Security and computer forensics in web engineering education

OpenAIRE

Glisson, W.; Welland, R.; Glisson, L.M.

2010-01-01

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security shou...

Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2013-01-01

Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

Internet/Web-based administration of benefits.

Science.gov (United States)

Vitiello, J

2001-09-01

Most funds will face the challenge of deploying at least some Web-based functionality in the near future, if they have not already done so. Clear objectives and careful planning will help ensure success. Issues that must be considered include support requirements, security concerns, functional business objectives, and employer and member Web access.

Design and Implementation of File Access and Control System Based on Dynamic Web

Institute of Scientific and Technical Information of China (English)

GAO Fuxiang; YAO Lan; BAO Shengfei; YU Ge

2006-01-01

A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained.

Access and completion of a Web-based treatment in a population-based sample of tornado-affected adolescents.

Science.gov (United States)

Price, Matthew; Yuen, Erica K; Davidson, Tatiana M; Hubel, Grace; Ruggiero, Kenneth J

2015-08-01

Although Web-based treatments have significant potential to assess and treat difficult-to-reach populations, such as trauma-exposed adolescents, the extent that such treatments are accessed and used is unclear. The present study evaluated the proportion of adolescents who accessed and completed a Web-based treatment for postdisaster mental health symptoms. Correlates of access and completion were examined. A sample of 2,000 adolescents living in tornado-affected communities was assessed via structured telephone interview and invited to a Web-based treatment. The modular treatment addressed symptoms of posttraumatic stress disorder, depression, and alcohol and tobacco use. Participants were randomized to experimental or control conditions after accessing the site. Overall access for the intervention was 35.8%. Module completion for those who accessed ranged from 52.8% to 85.6%. Adolescents with parents who used the Internet to obtain health-related information were more likely to access the treatment. Adolescent males were less likely to access the treatment. Future work is needed to identify strategies to further increase the reach of Web-based treatments to provide clinical services in a postdisaster context. (c) 2015 APA, all rights reserved).

Security Vulnerabilities of the Web Based Open Source Information ...

African Journals Online (AJOL)

This paper exposes security vulnerabilities of the web based Open Source Information Systems (OSIS) from both system angle and human perspectives.It shows the extent of risk that can likely hinder adopting organization from attaning full intended benefits of using OSIS software. To undertake this study, a case study ...

Web Security, Privacy & Commerce

CERN Document Server

Garfinkel, Simson

2011-01-01

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Exp

Moving toward a universally accessible web: Web accessibility and education.

Science.gov (United States)

Kurt, Serhat

2017-12-08

The World Wide Web is an extremely powerful source of information, inspiration, ideas, and opportunities. As such, it has become an integral part of daily life for a great majority of people. Yet, for a significant number of others, the internet offers only limited value due to the existence of barriers which make accessing the Web difficult, if not impossible. This article illustrates some of the reasons that achieving equality of access to the online world of education is so critical, explores the current status of Web accessibility, discusses evaluative tools and methods that can help identify accessibility issues in educational websites, and provides practical recommendations and guidelines for resolving some of the obstacles that currently hinder the achievability of the goal of universal Web access.

A System for Web-based Access to the HSOS Database

Science.gov (United States)

Lin, G.

Huairou Solar Observing Station's (HSOS) magnetogram and dopplergram are world-class instruments. Access to their data has opened to the world. Web-based access to the data will provide a powerful, convenient tool for data searching and solar physics. It is necessary that our data be provided to users via the Web when it is opened to the world. In this presentation, the author describes general design and programming construction of the system. The system will be generated by PHP and MySQL. The author also introduces basic feature of PHP and MySQL.

Reliability, compliance, and security in web-based course assessments

Directory of Open Access Journals (Sweden)

Scott Bonham

2008-04-01

Full Text Available Pre- and postcourse assessment has become a very important tool for education research in physics and other areas. The web offers an attractive alternative to in-class paper administration, but concerns about web-based administration include reliability due to changes in medium, student compliance rates, and test security, both question leakage and utilization of web resources. An investigation was carried out in introductory astronomy courses comparing pre- and postcourse administration of assessments using the web and on paper. Overall no difference was seen in performance due to the medium. Compliance rates fluctuated greatly, and factors that seemed to produce higher rates are identified. Notably, email reminders increased compliance by 20%. Most of the 559 students complied with requests to not copy, print, or save questions nor use web resources; about 1% did copy some question text and around 2% frequently used other windows or applications while completing the assessment.

Web application security: a beginner's guide

National Research Council Canada - National Science Library

Sullivan, Bryan; Liu, Vincent

2012-01-01

.... Sullivan and Liu have created a savvy, essentials-based approach to web app security packed with immediately applicable tools for any information security practitioner sharpening his or her tools or just starting...

From Web accessibility to Web adaptability.

Science.gov (United States)

Kelly, Brian; Nevile, Liddy; Sloan, David; Fanou, Sotiris; Ellison, Ruth; Herrod, Lisa

2009-07-01

This article asserts that current approaches to enhance the accessibility of Web resources fail to provide a solid foundation for the development of a robust and future-proofed framework. In particular, they fail to take advantage of new technologies and technological practices. The article introduces a framework for Web adaptability, which encourages the development of Web-based services that can be resilient to the diversity of uses of such services, the target audience, available resources, technical innovations, organisational policies and relevant definitions of 'accessibility'. The article refers to a series of author-focussed approaches to accessibility through which the authors and others have struggled to find ways to promote accessibility for people with disabilities. These approaches depend upon the resource author's determination of the anticipated users' needs and their provision. Through approaches labelled as 1.0, 2.0 and 3.0, the authors have widened their focus to account for contexts and individual differences in target audiences. Now, the authors want to recognise the role of users in determining their engagement with resources (including services). To distinguish this new approach, the term 'adaptability' has been used to replace 'accessibility'; new definitions of accessibility have been adopted, and the authors have reviewed their previous work to clarify how it is relevant to the new approach. Accessibility 1.0 is here characterised as a technical approach in which authors are told how to construct resources for a broadly defined audience. This is known as universal design. Accessibility 2.0 was introduced to point to the need to account for the context in which resources would be used, to help overcome inadequacies identified in the purely technical approach. Accessibility 3.0 moved the focus on users from a homogenised universal definition to recognition of the idiosyncratic needs and preferences of individuals and to cater for them. All of

Security cost analysis in electricity markets based on voltage security criteria and Web-based implementation

International Nuclear Information System (INIS)

Chen, H.

2003-01-01

This paper presents an efficient and transparent method for electricity market operators to analyze transaction security costs and to quantify the correlation between market operation and power system operation. Rescheduling and take-risk strategies were proposed and discussed with reference to transaction impact computations, thermal and voltage limits and voltage stability criteria. The rescheduling method is associated with an iterative generation dispatch or load curtailment approach to minimize the amount of rescheduling. The take-risk method considered operating risks to facilitate transactions. The SATC concept was also proposed to accurately evaluate transmission congestion. The impact of transaction was calculated using a new sensitivity formula to find the most effective rescheduling direction and the most effective cost distribution. A new pricing method called Nodal Congestion Price was also proposed to determine proper price signals. The paper also presents an Artificial Neural Network (ANN) based short term load forecasting method that considers the effect of price on the load. A web-based prototype was implemented to allow all market participants access to the proposed analysis and pricing techniques. Several case studies have validated the effectiveness of the proposed method which would help independent system operators in determining congestion prices, coordinate transactions and make profitable market decisions

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks.

Science.gov (United States)

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-02-01

Hybrid mobile applications (apps) combine the features of Web applications and "native" mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources-file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies "bridges" that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources-the ability to read and write contacts list, local files, etc.-to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign-origin Web content

Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks

Science.gov (United States)

Georgiev, Martin; Jana, Suman; Shmatikov, Vitaly

2014-01-01

Hybrid mobile applications (apps) combine the features of Web applications and “native” mobile apps. Like Web applications, they are implemented in portable, platform-independent languages such as HTML and JavaScript. Like native apps, they have direct access to local device resources—file system, location, camera, contacts, etc. Hybrid apps are typically developed using hybrid application frameworks such as PhoneGap. The purpose of the framework is twofold. First, it provides an embedded Web browser (for example, WebView on Android) that executes the app's Web code. Second, it supplies “bridges” that allow Web code to escape the browser and access local resources on the device. We analyze the software stack created by hybrid frameworks and demonstrate that it does not properly compose the access-control policies governing Web code and local code, respectively. Web code is governed by the same origin policy, whereas local code is governed by the access-control policy of the operating system (for example, user-granted permissions in Android). The bridges added by the framework to the browser have the same local access rights as the entire application, but are not correctly protected by the same origin policy. This opens the door to fracking attacks, which allow foreign-origin Web content included into a hybrid app (e.g., ads confined in iframes) to drill through the layers and directly access device resources. Fracking vulnerabilities are generic: they affect all hybrid frameworks, all embedded Web browsers, all bridge mechanisms, and all platforms on which these frameworks are deployed. We study the prevalence of fracking vulnerabilities in free Android apps based on the PhoneGap framework. Each vulnerability exposes sensitive local resources—the ability to read and write contacts list, local files, etc.—to dozens of potentially malicious Web domains. We also analyze the defenses deployed by hybrid frameworks to prevent resource access by foreign

Non-visual Web Browsing: Beyond Web Accessibility.

Science.gov (United States)

Ramakrishnan, I V; Ashok, Vikas; Billah, Syed Masum

2017-07-01

People with vision impairments typically use screen readers to browse the Web. To facilitate non-visual browsing, web sites must be made accessible to screen readers, i.e., all the visible elements in the web site must be readable by the screen reader. But even if web sites are accessible, screen-reader users may not find them easy to use and/or easy to navigate. For example, they may not be able to locate the desired information without having to listen to a lot of irrelevant contents. These issues go beyond web accessibility and directly impact web usability. Several techniques have been reported in the accessibility literature for making the Web usable for screen reading. This paper is a review of these techniques. Interestingly, the review reveals that understanding the semantics of the web content is the overarching theme that drives these techniques for improving web usability.

Secure Sessions for Web Services

NARCIS (Netherlands)

Reiter, M.; Bhargavan, K.; Corin, R.J.; Fournet, C.; Gordon, A.D.

2007-01-01

We address the problem of securing sequences of SOAP messages exchanged between web services and their clients. The WS-Security standard defines basic mechanisms to secure SOAP traffic, one message at a time. For typical web services, however, using WS-Security independently for each message is

A demanding web-based PACS supported by web services technology

Science.gov (United States)

Costa, Carlos M. A.; Silva, Augusto; Oliveira, José L.; Ribeiro, Vasco G.; Ribeiro, José

2006-03-01

During the last years, the ubiquity of web interfaces have pushed practically all PACS suppliers to develop client applications in which clinical practitioners can receive and analyze medical images, using conventional personal computers and Web browsers. However, due to security and performance issues, the utilization of these software packages has been restricted to Intranets. Paradigmatically, one of the most important advantages of digital image systems is to simplify the widespread sharing and remote access of medical data between healthcare institutions. This paper analyses the traditional PACS drawbacks that contribute to their reduced usage in the Internet and describes a PACS based on Web Services technology that supports a customized DICOM encoding syntax and a specific compression scheme providing all historical patient data in a unique Web interface.

