications

    DEFF Research Database (Denmark)

    Jensen, Simon Holm; Madsen, Magnus; Møller, Anders

    2011-01-01

    of reasoning about the flow of control and data in modern JavaScript applications that interact with the HTML DOM and browser API. One application of such a static analysis is to detect type-related and dataflow-related programming errors. We report on experiments with a range of modern web applications...

  20. Computer Security: How to succeed in software deployment

    CERN Multimedia

    Computer Security Team

    2014-01-01

    The summer student period has ended and we would like to congratulate all those who successfully accomplished their project! In particular, well done to those who managed to develop and deploy sophisticated web applications in the short summer season. Unfortunately, not all web applications made the final cut, moved into production and became visible on the Internet. We had to reject some... let me explain why.   Making a web application visible on the Internet requires an opening in the CERN outer perimeter firewall. Such a request is usually made through the CERN WebReq web interface. As standard procedure, the CERN Computer Security team reviews every request and performs a security assessment. This is where you, your supervisee and the Computer Security team all start to get frustrated. Many summer students delivered awesome web applications with great new functions and a good “look and feel” following precise use cases, using modern web technologies, dashboards, integr...

  1. Wireless sensors and sensor networks for homeland security applications.

    Science.gov (United States)

    Potyrailo, Radislav A; Nagraj, Nandini; Surman, Cheryl; Boudries, Hacene; Lai, Hanh; Slocik, Joseph M; Kelley-Loughnane, Nancy; Naik, Rajesh R

    2012-11-01

    New sensor technologies for homeland security applications must meet the key requirements of sensitivity to detect agents below risk levels, selectivity to provide minimal false-alarm rates, and response speed to operate in high throughput environments, such as airports, sea ports, and other public places. Chemical detection using existing sensor systems is facing a major challenge of selectivity. In this review, we provide a brief summary of chemical threats of homeland security importance; focus in detail on modern concepts in chemical sensing; examine the origins of the most significant unmet needs in existing chemical sensors; and, analyze opportunities, specific requirements, and challenges for wireless chemical sensors and wireless sensor networks (WSNs). We further review a new approach for selective chemical sensing that involves the combination of a sensing material that has different response mechanisms to different species of interest, with a transducer that has a multi-variable signal-transduction ability. This new selective chemical-sensing approach was realized using an attractive ubiquitous platform of battery-free passive radio-frequency identification (RFID) tags adapted for chemical sensing. We illustrate the performance of RFID sensors developed in measurements of toxic industrial materials, humidity-independent detection of toxic vapors, and detection of chemical-agent simulants, explosives, and strong oxidizers.

  2. Integration of Web Technologies in Software Applications. Is Web 2.0 a Solution?

    Directory of Open Access Journals (Sweden)

    Cezar Liviu CERVINSCHI

    2010-12-01

    Full Text Available Starting from the idea that Web 2.0 represents “the era of dynamic web”, the paper proposes to provide arguments (demonstrated by physical results regarding the question that is at the foundation if this article. Due to the findings we can definitely affirm that Web 2.0 is a solution to building powerful and robust software, since the Internet has become more than just a simple presence on the users’ desktop that develops easy access to information, services, entertainment, online transactions, e-commerce, e-learning and so on, but basically every kind of human or institutional interaction can happen online. This paper seeks to study the impact of two of these braches upon the user – e-commerce and e-testing. The statistic reports will be made on different sets of people, while the conclusions are the results of a detailed research and study of the applications’ behaviour in the actual operating environment.

  3. Development of a web application for water resources based on open source software

    Science.gov (United States)

    Delipetrev, Blagoj; Jonoski, Andreja; Solomatine, Dimitri P.

    2014-01-01

    This article presents research and development of a prototype web application for water resources using latest advancements in Information and Communication Technologies (ICT), open source software and web GIS. The web application has three web services for: (1) managing, presenting and storing of geospatial data, (2) support of water resources modeling and (3) water resources optimization. The web application is developed using several programming languages (PhP, Ajax, JavaScript, Java), libraries (OpenLayers, JQuery) and open source software components (GeoServer, PostgreSQL, PostGIS). The presented web application has several main advantages: it is available all the time, it is accessible from everywhere, it creates a real time multi-user collaboration platform, the programing languages code and components are interoperable and designed to work in a distributed computer environment, it is flexible for adding additional components and services and, it is scalable depending on the workload. The application was successfully tested on a case study with concurrent multi-users access.