Web Accessibility and Guidelines

Science.gov (United States)

Harper, Simon; Yesilada, Yeliz

Access to, and movement around, complex online environments, of which the World Wide Web (Web) is the most popular example, has long been considered an important and major issue in the Web design and usability field. The commonly used slang phrase ‘surfing the Web’ implies rapid and free access, pointing to its importance among designers and users alike. It has also been long established that this potentially complex and difficult access is further complicated, and becomes neither rapid nor free, if the user is disabled. There are millions of people who have disabilities that affect their use of the Web. Web accessibility aims to help these people to perceive, understand, navigate, and interact with, as well as contribute to, the Web, and thereby the society in general. This accessibility is, in part, facilitated by the Web Content Accessibility Guidelines (WCAG) currently moving from version one to two. These guidelines are intended to encourage designers to make sure their sites conform to specifications, and in that conformance enable the assistive technologies of disabled users to better interact with the page content. In this way, it was hoped that accessibility could be supported. While this is in part true, guidelines do not solve all problems and the new WCAG version two guidelines are surrounded by controversy and intrigue. This chapter aims to establish the published literature related to Web accessibility and Web accessibility guidelines, and discuss limitations of the current guidelines and future directions.

Development of a secure and cost-effective infrastructure for the access of arbitrary web-based image distribution systems

International Nuclear Information System (INIS)

Hacklaender, T.; Demabre, N.; Cramer, B.M.; Kleber, K.; Schneider, H.

2004-01-01

Purpose: To build an infrastructure that enables radiologists on-call and external users a teleradiological access to the HTML-based image distribution system inside the hospital via internet. In addition, no investment costs should arise on the user side and the image data should be sent renamed using cryptographic techniques. Materials and Methods: A pure HTML-based system manages the image distribution inside the hospital, with an open source project extending this system through a secure gateway outside the firewall of the hospital. The gateway handles the communication between the external users and the HTML server within the network of the hospital. A second firewall is installed between the gateway and the external users and builds up a virtual private network (VPN). A connection between the gateway and the external user is only acknowledged if the computers involved authenticate each other via certificates and the external users authenticate via a multi-stage password system. All data are transferred encrypted. External users get only access to images that have been renamed to a pseudonym by means of automated processing before. Results: With an ADSL internet access, external users achieve an image load frequency of 0.4 CT images per second. More than 90% of the delay during image transfer results from security checks within the firewalls. Data passing the gateway induce no measurable delay. (orig.)

Identity based Encryption and Biometric Authentication Scheme for Secure Data Access in Cloud Computing

DEFF Research Database (Denmark)

Cheng, Hongbing; Rong, Chunming; Tan, Zheng-Hua

2012-01-01

Cloud computing will be a main information infrastructure in the future; it consists of many large datacenters which are usually geographically distributed and heterogeneous. How to design a secure data access for cloud computing platform is a big challenge. In this paper, we propose a secure data...... access scheme based on identity-based encryption and biometric authentication for cloud computing. Firstly, we describe the security concern of cloud computing and then propose an integrated data access scheme for cloud computing, the procedure of the proposed scheme include parameter setup, key...... distribution, feature template creation, cloud data processing and secure data access control. Finally, we compare the proposed scheme with other schemes through comprehensive analysis and simulation. The results show that the proposed data access scheme is feasible and secure for cloud computing....

Finding Web-Based Anxiety Interventions on the World Wide Web: A Scoping Review.

Science.gov (United States)

Ashford, Miriam Thiel; Olander, Ellinor K; Ayers, Susan

2016-06-01

One relatively new and increasingly popular approach of increasing access to treatment is Web-based intervention programs. The advantage of Web-based approaches is the accessibility, affordability, and anonymity of potentially evidence-based treatment. Despite much research evidence on the effectiveness of Web-based interventions for anxiety found in the literature, little is known about what is publically available for potential consumers on the Web. Our aim was to explore what a consumer searching the Web for Web-based intervention options for anxiety-related issues might find. The objectives were to identify currently publically available Web-based intervention programs for anxiety and to synthesize and review these in terms of (1) website characteristics such as credibility and accessibility; (2) intervention program characteristics such as intervention focus, design, and presentation modes; (3) therapeutic elements employed; and (4) published evidence of efficacy. Web keyword searches were carried out on three major search engines (Google, Bing, and Yahoo-UK platforms). For each search, the first 25 hyperlinks were screened for eligible programs. Included were programs that were designed for anxiety symptoms, currently publically accessible on the Web, had an online component, a structured treatment plan, and were available in English. Data were extracted for website characteristics, program characteristics, therapeutic characteristics, as well as empirical evidence. Programs were also evaluated using a 16-point rating tool. The search resulted in 34 programs that were eligible for review. A wide variety of programs for anxiety, including specific anxiety disorders, and anxiety in combination with stress, depression, or anger were identified and based predominantly on cognitive behavioral therapy techniques. The majority of websites were rated as credible, secure, and free of advertisement. The majority required users to register and/or to pay a program access

Security of social network credentials for accessing course portal: Users' experience

Science.gov (United States)

Katuk, Norliza; Fong, Choo Sok; Chun, Koo Lee

2015-12-01

Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the within-subject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

Secure Java For Web Application Development

CERN Document Server

Bhargav, Abhay

2010-01-01

As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security

Web security a whitehat perspective

CERN Document Server

Wu, Hanqing

2015-01-01

MY VIEW OF THE SECURITY WORLDView of the IT Security WorldBrief History of Web SecurityBrief History of Chinese HackersDevelopment Process of Hacking TechniquesRise of Web SecurityBlack Hat, White HatBack to Nature: The Essence of Secret SecuritySuperstition: There Is No Silver BulletSecurity Is an Ongoing ProcessSecurity ElementsHow to Implement Safety AssessmentAsset ClassificationThreat AnalysisRisk AnalysisDesign of Security ProgramsArt of War of White HatPrinciples of Secure by DefaultBlacklist, WhitelistPrinciple of Least PrivilegePrinciple of Defense in DepthPrinciples of Data and Code

Web accessibility and open source software.

Science.gov (United States)

Obrenović, Zeljko

2009-07-01

A Web browser provides a uniform user interface to different types of information. Making this interface universally accessible and more interactive is a long-term goal still far from being achieved. Universally accessible browsers require novel interaction modalities and additional functionalities, for which existing browsers tend to provide only partial solutions. Although functionality for Web accessibility can be found as open source and free software components, their reuse and integration is complex because they were developed in diverse implementation environments, following standards and conventions incompatible with the Web. To address these problems, we have started several activities that aim at exploiting the potential of open-source software for Web accessibility. The first of these activities is the development of Adaptable Multi-Interface COmmunicator (AMICO):WEB, an infrastructure that facilitates efficient reuse and integration of open source software components into the Web environment. The main contribution of AMICO:WEB is in enabling the syntactic and semantic interoperability between Web extension mechanisms and a variety of integration mechanisms used by open source and free software components. Its design is based on our experiences in solving practical problems where we have used open source components to improve accessibility of rich media Web applications. The second of our activities involves improving education, where we have used our platform to teach students how to build advanced accessibility solutions from diverse open-source software. We are also partially involved in the recently started Eclipse projects called Accessibility Tools Framework (ACTF), the aim of which is development of extensible infrastructure, upon which developers can build a variety of utilities that help to evaluate and enhance the accessibility of applications and content for people with disabilities. In this article we briefly report on these activities.

H1DS: A new web-based data access system

Energy Technology Data Exchange (ETDEWEB)

Pretty, D.G., E-mail: david.pretty@anu.edu.au; Blackwell, B.D.

2014-05-15

Highlights: • We present H1DS, a new RESTful web service for accessing fusion data. • We examine the scalability and extensibility of H1DS. • We present a fast and user friendly web browser client for the H1DS web service. • A summary relational database is presented as an application of the H1DS API. - Abstract: A new data access system, H1DS, has been developed and deployed for the H-1 Heliac at the Australian Plasma Fusion Research Facility. The data system provides access to fusion data via a RESTful web service. With the URL acting as the API to the data system, H1DS provides a scalable and extensible framework which is intuitive to new users, and allows access from any internet connected device. The H1DS framework, originally designed to work with MDSplus, has a modular design which can be extended to provide access to alternative data storage systems.

H1DS: A new web-based data access system

International Nuclear Information System (INIS)

Pretty, D.G.; Blackwell, B.D.

2014-01-01

Highlights: • We present H1DS, a new RESTful web service for accessing fusion data. • We examine the scalability and extensibility of H1DS. • We present a fast and user friendly web browser client for the H1DS web service. • A summary relational database is presented as an application of the H1DS API. - Abstract: A new data access system, H1DS, has been developed and deployed for the H-1 Heliac at the Australian Plasma Fusion Research Facility. The data system provides access to fusion data via a RESTful web service. With the URL acting as the API to the data system, H1DS provides a scalable and extensible framework which is intuitive to new users, and allows access from any internet connected device. The H1DS framework, originally designed to work with MDSplus, has a modular design which can be extended to provide access to alternative data storage systems

Design and Implementation of Open-Access Web-Based Education ...

African Journals Online (AJOL)

... is not flexible as it does not permit access to educational resource at any time or place feasible. ... In this paper, a web-based education useful for e-learning was designed and ... using an open source platform which will be more flexible, and cost effective due to free licensing. The programming languages used are. VB.

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

AN INSECURE WILD WEB: A LARGE-SCALE STUDY OF EFFECTIVENESS OF WEB SECURITY MECHANISMS

Directory of Open Access Journals (Sweden)

Kailas Patil

2017-03-01

Full Text Available This research work presents a large-scale study of the problems in real-world web applications and widely-used mobile browsers. Through a large-scale experiment, we find inconsistencies in Secure Socket Layer (SSL warnings among popular mobile web browsers (over a billion users download. The majority of popular mobile browsers on the Google Play Store either provide incomplete information in SSL warnings shown to users or failed to provide SSL warnings in the presence of security certificate errors, thus making it a difficult task even for a security savvy user to make an informed decision. In addition, we find that 28% of websites are using mixed content. Mixed content means a secure website (https loads a sub resource using insecure HTTP protocol. The mixed content weakens the security of entire website and vulnerable to man-in-the-middle (MITM attacks. Furthermore, we inspected the default behavior of mobile web browsers and report that majority of mobile web browsers allow execution of mixed content in web applications, which implies billions of mobile browser users are vulnerable to eavesdropping and MITM attacks. Based on our findings, we make recommendations for website developers, users and browser vendors.

Cloud-based Web Services for Near-Real-Time Web access to NPP Satellite Imagery and other Data

Science.gov (United States)

Evans, J. D.; Valente, E. G.

2010-12-01

We are building a scalable, cloud computing-based infrastructure for Web access to near-real-time data products synthesized from the U.S. National Polar-Orbiting Environmental Satellite System (NPOESS) Preparatory Project (NPP) and other geospatial and meteorological data. Given recent and ongoing changes in the the NPP and NPOESS programs (now Joint Polar Satellite System), the need for timely delivery of NPP data is urgent. We propose an alternative to a traditional, centralized ground segment, using distributed Direct Broadcast facilities linked to industry-standard Web services by a streamlined processing chain running in a scalable cloud computing environment. Our processing chain, currently implemented on Amazon.com's Elastic Compute Cloud (EC2), retrieves raw data from NASA's Moderate Resolution Imaging Spectroradiometer (MODIS) and synthesizes data products such as Sea-Surface Temperature, Vegetation Indices, etc. The cloud computing approach lets us grow and shrink computing resources to meet large and rapid fluctuations (twice daily) in both end-user demand and data availability from polar-orbiting sensors. Early prototypes have delivered various data products to end-users with latencies between 6 and 32 minutes. We have begun to replicate machine instances in the cloud, so as to reduce latency and maintain near-real time data access regardless of increased data input rates or user demand -- all at quite moderate monthly costs. Our service-based approach (in which users invoke software processes on a Web-accessible server) facilitates access into datasets of arbitrary size and resolution, and allows users to request and receive tailored and composite (e.g., false-color multiband) products on demand. To facilitate broad impact and adoption of our technology, we have emphasized open, industry-standard software interfaces and open source software. Through our work, we envision the widespread establishment of similar, derived, or interoperable systems for

An end-to-end secure patient information access card system.

Science.gov (United States)

Alkhateeb, A; Singer, H; Yakami, M; Takahashi, T

2000-03-01

The rapid development of the Internet and the increasing interest in Internet-based solutions has promoted the idea of creating Internet-based health information applications. This will force a change in the role of IC cards in healthcare card systems from a data carrier to an access key medium. At the Medical Informatics Department of Kyoto University Hospital we are developing a smart card patient information project where patient databases are accessed via the Internet. Strong end-to-end data encryption is performed via Secure Socket Layers, transparent to transmit patient information. The smart card is playing the crucial role of access key to the database: user authentication is performed internally without ever revealing the actual key. For easy acceptance by healthcare professionals, the user interface is integrated as a plug-in for two familiar Web browsers, Netscape Navigator and MS Internet Explorer.

Teaching Web Security Using Portable Virtual Labs

Science.gov (United States)

Chen, Li-Chiou; Tao, Lixin

2012-01-01

We have developed a tool called Secure WEb dEvelopment Teaching (SWEET) to introduce security concepts and practices for web application development. This tool provides introductory tutorials, teaching modules utilizing virtualized hands-on exercises, and project ideas in web application security. In addition, the tool provides pre-configured…

Primer on client-side web security

CERN Document Server

De Ryck, Philippe; Piessens, Frank; Johns, Martin

2014-01-01

This volume illustrates the continuous arms race between attackers and defenders of the Web ecosystem by discussing a wide variety of attacks. In the first part of the book, the foundation of the Web ecosystem is briefly recapped and discussed. Based on this model, the assets of the Web ecosystem are identified, and the set of capabilities an attacker may have are enumerated. In the second part, an overview of the web security vulnerability landscape is constructed. Included are selections of the most representative attack techniques reported in great detail. In addition to descriptions of the

Architecture for large-scale automatic web accessibility evaluation based on the UWEM methodology

DEFF Research Database (Denmark)

Ulltveit-Moe, Nils; Olsen, Morten Goodwin; Pillai, Anand B.

2008-01-01

The European Internet Accessibility project (EIAO) has developed an Observatory for performing large scale automatic web accessibility evaluations of public sector web sites in Europe. The architecture includes a distributed web crawler that crawls web sites for links until either a given budget...... of web pages have been identified or the web site has been crawled exhaustively. Subsequently, a uniform random subset of the crawled web pages is sampled and sent for accessibility evaluation and the evaluation results are stored in a Resource Description Format (RDF) database that is later loaded...... challenges that the project faced and the solutions developed towards building a system capable of regular large-scale accessibility evaluations with sufficient capacity and stability. It also outlines some possible future architectural improvements....

Design and Implementation of a Web-based Monitoring System by using EPICS Channel Access Protocol

International Nuclear Information System (INIS)

An, Eun Mi; Song, Yong Gi

2009-01-01

Proton Engineering Frontier Project (PEFP) has developed a 20MeV proton accelerator, and established a distributed control system based on EPICS for sub-system components such as vacuum unit, beam diagnostics, and power supply system. The control system includes a real-time monitoring and alarm functions. From the aspect of a efficient maintenance of a control system and a additional extension of subsystems, EPICS software framework was adopted. In addition, a control system should be capable of providing an easy access for users and a real-time monitoring on a user screen. Therefore, we have implemented a new web-based monitoring server with several libraries. By adding DB module, the new IOC web monitoring system makes it possible to monitor the system through the web. By integrating EPICS Channel Access (CA) and Database libraries into a Database module, the web-based monitoring system makes it possible to monitor the sub-system status through user's internet browser. In this study, we developed a web based monitoring system by using EPICS IOC (Input Output Controller) with IBM server

Intelligent Security Auditing Based on Access Control of Devices in Ad Hoc Network

Institute of Scientific and Technical Information of China (English)

XU Guang-wei; SHI You-qun; ZHU Ming; WU Guo-wen; CAO Qi-ying

2006-01-01

Security in Ad Hoc network is an important issue under the opening circumstance of application service. Some protocols and models of security auditing have been proposed to ensure rationality of contracting strategy and operating regulation and used to identify abnormal operation. Model of security auditing based on access control of devices will be advanced to register sign of devices and property of event of access control and to audit those actions. In the end, the model is analyzed and simulated.

Secure Web Developers Needed!

CERN Multimedia

Computer Security Team

2012-01-01

You’re about to launch a new website? Cool!! With today’s web programming languages like PHP, Java, Python or Perl, complex websites can be created, easily fulfilling all your use cases. But hold on. Did you ever think about how easily this can be abused? Attackers today are already using automatic tools which can quickly and easily find and exploit vulnerable web applications.   Web applications often suffer from security vulnerabilities, i.e. design flaws or programming bugs that remained undetected during the whole software development cycle. In production these vulnerabilities become security holes, providing an opportunity for exploitation, and can pose immense security risks (and there is no reason to believe that CERN is immune to this). The costs associated with eliminating these bugs could be loosely described by the "1:10:100 rule", i.e. the relative costs for fixing are 1:10:100 for fixing them in the programming:testing:production phases. Thus, the...

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

OpenAIRE

Wen-Jye Shyr; Te-Jen Su; Chia-Ming Lin

2013-01-01

This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC) and WebAccess. A mechatronics module, a Web‐CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equ...

Web accessibility standards and disability: developing critical perspectives on accessibility.

Science.gov (United States)

Lewthwaite, Sarah

2014-01-01

Currently, dominant web accessibility standards do not respect disability as a complex and culturally contingent interaction; recognizing that disability is a variable, contrary and political power relation, rather than a biological limit. Against this background there is clear scope to broaden the ways in which accessibility standards are understood, developed and applied. Commentary. The values that shape and are shaped by legislation promote universal, statistical and automated approaches to web accessibility. This results in web accessibility standards conveying powerful norms fixing the relationship between technology and disability, irrespective of geographical, social, technological or cultural diversity. Web accessibility standards are designed to enact universal principles; however, they express partial and biopolitical understandings of the relation between disability and technology. These values can be limiting, and potentially counter-productive, for example, for the majority of disabled people in the "Global South" where different contexts constitute different disabilities and different experiences of web access. To create more robust, accessible outcomes for disabled people, research and standards practice should diversify to embrace more interactional accounts of disability in different settings. Implications for Rehabilitation Creating accessible experiences is an essential aspect of rehabilitation. Web standards promote universal accessibility as a property of an online resource or service. This undervalues the importance of the user's intentions, expertize, their context, and the complex social and cultural nature of disability. Standardized, universal approaches to web accessibility may lead to counterproductive outcomes for disabled people whose impairments and circumstances do not meet Western disability and accessibility norms. Accessible experiences for rehabilitation can be enhanced through an additional focus on holistic approaches to

Learning Task Knowledge from Dialog and Web Access

Directory of Open Access Journals (Sweden)

Vittorio Perera

2015-06-01

Full Text Available We present KnoWDiaL, an approach for Learning and using task-relevant Knowledge from human-robot Dialog and access to the Web. KnoWDiaL assumes that there is an autonomous agent that performs tasks, as requested by humans through speech. The agent needs to “understand” the request, (i.e., to fully ground the task until it can proceed to plan for and execute it. KnoWDiaL contributes such understanding by using and updating a Knowledge Base, by dialoguing with the user, and by accessing the web. We believe that KnoWDiaL, as we present it, can be applied to general autonomous agents. However, we focus on our work with our autonomous collaborative robot, CoBot, which executes service tasks in a building, moving around and transporting objects between locations. Hence, the knowledge acquired and accessed consists of groundings of language to robot actions, and building locations, persons, and objects. KnoWDiaL handles the interpretation of voice commands, is robust regarding speech recognition errors, and is able to learn commands involving referring expressions in an open domain, (i.e., without requiring a lexicon. We present in detail the multiple components of KnoWDiaL, namely a frame-semantic parser, a probabilistic grounding model, a web-based predicate evaluator, a dialog manager, and the weighted predicate-based Knowledge Base. We illustrate the knowledge access and updates from the dialog and Web access, through detailed and complete examples. We further evaluate the correctness of the predicate instances learned into the Knowledge Base, and show the increase in dialog efficiency as a function of the number of interactions. We have extensively and successfully used KnoWDiaL in CoBot dialoguing and accessing the Web, and extract a few corresponding example sequences from captured videos.

EntrezAJAX: direct web browser access to the Entrez Programming Utilities

Directory of Open Access Journals (Sweden)

Pallen Mark J

2010-06-01

Full Text Available Abstract Web applications for biology and medicine often need to integrate data from Entrez services provided by the National Center for Biotechnology Information. However, direct access to Entrez from a web browser is not possible due to 'same-origin' security restrictions. The use of "Asynchronous JavaScript and XML" (AJAX to create rich, interactive web applications is now commonplace. The ability to access Entrez via AJAX would be advantageous in the creation of integrated biomedical web resources. We describe EntrezAJAX, which provides access to Entrez eUtils and is able to circumvent same-origin browser restrictions. EntrezAJAX is easily implemented by JavaScript developers and provides identical functionality as Entrez eUtils as well as enhanced functionality to ease development. We provide easy-to-understand developer examples written in JavaScript to illustrate potential uses of this service. For the purposes of speed, reliability and scalability, EntrezAJAX has been deployed on Google App Engine, a freely available cloud service. The EntrezAJAX webpage is located at http://entrezajax.appspot.com/

Security scanning of Web sites at CERN

CERN Multimedia

IT Department

2010-01-01

As of early 2010, the CERN Computer Security Team will start regular scanning of all Web sites and Web applications at CERN, visible on the Internet, or on the General Purpose Network (office network). The goal of this scanning is to improve the quality of CERN Web sites. All deficits found will be reported by e-mail to the relevant Web site owners, and must be fixed in a timely manner. Web site owners may also request one-off scans of their Web site or Web application, by sending an e-mail to Computer.Security@cern.ch. These Web scans are designed to limit the impact on the scanned Web sites. Nevertheless, in very rare cases scans may cause undesired side-effects, e.g. generate a large number of log entries, or cause particularly badly designed or less robust Web applications to crash. If a Web site is affected by these security scans, it will also be susceptible to any more aggressive scan that can be performed any time by a malicious attacker. Such Web applications should be fixed, and also additionally...

WebTag: Web browsing into sensor tags over NFC.

Science.gov (United States)

Echevarria, Juan Jose; Ruiz-de-Garibay, Jonathan; Legarda, Jon; Alvarez, Maite; Ayerbe, Ana; Vazquez, Juan Ignacio

2012-01-01

Information and Communication Technologies (ICTs) continue to overcome many of the challenges related to wireless sensor monitoring, such as for example the design of smarter embedded processors, the improvement of the network architectures, the development of efficient communication protocols or the maximization of the life cycle autonomy. This work tries to improve the communication link of the data transmission in wireless sensor monitoring. The upstream communication link is usually based on standard IP technologies, but the downstream side is always masked with the proprietary protocols used for the wireless link (like ZigBee, Bluetooth, RFID, etc.). This work presents a novel solution (WebTag) for a direct IP based access to a sensor tag over the Near Field Communication (NFC) technology for secure applications. WebTag allows a direct web access to the sensor tag by means of a standard web browser, it reads the sensor data, configures the sampling rate and implements IP based security policies. It is, definitely, a new step towards the evolution of the Internet of Things paradigm.