  4. Grid-optimized Web 3D applications on wide area network

    Science.gov (United States)

    Wang, Frank; Helian, Na; Meng, Lingkui; Wu, Sining; Zhang, Wen; Guo, Yike; Parker, Michael Andrew

    2008-08-01

    Geographical information system has come into the Web Service times now. In this paper, Web3D applications have been developed based on our developed Gridjet platform, which provides a more effective solution for massive 3D geo-dataset sharing in distributed environments. Web3D services enabling web users could access the services as 3D scenes, virtual geographical environment and so on. However, Web3D services should be shared by thousands of essential users that inherently distributed on different geography locations. Large 3D geo-datasets need to be transferred to distributed clients via conventional HTTP, NFS and FTP protocols, which often encounters long waits and frustration in distributed wide area network environments. GridJet was used as the underlying engine between the Web 3D application node and geo-data server that utilizes a wide range of technologies including the one of paralleling the remote file access, which is a WAN/Grid-optimized protocol and provides "local-like" accesses to remote 3D geo-datasets. No change in the way of using software is required since the multi-streamed GridJet protocol remains fully compatible with existing IP infrastructures. Our recent progress includes a real-world test that Web3D applications as Google Earth over the GridJet protocol beats those over the classic ones by a factor of 2-7 where the transfer distance is over 10,000 km.

  5. Neutron resonance analysis for nuclear safeguards and security applications

    Science.gov (United States)

    Paradela, Carlos; Heyse, Jan; Kopecky, Stefan; Schillebeeckx, Peter; Harada, Hideo; Kitatani, Fumito; Koizumi, Mitsuo; Tsuchiya, Harufumi

    2017-09-01

    Neutron-induced reactions can be used to study the properties of nuclear materials of interest in the fields of nuclear safeguards and security. The elemental and isotopic composition of these materials can be determined by using the presence of resonance structures. This idea is the basis of two non-destructive analysis techniques which have been developed at the GELINA neutron time-of-flight facility at JRC-Geel: Neutron Resonance Capture Analysis (NRCA) and Neutron Resonance Transmission Analysis (NRTA). A combination of NRTA and NRCA has been proposed for the characterisation of particle-like debris of melted fuel formed in severe nuclear accidents. In this work, we present a quantitative validation of the NRTA technique which was used to determine the areal densities of Pu enriched reference samples used for safeguards applications. Less than 2% bias has been obtained for the fissile isotopes, with well-known total cross sections.

  6. Web-based GIS for spatial pattern detection: application to malaria incidence in Vietnam.

    Science.gov (United States)

    Bui, Thanh Quang; Pham, Hai Minh

    2016-01-01

    There is a great concern on how to build up an interoperable health information system of public health and health information technology within the development of public information and health surveillance programme. Technically, some major issues remain regarding to health data visualization, spatial processing of health data, health information dissemination, data sharing and the access of local communities to health information. In combination with GIS, we propose a technical framework for web-based health data visualization and spatial analysis. Data was collected from open map-servers and geocoded by open data kit package and data geocoding tools. The Web-based system is designed based on Open-source frameworks and libraries. The system provides Web-based analyst tool for pattern detection through three spatial tests: Nearest neighbour, K function, and Spatial Autocorrelation. The result is a web-based GIS, through which end users can detect disease patterns via selecting area, spatial test parameters and contribute to managers and decision makers. The end users can be health practitioners, educators, local communities, health sector authorities and decision makers. This web-based system allows for the improvement of health related services to public sector users as well as citizens in a secure manner. The combination of spatial statistics and web-based GIS can be a solution that helps empower health practitioners in direct and specific intersectional actions, thus provide for better analysis, control and decision-making.