Designing a Secure E-commerce with Credential Purpose-based Access Control

OpenAIRE

Norjihan Abdul Ghani; Harihodin Selamat; Zailani Mohamed Sidek

2014-01-01

The rapid growth of e-commerce has created a great opportunities for both businesses and end users. The essential e-commerce process is required for the successful operation and management of e-commerce activities. One of the processes is access control and security. E-commerce must establish a secure access between the parties in an e-commerce transaction by authenticating users, authorizing access, and enforcing security features. The e-commerce application must authorize access to only tho...

Global Web Accessibility Analysis of National Government Portals and Ministry Web Sites

DEFF Research Database (Denmark)

Goodwin, Morten; Susar, Deniz; Nietzio, Annika

2011-01-01

Equal access to public information and services for all is an essential part of the United Nations (UN) Declaration of Human Rights. Today, the Web plays an important role in providing information and services to citizens. Unfortunately, many government Web sites are poorly designed and have...... accessibility barriers that prevent people with disabilities from using them. This article combines current Web accessibility benchmarking methodologies with a sound strategy for comparing Web accessibility among countries and continents. Furthermore, the article presents the first global analysis of the Web...... accessibility of 192 United Nation Member States made publically available. The article also identifies common properties of Member States that have accessible and inaccessible Web sites and shows that implementing antidisability discrimination laws is highly beneficial for the accessibility of Web sites, while...

Lecture 3: Web Application Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

A dialogue-based web application enhances personalized access to healthcare professionals – an intervention study

Directory of Open Access Journals (Sweden)

Bjoernes Charlotte D

2012-09-01

Full Text Available Abstract Background In today’s short stay hospital settings the contact time for patients is reduced. However, it seems to be more important for the patients that the healthcare professionals are easy to get in contact with during the whole course of treatment, and to have the opportunity to exchange information, as a basis for obtaining individualized information and support. Therefore, the aim was to explore the ability of a dialogue-based application to contribute to accessibility of the healthcare professionals and exchangeability of information. Method An application for online written and asynchronous contacts was developed, implemented in clinical practice, and evaluated. The qualitative effect of the online contact was explored using a Web-based survey comprised of open-ended questions. Results Patients valued the online contacts and experienced feelings of partnership in dialogue, in a flexible and calm environment, which supported their ability to be active partners and feelings of freedom and security. Conclusion The online asynchronous written environment can contribute to accessibility and exchangeability, and add new possibilities for dialogues from which the patients can benefit. The individualized information obtained via online contact empowers the patients. The Internet-based contacts are a way to differentiate and expand the possibilities for contacts outside the few scheduled face-to-face hospital contacts.

Data Hiding and Security for XML Database: A TRBAC- Based Approach

Institute of Scientific and Technical Information of China (English)

ZHANG Wan-song; SUN Wei; LIU Da-xin

2005-01-01

In order to cope with varying protection granularity levels of XML (eXtensible Markup Language) documents, we propose a TXAC (Two-level XML Access Control) framework, in which an extended TRBAC (Temporal Role-Based Access Control) approach is proposed to deal with the dynamic XML data. With different system components,TXAC algorithm evaluates access requests efficiently by appropriate access control policy in dynamic web environment.The method is a flexible and powerful security system offering a multi-level access control solution.

Web Services Security - Implementation and Evaluation Issues

Science.gov (United States)

Pimenidis, Elias; Georgiadis, Christos K.; Bako, Peter; Zorkadis, Vassilis

Web services development is a key theme in the utilization the commercial exploitation of the semantic web. Paramount to the development and offering of such services is the issue of security features and they way these are applied in instituting trust amongst participants and recipients of the service. Implementing such security features is a major challenge to developers as they need to balance these with performance and interoperability requirements. Being able to evaluate the level of security offered is a desirable feature for any prospective participant. The authors attempt to address the issues of security requirements and evaluation criteria, while they discuss the challenges of security implementation through a simple web service application case.

Development of Remote Monitoring and a Control System Based on PLC and WebAccess for Learning Mechatronics

Directory of Open Access Journals (Sweden)

Wen-Jye Shyr

2013-02-01

Full Text Available This study develops a novel method for learning mechatronics using remote monitoring and control, based on a programmable logic controller (PLC and WebAccess. A mechatronics module, a Web-CAM and a PLC were integrated with WebAccess software to organize a remote laboratory. The proposed system enables users to access the Internet for remote monitoring and control of the mechatronics module via a web browser, thereby enhancing work flexibility by enabling personnel to control mechatronics equipment from a remote location. Mechatronics control and long-distance monitoring were realized by establishing communication between the PLC and WebAccess. Analytical results indicate that the proposed system is feasible. The suitability of this system is demonstrated in the department of industrial education and technology at National Changhua University of Education, Taiwan. Preliminary evaluation of the system was encouraging and has shown that it has achieved success in helping students understand concepts and master remote monitoring and control techniques.

Capability-based Access Control Delegation Model on the Federated IoT Network

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2012-01-01

Flexibility is an important property for general access control system and especially in the Internet of Things (IoT), which can be achieved by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has...... no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. To this end, this paper presents an access delegation method with security considerations based on Capability-based Context Aware Access Control (CCAAC) model intended for federated...... machine-to-machine communication or IoT networks. The main idea of our proposed model is that the access delegation is realized by means of a capability propagation mechanism, and incorporating the context information as well as secure capability propagation under federated IoT environments. By using...

EPICS: Channel Access security design

International Nuclear Information System (INIS)

Kraimer, M.; Hill, J.

1994-05-01

This document presents the design for implementing the requirements specified in: EPICS -- Channel Access Security -- functional requirements, Ned. D. Arnold, 03/09/92. Use of the access security system is described along with a summary of the functional requirements. The programmer's interface is given. Security protocol is described and finally aids for reading the access security code are provided

JWIG: Yet Another Framework for Maintainable and Secure Web Applications

DEFF Research Database (Denmark)

Møller, Anders; Schwarz, Mathias Romme

2009-01-01

Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

Secure external access to CERN's services to replace VPN

CERN Multimedia

2005-01-01

CERN has recently experienced several computer security incidents caused by people opening VPN connections and (unknown to them) allowing malicious software to enter CERN. VPN should be used to connect to CERN only in extreme and exceptional circumstances and it is formally discouraged as a general solution. If incidents continue, the availability of the service will need to be reviewed. Recommended methods of connecting to CERN from the Internet for common functionalities such as e-mail, access to CERN web or file servers and interactive sessions on CERN systems are described at http://cern.ch/security/vpn

Evaluation of secure capability-based access control in the M2M local cloud platform

DEFF Research Database (Denmark)

Anggorojati, Bayu; Prasad, Neeli R.; Prasad, Ramjee

2016-01-01

delegation. Recently, the capability based access control has been considered as method to manage access in the Internet of Things (IoT) or M2M domain. In this paper, the implementation and evaluation of a proposed secure capability based access control in the M2M local cloud platform is presented......Managing access to and protecting resources is one of the important aspect in managing security, especially in a distributed computing system such as Machine-to-Machine (M2M). One such platform known as the M2M local cloud platform, referring to BETaaS architecture [1], which conceptually consists...... of multiple distributed M2M gateways, creating new challenges in the access control. Some existing access control systems lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, or fails to provide fine grained and flexible access right...

Potential influence of Web 2.0 usage and security practices of online users on information management

Directory of Open Access Journals (Sweden)

R.J. Rudman

2009-02-01

Full Text Available The proliferation of Web 2.0 applications was the impetus for this survey-based research into practices that online users currently employ when using Web 2.0 sites. As part of the study, the popularity of Web 2.0 technologies and sites among online users at a university was investigated to determine the extent of the potential threat to corporate security, arising from Web 2.0 use and access. The results of this study indicate that the use of Web 2.0 sites is very popular among students, as a proxy for the potential future business users, and that users are not necessarily aware of the risks associated with these sites. The respondents indicated that they regularly visit Web 2.0 sites, and that they post personal information on these sites. This is of concern in protecting arguably the most valuable asset of a business.

Remote Internet access to advanced analytical facilities: a new approach with Web-based services.

Science.gov (United States)

Sherry, N; Qin, J; Fuller, M Suominen; Xie, Y; Mola, O; Bauer, M; McIntyre, N S; Maxwell, D; Liu, D; Matias, E; Armstrong, C

2012-09-04

Over the past decade, the increasing availability of the World Wide Web has held out the possibility that the efficiency of scientific measurements could be enhanced in cases where experiments were being conducted at distant facilities. Examples of early successes have included X-ray diffraction (XRD) experimental measurements of protein crystal structures at synchrotrons and access to scanning electron microscopy (SEM) and NMR facilities by users from institutions that do not possess such advanced capabilities. Experimental control, visual contact, and receipt of results has used some form of X forwarding and/or VNC (virtual network computing) software that transfers the screen image of a server at the experimental site to that of the users' home site. A more recent development is a web services platform called Science Studio that provides teams of scientists with secure links to experiments at one or more advanced research facilities. The software provides a widely distributed team with a set of controls and screens to operate, observe, and record essential parts of the experiment. As well, Science Studio provides high speed network access to computing resources to process the large data sets that are often involved in complex experiments. The simple web browser and the rapid transfer of experimental data to a processing site allow efficient use of the facility and assist decision making during the acquisition of the experimental results. The software provides users with a comprehensive overview and record of all parts of the experimental process. A prototype network is described involving X-ray beamlines at two different synchrotrons and an SEM facility. An online parallel processing facility has been developed that analyzes the data in near-real time using stream processing. Science Studio and can be expanded to include many other analytical applications, providing teams of users with rapid access to processed results along with the means for detailed

JWIG: Yet Another Framework for Maintainable and Secure Web Applications

DEFF Research Database (Denmark)

Møller, Anders; Schwarz, Mathias Romme

2009-01-01

Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications....

Health Information System Role-Based Access Control Current Security Trends and Challenges.

Science.gov (United States)

de Carvalho Junior, Marcelo Antonio; Bandiera-Paiva, Paulo

2018-01-01

This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. We have selected articles related to our investigation theme "RBAC trends and limitations" in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: "Role-Based Access Control" OR "RBAC" AND "Health information System" OR "EHR" AND "Trends" OR "Challenges" OR "Security" OR "Authorization" OR "Attacks" OR "Permission Assignment" OR "Permission Relation" OR "Permission Mapping" OR "Constraint". We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.

Web Interface Security Vulnerabilities of European Academic Repositories

Directory of Open Access Journals (Sweden)

Matus Formanek

2017-02-01

Full Text Available The given analysis summarizes the status quo of the level of security of web interfaces of selected European academic repositories in the field of library and information science. It focuses on the presence and qualities of the secure HTTPS protocol via SSL/TLS protocols. The security of the transmitted data is particularly important in the network environment of the Internet, especially if log-in user data is transmitted. Disclosure may have a direct impact on saved digital objects and their metadata which together represent the most valuable parts of systems of digital libraries and repositories. Furthermore, the paper points to the most noticeable vulnerabilities of protocols of web interfaces and presents practical recommendations for the expert public. These may contribute to the increase of the level of security of the discussed systems. The authors base their proposals on the currently available scientific publications and scientific articles about the given topic.

BioServices: a common Python package to access biological Web Services programmatically.

Science.gov (United States)

Cokelaer, Thomas; Pultz, Dennis; Harder, Lea M; Serra-Musach, Jordi; Saez-Rodriguez, Julio

2013-12-15

Web interfaces provide access to numerous biological databases. Many can be accessed to in a programmatic way thanks to Web Services. Building applications that combine several of them would benefit from a single framework. BioServices is a comprehensive Python framework that provides programmatic access to major bioinformatics Web Services (e.g. KEGG, UniProt, BioModels, ChEMBLdb). Wrapping additional Web Services based either on Representational State Transfer or Simple Object Access Protocol/Web Services Description Language technologies is eased by the usage of object-oriented programming. BioServices releases and documentation are available at http://pypi.python.org/pypi/bioservices under a GPL-v3 license.

Security Guards for the Future Web

National Research Council Canada - National Science Library

Reed, Nancy; Bryson, Dave; Garriss, James; Gosnell, Steve; Heaton, Brook; Huber, Gary; Jacobs, David; Pulvermacher, Mary; Semy, Salim; Smith, Chad; Standard, John

2004-01-01

.... Guard technology needs to keep pace with the evolving Web environment. The authors conjectured that a family of security guard services would be needed to provide the full range of functionality necessary to support the future Web...

The EarthScope Array Network Facility: application-driven low-latency web-based tools for accessing high-resolution multi-channel waveform data

Science.gov (United States)

Newman, R. L.; Lindquist, K. G.; Clemesha, A.; Vernon, F. L.

2008-12-01

Since April 2004 the EarthScope USArray seismic network has grown to over 400 broadband stations that stream multi-channel data in near real-time to the Array Network Facility in San Diego. Providing secure, yet open, access to real-time and archived data for a broad range of audiences is best served by a series of platform agnostic low-latency web-based applications. We present a framework of tools that interface between the world wide web and Boulder Real Time Technologies Antelope Environmental Monitoring System data acquisition and archival software. These tools provide audiences ranging from network operators and geoscience researchers, to funding agencies and the general public, with comprehensive information about the experiment. This ranges from network-wide to station-specific metadata, state-of-health metrics, event detection rates, archival data and dynamic report generation over a stations two year life span. Leveraging open source web-site development frameworks for both the server side (Perl, Python and PHP) and client-side (Flickr, Google Maps/Earth and jQuery) facilitates the development of a robust extensible architecture that can be tailored on a per-user basis, with rapid prototyping and development that adheres to web-standards.

U-Access: a web-based system for routing pedestrians of differing abilities

Science.gov (United States)

Sobek, Adam D.; Miller, Harvey J.

2006-09-01

For most people, traveling through urban and built environments is straightforward. However, for people with physical disabilities, even a short trip can be difficult and perhaps impossible. This paper provides the design and implementation of a web-based system for the routing and prescriptive analysis of pedestrians with different physical abilities within built environments. U-Access, as a routing tool, provides pedestrians with the shortest feasible route with respect to one of three differing ability levels, namely, peripatetic (unaided mobility), aided mobility (mobility with the help of a cane, walker or crutches) and wheelchair users. U-Access is also an analytical tool that can help identify obstacles in built environments that create routing discrepancies among pedestrians with different physical abilities. This paper discusses the system design, including database, algorithm and interface specifications, and technologies for efficiently delivering results through the World Wide Web (WWW). This paper also provides an illustrative example of a routing problem and an analytical evaluation of the existing infrastructure which identifies the obstacles that pose the greatest discrepancies between physical ability levels. U-Access was evaluated by wheelchair users and route experts from the Center for Disability Services at The University of Utah, USA.

Web-based tailored intervention for preparation of parents and children for outpatient surgery (WebTIPS): development.

Science.gov (United States)

Kain, Zeev N; Fortier, Michelle A; Chorney, Jill MacLaren; Mayes, Linda

2015-04-01

As a result of cost-containment efforts, preparation programs for outpatient surgery are currently not available to the majority of children and parents. The recent dramatic growth in the Internet presents a unique opportunity to transform how children and their parents are prepared for surgery. In this article, we describe the development of a Web-based Tailored Intervention for Preparation of parents and children undergoing Surgery (WebTIPS). A multidisciplinary taskforce agreed that a Web-based tailored intervention consisting of intake, matrix, and output modules was the preferred approach. Next, the content of the various intake variables, the matrix logic, and the output content was developed. The output product has a parent component and a child component and is described in http://surgerywebtips.com/about.php. The child component makes use of preparation strategies such as information provision, modeling, play, and coping skills training. The parent component of WebTIPS includes strategies such as information provision, coping skills training, and relaxation and distraction techniques. A reputable animation and Web design company developed a secured Web-based product based on the above description. In this article, we describe the development of a Web-based tailored preoperative preparation program that can be accessed by children and parents multiple times before and after surgery. A follow-up article in this issue of Anesthesia & Analgesia describes formative evaluation and preliminary efficacy testing of this Web-based tailored preoperative preparation program.

Web accessibility of public universities in Andalusia

Directory of Open Access Journals (Sweden)

Luis Alejandro Casasola Balsells

2017-06-01

Full Text Available This paper describes an analysis conducted in 2015 to evaluate the accessibility of content on Andalusian public university websites. In order to determinate whether these websites are accessible, an assessment has been carried out to check conformance with the latest Web Content Accessibility Guidelines (WCAG 2.0 established by the World Wide Web Consortium (W3C. For this purpose, we have designed a methodology for analysis that combines the use of three automatic tools (eXaminator, MINHAP web accessibility tool, and TAW with a manual analysis to provide a greater reliability and validity of the results. Although the results are acceptable overall, a detailed analysis shows that more is still needed for achieving full accessibility for the entire university community. In this respect, we suggest several corrections to common accessibility errors for facilitating the design of university web portals.

The GridSite Web/Grid security system

International Nuclear Information System (INIS)

McNab, Andrew; Li Yibiao

2010-01-01

We present an overview of the current status of the GridSite toolkit, describing the security model for interactive and programmatic uses introduced in the last year. We discuss our experiences of implementing these internal changes and how they and previous rounds of improvements have been prompted by requirements from users and wider security trends in Grids (such as CSRF). Finally, we explain how these have improved the user experience of GridSite-based websites, and wider implications for portals and similar web/grid sites.

Internet access, awareness and utilisation of web based evidence: a survey of ANZ and Singaporean radiation oncology registrars in 2003

International Nuclear Information System (INIS)

Wong, K.; Veness, M.

2003-01-01

The past decade has seen an 'explosion' in electronically archived evidence available on the Internet. Access to, and awareness of, pre-appraised web based evidence such as is available at the Cochrane Library, and more recently the Cancer Library, is now easily accessible to both clinicians and patients. A postal survey was recently sent out to all Radiation Oncology registrars in Australia, New Zealand and Singapore. The aim of the survey was to ascertain previous training in literature searching and critical appraisal, the extent of Internet access and use of web based evidence and awareness of databases including the Cochrane Library. Sixty six (66) out of ninety (90) registrars responded (73% response rate). Fifty five percent of respondents had previously undertaken some form of training related to literature searching or critical appraisal. The majority (68%) felt confident in performing a literature search, although 80% of respondents indicated interest in obtaining further training. The majority (68%) reported accessing web-based evidence for literature searching in the previous week, and 92% in the previous month. Nearly all respondents (89%) accessed web-based evidence at work. Most (94%) were aware of the Cochrane Library with 48% of respondents having used this database. Sixty-eight percent were aware of the Cancer Library. In 2000 a similar survey revealed only 68% of registrars aware and 30% having used the Cochrane Library. These findings reveal almost universal access to the Internet and use of web-based evidence amongst Radiation Oncology registrars. There has been a marked increase in awareness and use of the Cochrane Library with the majority also aware of the recently introduced Cancer Library

RESTful Java web services security

CERN Document Server

Enríquez, René

2014-01-01

A sequential and easy-to-follow guide which allows you to understand the concepts related to securing web apps/services quickly and efficiently, since each topic is explained and described with the help of an example and in a step-by-step manner, helping you to easily implement the examples in your own projects. This book is intended for web application developers who use RESTful web services to power their websites. Prior knowledge of RESTful is not mandatory, but would be advisable.

A General Attribute and Rule Based Role-Based Access Control Model

Institute of Scientific and Technical Information of China (English)

无

2007-01-01

Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource. This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments.

Improving Inpatient Surveys: Web-Based Computer Adaptive Testing Accessed via Mobile Phone QR Codes.

Science.gov (United States)

Chien, Tsair-Wei; Lin, Weir-Sen

2016-03-02

The National Health Service (NHS) 70-item inpatient questionnaire surveys inpatients on their perceptions of their hospitalization experience. However, it imposes more burden on the patient than other similar surveys. The literature shows that computerized adaptive testing (CAT) based on item response theory can help shorten the item length of a questionnaire without compromising its precision. Our aim was to investigate whether CAT can be (1) efficient with item reduction and (2) used with quick response (QR) codes scanned by mobile phones. After downloading the 2008 inpatient survey data from the Picker Institute Europe website and analyzing the difficulties of this 70-item questionnaire, we used an author-made Excel program using the Rasch partial credit model to simulate 1000 patients' true scores followed by a standard normal distribution. The CAT was compared to two other scenarios of answering all items (AAI) and the randomized selection method (RSM), as we investigated item length (efficiency) and measurement accuracy. The author-made Web-based CAT program for gathering patient feedback was effectively accessed from mobile phones by scanning the QR code. We found that the CAT can be more efficient for patients answering questions (ie, fewer items to respond to) than either AAI or RSM without compromising its measurement accuracy. A Web-based CAT inpatient survey accessed by scanning a QR code on a mobile phone was viable for gathering inpatient satisfaction responses. With advances in technology, patients can now be offered alternatives for providing feedback about hospitalization satisfaction. This Web-based CAT is a possible option in health care settings for reducing the number of survey items, as well as offering an innovative QR code access.

The Digital Divide and Patient Portals: Internet Access Explained Differences in Patient Portal Use for Secure Messaging by Age, Race, and Income.

Science.gov (United States)

Graetz, Ilana; Gordon, Nancy; Fung, Vick; Hamity, Courtnee; Reed, Mary E

2016-08-01

Online access to health records and the ability to exchange secure messages with physicians can improve patient engagement and outcomes; however, the digital divide could limit access to web-based portals among disadvantaged groups. To understand whether sociodemographic differences in patient portal use for secure messaging can be explained by differences in internet access and care preferences. Cross-sectional survey to examine the association between patient sociodemographic characteristics and internet access and care preferences; then, the association between sociodemographic characteristics and secure message use with and without adjusting for internet access and care preference. One thousand forty-one patients with chronic conditions in a large integrated health care delivery system (76% response rate). Internet access, portal use for secure messaging, preference for in-person or online care, and sociodemographic and health characteristics. Internet access and preference mediated some of the differences in secure message use by age, race, and income. For example, using own computer to access the internet explained 52% of the association between race and secure message use and 60% of the association between income and use (Sobel-Goodman mediation test, Pdifferences in portal use remained statistically significant when controlling for internet access and preference. As the availability and use of patient portals increase, it is important to understand which patients have limited access and the barriers they may face. Improving internet access and making portals available across multiple platforms, including mobile, may reduce some disparities in secure message use.

Anonymous Web Browsing and Hosting

OpenAIRE

MANOJ KUMAR; ANUJ RANI

2013-01-01

In today’s high tech environment every organization, individual computer users use internet for accessing web data. To maintain high confidentiality and security of the data secure web solutions are required. In this paper we described dedicated anonymous web browsing solutions which makes our browsing faster and secure. Web application which play important role for transferring our secret information including like email need more and more security concerns. This paper also describes that ho...

The implementation of security for microBHT

CERN Document Server

Purvis, J

1997-01-01

With the construction of LHC and the funding of up to 80% of the new experiments (ATLAS and CMS) to come from outside CERN it is important that budget responsibles have secure and instantaneous access to view their financial data which is managed by CERN. MicroBHT (BHT)is a system specifically designed to cater for these requirements. MicroBHT provides for secure web-based access for Teams (and other budget holders) to view their financial data. The security mechanism for BHT which is detailed in this paper uses the standards adopted by banks and other institutions who use the web with maximum security and confidentialy of for both their data and their customers.