  7. A Method to Ease the Deployment of Web Applications that Involve Database Systems A Method to Ease the Deployment of Web Applications that Involve Database Systems

    Directory of Open Access Journals (Sweden)

    Antonio Vega Corona

    2012-02-01

    Full Text Available El crecimiento continuo de la Internet ha permitido a las personas, alrededor de todo mundo, realizar transacciones en línea, buscar información o navegar usando el explorador de la Web. A medida que más gente se siente cómoda usando los exploradores de Web, más empresas productoras de software tratan de ofrecer interfaces Web como una forma alternativa para proporcionar acceso a sus aplicaciones. La naturaleza de la conexión Web y las restricciones impuestas por el ancho de banda disponible, hacen la integración de aplicaciones Web y los sistemas de bases de datos críticas. Debido a que las aplicaciones que usan bases de datos proporcionan una interfase gráfica para editar la información en la base de datos y debido a que cada columna en una tabla de una base de datos corresponde a un control en una interfase gráfica, el desarrollo de estas aplicaciones puede consumirun tiempo considerable, ya que la validación de campos y reglas de integridad referencial deben ser respetadas. Se propone un diseño orientado a objetos para así facilitar el desarrollo de aplicaciones que usan sistemas de bases de datos.The continuous growth of the Internet has driven people, all around the globe, to performtransactions on-line, search information or navigate using a browser. As more people feelcomfortable using a Web browser, more software companies are trying to alternatively offerWeb interfaces to provide access to their applications. The consequent nature of the Webconnection and the restrictions imposed by the available bandwidth make the successfulintegration of Web applications and database systems critical. Because popular databaseapplications provide a user interface to edit and maintain the information in the databaseand because each column in the database table maps to a graphic user interface control,the deployment of these applications can be time consuming; appropriate fi eld validationand referential integrity rules must be observed

  8. Great Basin land managers provide detailed feedback about usefulness of two climate information web applications

    Directory of Open Access Journals (Sweden)

    Chad Zanocco

    Full Text Available Land managers in the Great Basin are working to maintain or restore sagebrush ecosystems as climate change exacerbates existing threats. Web applications delivering climate change and climate impacts information have the potential to assist their efforts. Although many web applications containing climate information currently exist, few have been co-produced with land managers or have incorporated information specifically focused on land managers’ needs. Through surveys and interviews, we gathered detailed feedback from federal, state, and tribal sagebrush land managers in the Great Basin on climate information web applications targeting land management. We found that a managers are searching for weather and climate information they can incorporate into their current management strategies and plans; b they are willing to be educated on how to find and understand climate related web applications; c both field and administrative-type managers want data for timescales ranging from seasonal to decadal; d managers want multiple levels of climate information, from simple summaries, to detailed descriptions accessible through the application; and e managers are interested in applications that evaluate uncertainty and provide projected climate impacts. Keywords: Great Basin, Sagebrush, Land management, Climate change, Web application, Co-production

  9. MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

    OpenAIRE

    Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

    2011-01-01

    Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

  10. Development and applications of diffractive optical security devices for banknotes and high value documents

    Science.gov (United States)

    Drinkwater, John K.; Holmes, Brian W.; Jones, Keith A.

    2000-04-01

    Embossed holograms and othe rdiffractive optically variable devices are increasingly familiar security items on plastic cards, banknotes, securyt documetns and on branded gods and media to protect against counterfeit, protect copyright and to evidence tamper. This paper outlines some of the diffractive optical seuryt and printed security develoepd for this rapidly growing field and provides examles of some current security applications.

  11. Evaluation of a Web-based Online Grant Application Review Solution

    Directory of Open Access Journals (Sweden)

    Marius Daniel PETRISOR

    2013-12-01

    Full Text Available This paper focuses on the evaluation of a web-based application used in grant application evaluations, software developed in our university, and underlines the need for simple solutions, based on recent technology, specifically tailored to one’s needs. We asked the reviewers to answer a short questionnaire, in order to assess their satisfaction with such a web-based grant application evaluation solution. All 20 reviewers accepted to answer the questionnaire, which contained 8 closed items (YES/NO answers related to reviewer’s previous experience in evaluating grant applications, previous use of such software solutions and his familiarity in using computer systems. The presented web-based application, evaluated by the users, shown a high level of acceptance and those respondents stated that they are willing to use such a solution in the future.

  12. SecureCore Software Architecture: Trusted Path Application (TPA) Requirements

    National Research Council Canada - National Science Library

    Clark, Paul C; Irvine, Cynthia E; Levin, Timothy E; Nguyen, Thuy D; Vidas, Timothy M

    2007-01-01

    .... The purpose of the SecureCore research project is to investigate fundamental architectural features required for the trusted operation of mobile computing devices so the security is built-in, transparent and flexible...

  13. Social Security Number Replacement Card Applications filed via the Internet

    Data.gov (United States)

    Social Security Administration — The Social Security Administration (SSA) provides a variety of ways to conduct business with the agency. SSA offers members of the public the opportunity to request...

  14. The AppComposer Web application for school teachers: A platform for translating and adapting educational web applications

    NARCIS (Netherlands)

    Rodriguez-Gil, Luis; Orduna, Pablo; Bollen, Lars; Govaerts, Sten; Holzer, Adrian; Gillet, Dennis; Lopez-de-Ipina, Diego; Garcia-Zubia, Javier

    2015-01-01

    Developing educational apps that cover a wide range of learning contexts and languages is a challenging task. In this paper, we introduce the AppComposer Web app to address this issue. The AppComposer aims at empowering teachers to easily translate and adapt existing apps that fit their educational

  15. Online Shopping With Spoofing Detection Using Web and Mobile Application

    OpenAIRE

    M.Poovizhi; K.Karthika; S.Nandhini; Dr.P.Gomathi

    2018-01-01

    Abstract— E-commerce is that the shopping for marketing of products and services, or the sending of funds or knowledge, over a web and straightforward access to immense stores of reference material, email, and new avenues for advertising and data distribution, to call some. Like most technological advances, there conjointly another side: criminal hackers. Governments, companies, and personal voters round the world area unit anxious to be an area of this revolution, however, they are afraid th...

  16. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-01-01

    Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

  17. Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

    Science.gov (United States)

    Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

    2014-02-01

    Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

  18. Designing iCanFit: A Mobile-Enabled Web Application to Promote Physical Activity for Older Cancer Survivors.

    Science.gov (United States)

    Hong, Yan; Dahlke, Deborah Vollmer; Ory, Marcia; Hochhalter, Angela; Reynolds, Jana; Purcell, Ninfa Pena; Talwar, Divya; Eugene, Nola

    2013-02-14

    Most older cancer survivors (OCS) do not engage in regular physical activity (PA) despite well-known health benefits. With the increased use of mobile technologies among older adults, mobile tools may be an effective method to deliver PA promotion programs for OCS. To document the process of designing an OCS-friendly mobile-enabled Web application of PA promotion program. Mixed methods encompassing group discussions, individual interviews, and brief surveys with community leaders, OCS, cancer care providers, and software professionals were used in this formative research. The varied stakeholders welcomed the idea of developing an online tool to promote PA in OCS. Our formative research revealed several major barriers to regular PA including limited access to senior-friendly PA resources, lack of motivation and social support, and insufficient knowledge and skills on building safe and appropriate workout plans. This feedback was incorporated into the development of iCanFit, a mobile-enabled Web application, designed specifically for OCS. The iCanFit online tools allow users to locate PA resources, set and track goals for PA, network with peer OCS in a secure online space, and receive practical and evidence-informed healthy tips. Our mixed-method formative research led to the design of iCanFit protocol to promote PA and well-being of OCS. The involvement of stakeholders is critical in the planning and design of the mobile application in order to enhance program relevance, appeal, and match with the needs of target users.

  19. Security engineering: systems engineering of security through the adaptation and application of risk management

    Science.gov (United States)

    Gilliam, David P.; Feather, Martin S.

    2004-01-01

    Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

  20. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Science.gov (United States)

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

  1. Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

    Directory of Open Access Journals (Sweden)

    Chang-Seop Park

    2014-01-01

    Full Text Available After two recent security attacks against implantable medical devices (IMDs have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient’s life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician’s treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  2. Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

    Science.gov (United States)

    Park, Chang-Seop

    2014-01-01

    After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

  3. The semantic web : research and applications : 7th extended semantic web conference, ESWC 2010, Heraklion, Crete, Greece, May 30 - June 3, 2010 : proceedings

    NARCIS (Netherlands)

    Aroyo, L.M.; Antoniou, G.; Hyvönen, E.; Teije, ten A.; Stuckenschmidt, H.; Cabral, L.; Tudorache, T.