A Technique to Speedup Access to Web Contents

Indian Academy of Sciences (India)

Home; Journals; Resonance – Journal of Science Education; Volume 7; Issue 7. Web Caching - A Technique to Speedup Access to Web Contents. Harsha Srinath Shiva Shankar Ramanna. General Article Volume 7 Issue 7 July 2002 pp 54-62 ... Keywords. World wide web; data caching; internet traffic; web page access.

Accessing the SEED genome databases via Web services API: tools for programmers.

Science.gov (United States)

Disz, Terry; Akhter, Sajia; Cuevas, Daniel; Olson, Robert; Overbeek, Ross; Vonstein, Veronika; Stevens, Rick; Edwards, Robert A

2010-06-14

The SEED integrates many publicly available genome sequences into a single resource. The database contains accurate and up-to-date annotations based on the subsystems concept that leverages clustering between genomes and other clues to accurately and efficiently annotate microbial genomes. The backend is used as the foundation for many genome annotation tools, such as the Rapid Annotation using Subsystems Technology (RAST) server for whole genome annotation, the metagenomics RAST server for random community genome annotations, and the annotation clearinghouse for exchanging annotations from different resources. In addition to a web user interface, the SEED also provides Web services based API for programmatic access to the data in the SEED, allowing the development of third-party tools and mash-ups. The currently exposed Web services encompass over forty different methods for accessing data related to microbial genome annotations. The Web services provide comprehensive access to the database back end, allowing any programmer access to the most consistent and accurate genome annotations available. The Web services are deployed using a platform independent service-oriented approach that allows the user to choose the most suitable programming platform for their application. Example code demonstrate that Web services can be used to access the SEED using common bioinformatics programming languages such as Perl, Python, and Java. We present a novel approach to access the SEED database. Using Web services, a robust API for access to genomics data is provided, without requiring large volume downloads all at once. The API ensures timely access to the most current datasets available, including the new genomes as soon as they come online.

GROUPING WEB ACCESS SEQUENCES uSING SEQUENCE ALIGNMENT METHOD

OpenAIRE

BHUPENDRA S CHORDIA; KRISHNAKANT P ADHIYA

2011-01-01

In web usage mining grouping of web access sequences can be used to determine the behavior or intent of a set of users. Grouping websessions is how to measure the similarity between web sessions. There are many shortcomings in traditional measurement methods. The taskof grouping web sessions based on similarity and consists of maximizing the intra-group similarity while minimizing the inter-groupsimilarity is done using sequence alignment method. This paper introduces a new method to group we...

Access control, security, and trust a logical approach

CERN Document Server

Chin, Shiu-Kai

2010-01-01

Access Control, Security, Trust, and Logic Deconstructing Access Control Decisions A Logical Approach to Access Control PRELIMINARIES A Language for Access ControlSets and Relations Syntax SemanticsReasoning about Access Control Logical RulesFormal Proofs and Theorems Soundness of Logical RulesBasic Concepts Reference Monitors Access Control Mechanisms: Tickets and Lists Authentication Security PoliciesConfidentiality, Integrity, and Availability Discretionary Security Policies Mandatory Security Policies Military Security Policies Commercial PoliciesDISTRIBUTED ACCESS CONTROL Digital Authenti

Enc-DNS-HTTP: Utilising DNS Infrastructure to Secure Web Browsing

Directory of Open Access Journals (Sweden)

Mohammed Abdulridha Hussain

2017-01-01

Full Text Available Online information security is a major concern for both users and companies, since data transferred via the Internet is becoming increasingly sensitive. The World Wide Web uses Hypertext Transfer Protocol (HTTP to transfer information and Secure Sockets Layer (SSL to secure the connection between clients and servers. However, Hypertext Transfer Protocol Secure (HTTPS is vulnerable to attacks that threaten the privacy of information sent between clients and servers. In this paper, we propose Enc-DNS-HTTP for securing client requests, protecting server responses, and withstanding HTTPS attacks. Enc-DNS-HTTP is based on the distribution of a web server public key, which is transferred via a secure communication between client and a Domain Name System (DNS server. This key is used to encrypt client-server communication. The scheme is implemented in the C programming language and tested on a Linux platform. In comparison with Apache HTTPS, this scheme is shown to have more effective resistance to attacks and improved performance since it does not involve a high number of time-consuming operations.

AN AUTOMATIC AND METHODOLOGICAL APPROACH FOR ACCESSIBLE WEB APPLICATIONS

Directory of Open Access Journals (Sweden)

Lourdes Moreno

2007-06-01

Full Text Available Semantic Web approaches try to get the interoperability and communication among technologies and organizations. Nevertheless, sometimes it is forgotten that the Web must be useful for every user, consequently it is necessary to include tools and techniques doing Semantic Web be accessible. Accessibility and usability are two usually joined concepts widely used in web application development, however their meaning are different. Usability means the way to make easy the use but accessibility is referred to the access possibility. For the first one, there are many well proved approaches in real cases. However, accessibility field requires a deeper research that will make feasible the access to disable people and also the access to novel non-disable people due to the cost to automate and maintain accessible applications. In this paper, we propose one architecture to achieve the accessibility in web-environments dealing with the WAI accessibility standard and the Universal Design paradigm. This architecture tries to control the accessibility in web applications development life-cycle following a methodology starting from a semantic conceptual model and leans on description languages and controlled vocabularies.

Use of WebDAV to Support a Virtual File System in a Coalition Environment

National Research Council Canada - National Science Library

Bradney, Jeremiah A

2006-01-01

.... By enabling the use of WebDAV in MYSEA, this thesis provides a means for fulfilling the above requirement for secure remote access by creating a virtual web-based file system accessible from the MYSEA MLS network...

Delivering Electronic Resources with Web OPACs and Other Web-based Tools: Needs of Reference Librarians.

Science.gov (United States)

Bordeianu, Sever; Carter, Christina E.; Dennis, Nancy K.

2000-01-01

Describes Web-based online public access catalogs (Web OPACs) and other Web-based tools as gateway methods for providing access to library collections. Addresses solutions for overcoming barriers to information, such as through the implementation of proxy servers and other authentication tools for remote users. (Contains 18 references.)…

Computer Security Systems Enable Access.

Science.gov (United States)

Riggen, Gary

1989-01-01

A good security system enables access and protects information from damage or tampering, but the most important aspects of a security system aren't technical. A security procedures manual addresses the human element of computer security. (MLW)

A Secure Web Application Providing Public Access to High-Performance Data Intensive Scientific Resources - ScalaBLAST Web Application

International Nuclear Information System (INIS)

Curtis, Darren S.; Peterson, Elena S.; Oehmen, Chris S.

2008-01-01

This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroic effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster

Are personal health records safe? A review of free web-accessible personal health record privacy policies.

Science.gov (United States)

Carrión Señor, Inmaculada; Fernández-Alemán, José Luis; Toval, Ambrosio

2012-08-23

Several obstacles prevent the adoption and use of personal health record (PHR) systems, including users' concerns regarding the privacy and security of their personal health information. To analyze the privacy and security characteristics of PHR privacy policies. It is hoped that identification of the strengths and weaknesses of the PHR systems will be useful for PHR users, health care professionals, decision makers, and designers. We conducted a systematic review using the principal databases related to health and computer science to discover the Web-based and free PHR systems mentioned in published articles. The privacy policy of each PHR system selected was reviewed to extract its main privacy and security characteristics. The search of databases and the myPHR website provided a total of 52 PHR systems, of which 24 met our inclusion criteria. Of these, 17 (71%) allowed users to manage their data and to control access to their health care information. Only 9 (38%) PHR systems permitted users to check who had accessed their data. The majority of PHR systems used information related to the users' accesses to monitor and analyze system use, 12 (50%) of them aggregated user information to publish trends, and 20 (83%) used diverse types of security measures. Finally, 15 (63%) PHR systems were based on regulations or principles such as the US Health Insurance Portability and Accountability Act (HIPAA) and the Health on the Net Foundation Code of Conduct (HONcode). Most privacy policies of PHR systems do not provide an in-depth description of the security measures that they use. Moreover, compliance with standards and regulations in PHR systems is still low.

Web-Services Development in Secure Way for Highload Systems

Directory of Open Access Journals (Sweden)

V. M. Nichiporchouk

2011-12-01

Full Text Available This paper describes approach to design of web-services in secure, high load and fault tolerant implementation for mass message processing. The multicomponent architecture of web-service with possibility for high security zone is provided as well as scalability evaluation of the architecture.

RxPATROL: a Web-based tool for combating pharmacy theft.

Science.gov (United States)

Smith, Meredith Y; Graham, J Aaron; Haddox, J David; Steffey, Amy

2009-01-01

To report the incidence of pharmacy-related burglaries and robberies and characteristics of pharmacies where such crimes have occurred using recent data from Rx Pattern Analysis Tracking Robberies & Other Losses (RxPATROL), a national Web-based information clearinghouse on pharmacy-related theft of prescription medications and over-the-counter products. Descriptive, nonexperimental study. United States between 2005 and 2006. Not applicable. Not applicable. Number of pharmacy theft reports received; incident type, date, and location; point of entry; and pharmacy security features. Between 2005 and 2006, 202 pharmacy burglary and 299 pharmacy robbery reports from 45 different states were filed with RxPATROL. More than 70% of pharmacies reporting such crimes lacked a security camera. Among those reporting a burglary, 60% lacked dead bolt locks, a solid exterior door, a motion detector device, or a safe or vault for storage of controlled substances. Burglars most often obtained access to the pharmacy via the front door. RxPATROL is a Web-based tool that can assist pharmacies and law enforcement in collaborating more effectively to combat and prevent pharmacy-related crimes.

reCAPTCHA: human-based character recognition via Web security measures.

Science.gov (United States)

von Ahn, Luis; Maurer, Benjamin; McMillen, Colin; Abraham, David; Blum, Manuel

2008-09-12

CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are widespread security measures on the World Wide Web that prevent automated programs from abusing online services. They do so by asking humans to perform a task that computers cannot yet perform, such as deciphering distorted characters. Our research explored whether such human effort can be channeled into a useful purpose: helping to digitize old printed material by asking users to decipher scanned words from books that computerized optical character recognition failed to recognize. We showed that this method can transcribe text with a word accuracy exceeding 99%, matching the guarantee of professional human transcribers. Our apparatus is deployed in more than 40,000 Web sites and has transcribed over 440 million words.

Supporting the Construction of Workflows for Biodiversity Problem-Solving Accessing Secure, Distributed Resources

Directory of Open Access Journals (Sweden)

J.S. Pahwa

2006-01-01

Full Text Available In the Biodiversity World (BDW project we have created a flexible and extensible Web Services-based Grid environment for biodiversity researchers to solve problems in biodiversity and analyse biodiversity patterns. In this environment, heterogeneous and globally distributed biodiversity-related resources such as data sets and analytical tools are made available to be accessed and assembled by users into workflows to perform complex scientific experiments. One such experiment is bioclimatic modelling of the geographical distribution of individual species using climate variables in order to explain past and future climate-related changes in species distribution. Data sources and analytical tools required for such analysis of species distribution are widely dispersed, available on heterogeneous platforms, present data in different formats and lack inherent interoperability. The present BDW system brings all these disparate units together so that the user can combine tools with little thought as to their original availability, data formats and interoperability. The new prototype BDW system architecture not only brings together heterogeneous resources but also enables utilisation of computational resources and provides a secure access to BDW resources via a federated security model. We describe features of the new BDW system and its security model which enable user authentication from a workflow application as part of workflow execution.