    2010-01-01

    Preface. This volume contains papers from the technical program of the 7th Extended Semantic Web Conference (ESWC 2010), held from May 30 to June 3, 2010, in Heraklion, Greece. ESWC 2010 presented the latest results in research and applications of Semantic Web technologies. ESWC 2010 built on the

  4. Web services as applications' integration tool: QikProp case study.

    Science.gov (United States)

    Laoui, Abdel; Polyakov, Valery R

    2011-07-15

    Web services are a new technology that enables to integrate applications running on different platforms by using primarily XML to enable communication among different computers over the Internet. Large number of applications was designed as stand alone systems before the concept of Web services was introduced and it is a challenge to integrate them into larger computational networks. A generally applicable method of wrapping stand alone applications into Web services was developed and is described. To test the technology, it was applied to the QikProp for DOS (Windows). Although performance of the application did not change when it was delivered as a Web service, this form of deployment had offered several advantages like simplified and centralized maintenance, smaller number of licenses, and practically no training for the end user. Because by using the described approach almost any legacy application can be wrapped as a Web service, this form of delivery may be recommended as a global alternative to traditional deployment solutions. Copyright © 2011 Wiley Periodicals, Inc.

  5. PLANNING APPLICATION OF WEB 2.0 FOR ORGANIZATIONAL LEARNING IN UNIVERSITAS PENDIDIKAN INDONESIA LIBRARY

    Directory of Open Access Journals (Sweden)

    Santi Santika

    2017-07-01

    Full Text Available Library of Universitas Pendidikan Indonesia (UPI has a quality policy commitment to continuous improvement in every area and process. It can be achieved by continuously optimizing organizational learning. Web 2.0 is a media application that can help the organizational learning process because it has the characteristics of read and write, as well as having the flexibility of time use, but the application must be in accordance with the culture and character of the organization. Therefore, this study aimed to find out the Web 2.0 application that can be applied to the organizational learning in the Library of UPI. The method used is a mixed method qualitative and quantitative approach. Research stage refers to the stage of planning and support phases of Web 2.0 Tools Implementation Model. The results showed that the application of Web 2.0 can be applied to the organizational learning in the Library UPI. It refers to the tendency of organizational culture Library of UPI that is good and tendency of HR Library UPI attitude against the use of the Internet and computers are very good. Web 2.0 applications that can be used by UPI library are blogs, online forums, and wiki as a primary tools. Facebook, Youtube, chat application, twitter and Instagram as a supporting tools.

  6. XML representation and management of temporal information for web-based cultural heritage applications

    Directory of Open Access Journals (Sweden)

    Fabio Grandi

    2006-01-01

    Full Text Available In this paper we survey the recent activities and achievements of our research group in the deployment of XMLrelated technologies in Cultural Heritage applications concerning the encoding of temporal semantics in Web documents. In particular we will review "The Valid Web", which is an XML/XSL infrastructure we defined and implemented for the definition and management of historical information within multimedia documents available on the Web, and its further extension to the effective encoding of advanced temporal features like indeterminacy, multiple granularities and calendars, enabling an efficient processing in a user-friendly Web-based environment. Potential uses of the developed infrastructures include a broad range of applications in the cultural heritage domain, where the historical perspective is relevant, with potentially positive impacts on E-Education and E-Science.

  7. Bacteriorhodopsin-based photochromic pigments for optical security applications

    Science.gov (United States)

    Hampp, Norbert A.; Fischer, Thorsten; Neebe, Martin

    2002-04-01

    Bacteriorhodopsin is a two-dimensional crystalline photochromic protein which is astonishingly stable towards chemical and thermal degradation. This is one of the reasons why this is one of the very few proteins which may be used as a biological pigment in printing inks. Variants of the naturally occurring bacteriorhodopsin have been developed which show a distinguished color change even with low light intensities and without the requirement of UV-light. Several pigments with different color changes are available right now. In addition to this visual detectable feature, the photochromism, the proteins amino acid sequence can be genetically altered in order to code and identify specific production lots. For advanced applications the data storage capability of bacteriorhodopsin will be useful. Write-once-read-many (WORM) recording of digital data is accomplished by laser excitation of printed bacteriorhodopsin inks. A density of 1 MBit per square inch is currently achieved. Several application examples for this biological molecule are described where low and high level features are used in combination. Bacteriorhodopsin-based inks are a new class of optical security pigments.

  8. A Novel Method for Live Debugging of Production Web Applications by Dynamic Resource Replacement

    OpenAIRE

    Khalid Al-Tahat; Khaled Zuhair Mahmoud; Ahmad Al-Mughrabi

    2014-01-01

    This paper proposes a novel methodology for enabling debugging and tracing of production web applications without affecting its normal flow and functionality. This method of debugging enables developers and maintenance engineers to replace a set of existing resources such as images, server side scripts, cascading style sheets with another set of resources per web session. The new resources will only be active in the debug session and other sessions will not be affected. T...