The new ALICE DQM client: a web access to ROOT-based objects

International Nuclear Information System (INIS)

Von Haller, B; Carena, F; Carena, W; Chapeland, S; Barroso, V Chibante; Costa, F; Delort, C; Diviá, R.; Fuchs, U; Niedziela, J; Simonetti, G; Soós, C; Telesca, A; Vyvre, P Vande; Wegrzynek, A; Dénes, E

2015-01-01

A Large Ion Collider Experiment (ALICE) is the heavy-ion detector designed to study the physics of strongly interacting matter and the quark-gluon plasma at the CERN Large Hadron Collider (LHC). The online Data Quality Monitoring (DQM) plays an essential role in the experiment operation by providing shifters with immediate feedback on the data being recorded in order to quickly identify and overcome problems.An immediate access to the DQM results is needed not only by shifters in the control room but also by detector experts worldwide. As a consequence, a new web application has been developed to dynamically display and manipulate the ROOT-based objects produced by the DQM system in a flexible and user friendly interface.The architecture and design of the tool, its main features and the technologies that were used, both on the server and the client side, are described. In particular, we detail how we took advantage of the most recent ROOT JavaScript I/O and web server library to give interactive access to ROOT objects stored in a database. We describe as well the use of modern web techniques and packages such as AJAX, DHTMLX and jQuery, which has been instrumental in the successful implementation of a reactive and efficient application.We finally present the resulting application and how code quality was ensured. We conclude with a roadmap for future technical and functional developments. (paper)

Influence of Internet Accessibility and Demographic factors on utilization of Web-based Health Information Resources by Resident Doctors in Nigeria.

Science.gov (United States)

Ajuwon, G A; Popoola, S O

2014-09-01

The internet is a huge library with avalanche of information resources including healthcare information. There are numerous studies on use of electronic resources by healthcare providers including medical practitioners however, there is a dearth of information on the patterns of use of web-based health information resource by resident doctors in Nigeria. This study therefore investigates the influence of internet accessibility and demographic factors on utilization of web-based health information resources by resident doctors in tertiary healthcare institutions in Nigeria. Descriptive survey design was adopted for this study. The population of study consisted of medical doctors undergoing residency training in 13 tertiary healthcare institutions in South-West Nigeria. The tertiary healthcare institutions were Federal Medical Centres, University Teaching Hospitals and Specialist Hospitals (Neuropsychiatric and Orthopaedic). A pre-tested, self-administered questionnaire was used for data collection. The Statistical Package for the Social Sciences (SPSS) was used for data analysis. Data were analyzed using descriptive statistics, Pearson Product Moment correlation and multiple regression analysis. The mean age of the respondents was 34 years and males were in the majority (69.0%). A total of 96.1% respondents had access to the Internet. E-mail (X̄=5.40, SD=0.91), Google (X̄=5.26, SD=1.38), Yahoo (X̄=5.15, SD=4.44) were used weekly by the respondents. Preparation for Seminar/Grand Round presentation (X̄=8.4, SD=1.92), research (X̄=7.8, SD=2.70) and communication (X̄=7.6, SD=2.60) were ranked high as purposes for use of web-based information resources. There is a strong, positive and significant relationship between internet accessibility and utilization of web-based health information resources (r=0.628, pdesignation (B=-0.343) educational qualification (B=2.411) significantly influence utilization of web-based health information resources of the respondents. A

Implementing a low-cost web-based clinical trial management system for community studies: a case study.

Science.gov (United States)

Geyer, John; Myers, Kathleen; Vander Stoep, Ann; McCarty, Carolyn; Palmer, Nancy; DeSalvo, Amy

2011-10-01

Clinical trials with multiple intervention locations and a single research coordinating center can be logistically difficult to implement. Increasingly, web-based systems are used to provide clinical trial support with many commercial, open source, and proprietary systems in use. New web-based tools are available which can be customized without programming expertise to deliver web-based clinical trial management and data collection functions. To demonstrate the feasibility of utilizing low-cost configurable applications to create a customized web-based data collection and study management system for a five intervention site randomized clinical trial establishing the efficacy of providing evidence-based treatment via teleconferencing to children with attention-deficit hyperactivity disorder. The sites are small communities that would not usually be included in traditional randomized trials. A major goal was to develop database that participants could access from computers in their home communities for direct data entry. Discussed is the selection process leading to the identification and utilization of a cost-effective and user-friendly set of tools capable of customization for data collection and study management tasks. An online assessment collection application, template-based web portal creation application, and web-accessible Access 2007 database were selected and customized to provide the following features: schedule appointments, administer and monitor online secure assessments, issue subject incentives, and securely transmit electronic documents between sites. Each tool was configured by users with limited programming expertise. As of June 2011, the system has successfully been used with 125 participants in 5 communities, who have completed 536 sets of assessment questionnaires, 8 community therapists, and 11 research staff at the research coordinating center. Total automation of processes is not possible with the current set of tools as each is loosely

Working with WebQuests: Making the Web Accessible to Students with Disabilities.

Science.gov (United States)

Kelly, Rebecca

2000-01-01

This article describes how students with disabilities in regular classes are using the WebQuest lesson format to access the Internet. It explains essential WebQuest principles, creating a draft Web page, and WebQuest components. It offers an example of a WebQuest about salvaging the sunken ships, Titanic and Lusitania. A WebQuest planning form is…

Checklist of accessibility in Web informational environments

Directory of Open Access Journals (Sweden)

Christiane Gomes dos Santos

2017-01-01

Full Text Available This research deals with the process of search, navigation and retrieval of information by the person with blindness in web environment, focusing on knowledge of the areas of information recovery and architecture, to understanding the strategies used by these people to access the information on the web. It aims to propose the construction of an accessibility verification instrument, checklist, to be used to analyze the behavior of people with blindness in search actions, navigation and recovery sites and pages. It a research exploratory and descriptive of qualitative nature, with the research methodology, case study - the research to establish a specific study with the simulation of search, navigation and information retrieval using speech synthesis system, NonVisual Desktop Access, in assistive technologies laboratory, to substantiate the construction of the checklist for accessibility verification. It is considered the reliability of performed research and its importance for the evaluation of accessibility in web environment to improve the access of information for people with limited reading in order to be used on websites and pages accessibility check analysis.

Building Accessible Educational Web Sites: The Law, Standards, Guidelines, Tools, and Lessons Learned

Science.gov (United States)

Liu, Ye; Palmer, Bart; Recker, Mimi

2004-01-01

Professional education is increasingly facing accessibility challenges with the emergence of webbased learning. This paper summarizes related U.S. legislation, standards, guidelines, and validation tools to make web-based learning accessible for all potential learners. We also present lessons learned during the implementation of web accessibility…

Enabling web users and developers to script accessibility with Accessmonkey.

Science.gov (United States)

Bigham, Jeffrey P; Brudvik, Jeremy T; Leung, Jessica O; Ladner, Richard E

2009-07-01

Efficient web access remains elusive for blind computer users. Previous efforts to improve web accessibility have focused on developer awareness, automated improvement, and legislation, but these approaches have left remaining concerns. First, while many tools can help produce accessible content, most are difficult to integrate into existing developer workflows and rarely offer specific suggestions that developers can implement. Second, tools that automatically improve web content for users generally solve specific problems and are difficult to combine and use on a diversity of existing assistive technology. Finally, although blind web users have proven adept at overcoming the shortcomings of the web and existing tools, they have been only marginally involved in improving the accessibility of their own web experience. In a step toward addressing these concerns, we have developed Accessmonkey, a common scripting framework that web users, web developers and web researchers can use to collaboratively improve accessibility. This framework advances the idea that Javascript and dynamic web content can be used to improve inaccessible content instead of being a cause of it. Using Accessmonkey, web users and developers on different platforms and with potentially different goals can collaboratively make the web more accessible. In this article, we first present the design of the Accessmonkey framework and offer several example scripts that demonstrate the utility of our approach. We conclude by discussing possible future extensions that will provide easy access to scripts as users browse the web and enable non-technical blind users to independently create and share improvements.

WebCN: A web-based computation tool for in situ-produced cosmogenic nuclides

Energy Technology Data Exchange (ETDEWEB)

Ma Xiuzeng [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States)]. E-mail: hongju@purdue.edu; Li Yingkui [Department of Geography, University of Missouri-Columbia, Columbia, MO 65211 (United States); Bourgeois, Mike [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States); Caffee, Marc [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States); Elmore, David [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States); Granger, Darryl [Department of Earth and Atmospheric Sciences, Purdue University, West Lafayette, IN 47907 (United States); Muzikar, Paul [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States); Smith, Preston [Department of Physics, Purdue University, West Lafayette, IN 47907 (United States)

2007-06-15

Cosmogenic nuclide techniques are increasingly being utilized in geoscience research. For this it is critical to establish an effective, easily accessible and well defined tool for cosmogenic nuclide computations. We have been developing a web-based tool (WebCN) to calculate surface exposure ages and erosion rates based on the nuclide concentrations measured by the accelerator mass spectrometry. WebCN for {sup 10}Be and {sup 26}Al has been finished and published at http://www.physics.purdue.edu/primelab/for{sub u}sers/rockage.html. WebCN for {sup 36}Cl is under construction. WebCN is designed as a three-tier client/server model and uses the open source PostgreSQL for the database management and PHP for the interface design and calculations. On the client side, an internet browser and Microsoft Access are used as application interfaces to access the system. Open Database Connectivity is used to link PostgreSQL and Microsoft Access. WebCN accounts for both spatial and temporal distributions of the cosmic ray flux to calculate the production rates of in situ-produced cosmogenic nuclides at the Earth's surface.

The experiences of working carers of older people regarding access to a web-based family care support network offered by a municipality.

Science.gov (United States)

Andersson, Stefan; Erlingsson, Christen; Magnusson, Lennart; Hanson, Elizabeth

2017-09-01

Policy makers in Sweden and other European Member States pay increasing attention as to how best support working carers; carers juggling providing unpaid family care for older family members while performing paid work. Exploring perceived benefits and challenges with web-based information and communication technologies as a means of supporting working carers' in their caregiving role, this paper draws on findings from a qualitative study. The study aimed to describe working carers' experiences of having access to the web-based family care support network 'A good place' (AGP) provided by the municipality to support those caring for an older family member. Content analysis of interviews with nine working carers revealed three themes: A support hub, connections to peers, personnel and knowledge; Experiencing ICT support as relevant in changing life circumstances; and Upholding one's personal firewall. Findings indicate that the web-based family care support network AGP is an accessible, complementary means of support. Utilising support while balancing caregiving, work obligations and responsibilities was made easier with access to AGP; enabling working carers to access information, psychosocial support and learning opportunities. In particular, it provided channels for carers to share experiences with others, to be informed, and to gain insights into medical and care issues. This reinforced working carers' sense of competence, helping them meet caregiving demands and see positive aspects in their situation. Carers' low levels of digital skills and anxieties about using computer-based support were barriers to utilising web-based support and could lead to deprioritising of this support. However, to help carers overcome these barriers and to better match web-based support to working carers' preferences and situations, web-based support must be introduced in a timely manner and must more accurately meet each working carer's unique caregiving needs. © 2016 Nordic College

Secure grid-based computing with social-network based trust management in the semantic web

Czech Academy of Sciences Publication Activity Database

Špánek, Roman; Tůma, Miroslav

2006-01-01

Roč. 16, č. 6 (2006), s. 475-488 ISSN 1210-0552 R&D Projects: GA AV ČR 1ET100300419; GA MŠk 1M0554 Institutional research plan: CEZ:AV0Z10300504 Keywords : semantic web * grid computing * trust management * reconfigurable networks * security * hypergraph model * hypergraph algorithms Subject RIV: IN - Informatics, Computer Science

A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure

Institute of Scientific and Technical Information of China (English)

ZHANG Shaomin; WANG Baoyi; ZHOU Lihua

2006-01-01

PMI(privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC(Role-based Access Control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is described in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also.