  9. System and Method for Providing Web-Based Remote Application Service

    OpenAIRE

    Shuen-Tai Wang; Yu-Ching Lin; Hsi-Ya Chang

    2017-01-01

    With the development of virtualization technologies, a new type of service named cloud computing service is produced. Cloud users usually encounter the problem of how to use the virtualized platform easily over the web without requiring the plug-in or installation of special software. The object of this paper is to develop a system and a method enabling process interfacing within an automation scenario for accessing remote application by using the web browser. To meet this challenge, we have ...

  10. Applications of shape analysis to domestic and international security

    International Nuclear Information System (INIS)

    Prasad, Lakshman; Skourikhine, Alexei N.; Doak, Justin E.

    2002-01-01

    The rapidly growing area of cooperative international security calls for pervasive deployment of smart sensors that render valuable information and reduce operational costs and errors. Among the sensors used, vision sensors are by far the most versatile, tangible, and rich in the information they provide about their environment. On the flip side, they are also the most complex to analyze automatically for the extraction of high-level information. The ability to process imagery in a useful manner requires at least partial functional emulation of human capabilities of visual understanding. Of all visual cues available in image data, shape is perhaps the most important for understanding the content of an image. In this paper we present an overview of ongoing research at LANL on geometric shape analysis. The objective of our research is to develop a computational framework for multiscale characterization, analysis, and recognition of shapes. This framework will enable the development of a comprehensive and connected body of mathematical methods and algorithms, based on the topological, metrical, and morphological properties of shapes. We discuss its potential applications to automated surveillance, monitoring, container tracking and inspection, weapons dismantlement, and treaty verification. The framework will develop a geometric filtering scheme for extracting semantically salient shape features. This effort creates a paradigm for solving shape-related problems in Pattern Recognition, Computer Vision, and Image Understanding in a conceptually cohesive and algorithmically amenable manner. The research aims to develop an advanced image analysis capability at LANL for solving a wide range of problems in automated facility surveillance, nuclear materials monitoring, treaty verification, and container inspection and tracking. The research provides the scientific underpinnings that will enable us to build smart surveillance cameras, with a direct practical impact on LANL

  11. Web Page Recommendation Using Web Mining

    OpenAIRE

    Modraj Bhavsar; Mrs. P. M. Chavan

    2014-01-01

    On World Wide Web various kind of content are generated in huge amount, so to give relevant result to user web recommendation become important part of web application. On web different kind of web recommendation are made available to user every day that includes Image, Video, Audio, query suggestion and web page. In this paper we are aiming at providing framework for web page recommendation. 1) First we describe the basics of web mining, types of web mining. 2) Details of each...

  12. Server Interface Descriptions for Automated Testing of JavaScript Web Applications

    DEFF Research Database (Denmark)

    Jensen, Casper Svenning; Møller, Anders; Su, Zhendong

    2013-01-01

    Automated testing of JavaScript web applications is complicated by the communication with servers. Specifically, it is difficult to test the JavaScript code in isolation from the server code and database contents. We present a practical solution to this problem. First, we demonstrate that formal...... server interface descriptions are useful in automated testing of JavaScript web applications for separating the concerns of the client and the server. Second, to support the construction of server interface descriptions for existing applications, we introduce an effective inference technique that learns...... communication patterns from sample data. By incorporating interface descriptions into the testing tool Artemis, our experimental results show that we increase the level of automation for high-coverage testing on a collection of JavaScript web applications that exchange JSON data between the clients and servers...

  13. Regional Geology Web Map Application Development: Javascript v2.0

    International Nuclear Information System (INIS)

    Russell, Glenn

    2017-01-01

    This is a milestone report for the FY2017 continuation of the Spent Fuel, Storage, and Waste, Technology (SFSWT) program (formerly Used Fuel Disposal (UFD) program) development of the Regional Geology Web Mapping Application by the Idaho National Laboratory Geospatial Science and Engineering group. This application was developed for general public use and is an interactive web-based application built in Javascript to visualize, reference, and analyze US pertinent geological features of the SFSWT program. This tool is a version upgrade from Adobe FLEX technology. It is designed to facilitate informed decision making of the geology of continental US relevant to the SFSWT program.

  14. Regional Geology Web Map Application Development: Javascript v2.0

    Energy Technology Data Exchange (ETDEWEB)

    Russell, Glenn [Idaho National Lab. (INL), Idaho Falls, ID (United States)

    2017-06-19

    This is a milestone report for the FY2017 continuation of the Spent Fuel, Storage, and Waste, Technology (SFSWT) program (formerly Used Fuel Disposal (UFD) program) development of the Regional Geology Web Mapping Application by the Idaho National Laboratory Geospatial Science and Engineering group. This application was developed for general public use and is an interactive web-based application built in Javascript to visualize, reference, and analyze US pertinent geological features of the SFSWT program. This tool is a version upgrade from Adobe FLEX technology. It is designed to facilitate informed decision making of the geology of continental US relevant to the SFSWT program.

  15. ClusterControl: a web interface for distributing and monitoring bioinformatics applications on a Linux cluster.

    Science.gov (United States)

    Stocker, Gernot; Rieder, Dietmar; Trajanoski, Zlatko

    2004-03-22

    ClusterControl is a web interface to simplify distributing and monitoring bioinformatics applications on Linux cluster systems. We have developed a modular concept that enables integration of command line oriented program into the application framework of ClusterControl. The systems facilitate integration of different applications accessed through one interface and executed on a distributed cluster system. The package is based on freely available technologies like Apache as web server, PHP as server-side scripting language and OpenPBS as queuing system and is available free of charge for academic and non-profit institutions. http://genome.tugraz.at/Software/ClusterControl

  16. Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

    Directory of Open Access Journals (Sweden)

    Hoon-Jae Lee

    2011-12-01

    Full Text Available Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs. Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  17. Security issues in healthcare applications using wireless medical sensor networks: a survey.

    Science.gov (United States)

    Kumar, Pardeep; Lee, Hoon-Jae

    2012-01-01

    Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs.

  18. Automatic health record review to help prioritize gravely ill Social Security disability applicants.

    Science.gov (United States)

    Abbott, Kenneth; Ho, Yen-Yi; Erickson, Jennifer

    2017-07-01

    Every year, thousands of patients die waiting for disability benefits from the Social Security Administration. Some qualify for expedited service under the Compassionate Allowance (CAL) initiative, but CAL software focuses exclusively on information from a single form field. This paper describes the development of a supplemental process for identifying some overlooked but gravely ill applicants, through automatic annotation of health records accompanying new claims. We explore improved prioritization instead of fully autonomous claims approval. We developed a sample of claims containing medical records at the moment of arrival in a single office. A series of tools annotated both patient records and public Web page descriptions of CAL medical conditions. We trained random forests to identify CAL patients and validated each model with 10-fold cross validation. Our main model, a general CAL classifier, had an area under the receiver operating characteristic curve of 0.915. Combining this classifier with existing software improved sensitivity from 0.960 to 0.994, detecting every deceased patient, but reducing positive predictive value to 0.216. True positive CAL identification is a priority, given CAL patient mortality. Mere prioritization of the false positives would not create a meaningful burden in terms of manual review. Death certificate data suggest the presence of truly ill patients among putative false positives. To a limited extent, it is possible to identify gravely ill Social Security disability applicants by analyzing annotations of unstructured electronic health records, and the level of identification is sufficient to be useful in prioritizing case reviews. Published by Oxford University Press on behalf of the American Medical Informatics Association 2017. This work is written by US Government employees and is in the public domain in the US.

  19. CloudTPS: Scalable Transactions for Web Applications in the Cloud

    NARCIS (Netherlands)

    Zhou, W.; Pierre, G.E.O.; Chi, C.-H.

    2010-01-01

    NoSQL Cloud data services provide scalability and high availability properties for web applications but at the same time they sacrifice data consistency. However, many applications cannot afford any data inconsistency. CloudTPS is a scalable transaction manager to allow cloud database services to

  20. A novel 2.5D approach for interfacing with web applications

    OpenAIRE

    Sarkar, Saurabh

    2012-01-01

    Web applications need better user interface to be interactive and attractive. A new approach/concept of dimensional enhancement - 2.5D "a 2D display of a virtual 3D environment", which can be implemented in social networking sites and further in other system applications.