Image-based electronic patient records for secured collaborative medical applications.

Science.gov (United States)

Zhang, Jianguo; Sun, Jianyong; Yang, Yuanyuan; Liang, Chenwen; Yao, Yihong; Cai, Weihua; Jin, Jin; Zhang, Guozhen; Sun, Kun

2005-01-01

We developed a Web-based system to interactively display image-based electronic patient records (EPR) for secured intranet and Internet collaborative medical applications. The system consists of four major components: EPR DICOM gateway (EPR-GW), Image-based EPR repository server (EPR-Server), Web Server and EPR DICOM viewer (EPR-Viewer). In the EPR-GW and EPR-Viewer, the security modules of Digital Signature and Authentication are integrated to perform the security processing on the EPR data with integrity and authenticity. The privacy of EPR in data communication and exchanging is provided by SSL/TLS-based secure communication. This presentation gave a new approach to create and manage image-based EPR from actual patient records, and also presented a way to use Web technology and DICOM standard to build an open architecture for collaborative medical applications.

Accessibility and content of individualized adult reconstructive hip and knee/musculoskeletal oncology fellowship web sites.

Science.gov (United States)

Young, Bradley L; Cantrell, Colin K; Patt, Joshua C; Ponce, Brent A

2018-06-01

Accessible, adequate online information is important to fellowship applicants. Program web sites can affect which programs applicants apply to, subsequently altering interview costs incurred by both parties and ultimately impacting rank lists. Web site analyses have been performed for all orthopaedic subspecialties other than those involved in the combined adult reconstruction and musculoskeletal (MSK) oncology fellowship match. A complete list of active programs was obtained from the official adult reconstruction and MSK oncology society web sites. Web site accessibility was assessed using a structured Google search. Accessible web sites were evaluated based on 21 previously reported content criteria. Seventy-four adult reconstruction programs and 11 MSK oncology programs were listed on the official society web sites. Web sites were identified and accessible for 58 (78%) adult reconstruction and 9 (82%) MSK oncology fellowship programs. No web site contained all content criteria and more than half of both adult reconstruction and MSK oncology web sites failed to include 12 of the 21 criteria. Several programs participating in the combined Adult Reconstructive Hip and Knee/Musculoskeletal Oncology Fellowship Match did not have accessible web sites. Of the web sites that were accessible, none contained comprehensive information and the majority lacked information that has been previously identified as being important to perspective applicants.

Prototype and Evaluation of AutoHelp: A Case-based, Web-accessible Help Desk System for EOSDIS

Science.gov (United States)

Mitchell, Christine M.; Thurman, David A.

1999-01-01

AutoHelp is a case-based, Web-accessible help desk for users of the EOSDIS. Its uses a combination of advanced computer and Web technologies, knowledge-based systems tools, and cognitive engineering to offload the current, person-intensive, help desk facilities at the DAACs. As a case-based system, AutoHelp starts with an organized database of previous help requests (questions and answers) indexed by a hierarchical category structure that facilitates recognition by persons seeking assistance. As an initial proof-of-concept demonstration, a month of email help requests to the Goddard DAAC were analyzed and partially organized into help request cases. These cases were then categorized to create a preliminary case indexing system, or category structure. This category structure allows potential users to identify or recognize categories of questions, responses, and sample cases similar to their needs. Year one of this research project focused on the development of a technology demonstration. User assistance 'cases' are stored in an Oracle database in a combination of tables linking prototypical questions with responses and detailed examples from the email help requests analyzed to date. When a potential user accesses the AutoHelp system, a Web server provides a Java applet that displays the category structure of the help case base organized by the needs of previous users. When the user identifies or requests a particular type of assistance, the applet uses Java database connectivity (JDBC) software to access the database and extract the relevant cases. The demonstration will include an on-line presentation of how AutoHelp is currently structured. We will show how a user might request assistance via the Web interface and how the AutoHelp case base provides assistance. The presentation will describe the DAAC data collection, case definition, and organization to date, as well as the AutoHelp architecture. It will conclude with the year 2 proposal to more fully develop the

A security architecture for interconnecting health information systems.

Science.gov (United States)

Gritzalis, Dimitris; Lambrinoudakis, Costas

2004-03-31

Several hereditary and other chronic diseases necessitate continuous and complicated health care procedures, typically offered in different, often distant, health care units. Inevitably, the medical records of patients suffering from such diseases become complex, grow in size very fast and are scattered all over the units involved in the care process, hindering communication of information between health care professionals. Web-based electronic medical records have been recently proposed as the solution to the above problem, facilitating the interconnection of the health care units in the sense that health care professionals can now access the complete medical record of the patient, even if it is distributed in several remote units. However, by allowing users to access information from virtually anywhere, the universe of ineligible people who may attempt to harm the system is dramatically expanded, thus severely complicating the design and implementation of a secure environment. This paper presents a security architecture that has been mainly designed for providing authentication and authorization services in web-based distributed systems. The architecture has been based on a role-based access scheme and on the implementation of an intelligent security agent per site (i.e. health care unit). This intelligent security agent: (a). authenticates the users, local or remote, that can access the local resources; (b). assigns, through temporary certificates, access privileges to the authenticated users in accordance to their role; and (c). communicates to other sites (through the respective security agents) information about the local users that may need to access information stored in other sites, as well as about local resources that can be accessed remotely.

Designing A General Deep Web Access Approach Based On A Newly Introduced Factor; Harvestability Factor (HF)

NARCIS (Netherlands)

Khelghati, Mohammadreza; van Keulen, Maurice; Hiemstra, Djoerd

2014-01-01

The growing need of accessing more and more information draws attentions to huge amount of data hidden behind web forms defined as deep web. To make this data accessible, harvesters have a crucial role. Targeting different domains and websites enhances the need to have a general-purpose harvester

An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service

Institute of Scientific and Technical Information of China (English)

Nyamsuren Vaanchig; Wei Chen; Zhi-Guang Qin

2017-01-01

Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution for this challenge. It gives the data owner (DO) direct control on access policy and enforces the access policy cryptographically. However, the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semi-trusted cloud service provider (CSP) that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attribute-revocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service.

Ocean Drilling Program: Web Site Access Statistics

Science.gov (United States)

web site ODP/TAMU Science Operator Home Ocean Drilling Program Web Site Access Statistics* Overview See statistics for JOIDES members. See statistics for Janus database. 1997 October November December

Secure Service Proxy: A CoAP(s) Intermediary for a Securer and Smarter Web of Things.

Science.gov (United States)

Van den Abeele, Floris; Moerman, Ingrid; Demeester, Piet; Hoebeke, Jeroen

2017-07-11

As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP): a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things.

Secure Service Proxy: A CoAP(s Intermediary for a Securer and Smarter Web of Things

Directory of Open Access Journals (Sweden)

Floris Van den Abeele

2017-07-01

Full Text Available As the IoT continues to grow over the coming years, resource-constrained devices and networks will see an increase in traffic as everything is connected in an open Web of Things. The performance- and function-enhancing features are difficult to provide in resource-constrained environments, but will gain importance if the WoT is to be scaled up successfully. For example, scalable open standards-based authentication and authorization will be important to manage access to the limited resources of constrained devices and networks. Additionally, features such as caching and virtualization may help further reduce the load on these constrained systems. This work presents the Secure Service Proxy (SSP: a constrained-network edge proxy with the goal of improving the performance and functionality of constrained RESTful environments. Our evaluations show that the proposed design reaches its goal by reducing the load on constrained devices while implementing a wide range of features as different adapters. Specifically, the results show that the SSP leads to significant savings in processing, network traffic, network delay and packet loss rates for constrained devices. As a result, the SSP helps to guarantee the proper operation of constrained networks as these networks form an ever-expanding Web of Things.

Secure Data Access Control for Fog Computing Based on Multi-Authority Attribute-Based Signcryption with Computation Outsourcing and Attribute Revocation.

Science.gov (United States)

Xu, Qian; Tan, Chengxiang; Fan, Zhijie; Zhu, Wenye; Xiao, Ya; Cheng, Fujia

2018-05-17

Nowadays, fog computing provides computation, storage, and application services to end users in the Internet of Things. One of the major concerns in fog computing systems is how fine-grained access control can be imposed. As a logical combination of attribute-based encryption and attribute-based signature, Attribute-based Signcryption (ABSC) can provide confidentiality and anonymous authentication for sensitive data and is more efficient than traditional "encrypt-then-sign" or "sign-then-encrypt" strategy. Thus, ABSC is suitable for fine-grained access control in a semi-trusted cloud environment and is gaining more and more attention recently. However, in many existing ABSC systems, the computation cost required for the end users in signcryption and designcryption is linear with the complexity of signing and encryption access policy. Moreover, only a single authority that is responsible for attribute management and key generation exists in the previous proposed ABSC schemes, whereas in reality, mostly, different authorities monitor different attributes of the user. In this paper, we propose OMDAC-ABSC, a novel data access control scheme based on Ciphertext-Policy ABSC, to provide data confidentiality, fine-grained control, and anonymous authentication in a multi-authority fog computing system. The signcryption and designcryption overhead for the user is significantly reduced by outsourcing the undesirable computation operations to fog nodes. The proposed scheme is proven to be secure in the standard model and can provide attribute revocation and public verifiability. The security analysis, asymptotic complexity comparison, and implementation results indicate that our construction can balance the security goals with practical efficiency in computation.

SWS: accessing SRS sites contents through Web Services.

Science.gov (United States)

Romano, Paolo; Marra, Domenico

2008-03-26

Web Services and Workflow Management Systems can support creation and deployment of network systems, able to automate data analysis and retrieval processes in biomedical research. Web Services have been implemented at bioinformatics centres and workflow systems have been proposed for biological data analysis. New databanks are often developed by taking into account these technologies, but many existing databases do not allow a programmatic access. Only a fraction of available databanks can thus be queried through programmatic interfaces. SRS is a well know indexing and search engine for biomedical databanks offering public access to many databanks and analysis tools. Unfortunately, these data are not easily and efficiently accessible through Web Services. We have developed 'SRS by WS' (SWS), a tool that makes information available in SRS sites accessible through Web Services. Information on known sites is maintained in a database, srsdb. SWS consists in a suite of WS that can query both srsdb, for information on sites and databases, and SRS sites. SWS returns results in a text-only format and can be accessed through a WSDL compliant client. SWS enables interoperability between workflow systems and SRS implementations, by also managing access to alternative sites, in order to cope with network and maintenance problems, and selecting the most up-to-date among available systems. Development and implementation of Web Services, allowing to make a programmatic access to an exhaustive set of biomedical databases can significantly improve automation of in-silico analysis. SWS supports this activity by making biological databanks that are managed in public SRS sites available through a programmatic interface.

Asset Identification for Security Risk Assessment in Web Applications

OpenAIRE

Hisham M. Haddad; Brunil D. Romero

2009-01-01

As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in sec...

Human engineering considerations in designing a computerized controlled access security system

International Nuclear Information System (INIS)

Moore, J.W.; Banks, W.W.

1988-01-01

This paper describes a human engineering effort in the design of a major security system upgrade at Lawrence Livermore National Laboratory. This upgrade was to be accomplished by replacing obsolete and difficult-to-man (i.e., multiple operator task actions required) security equipment and systems with a new, automated, computer-based access control system. The initial task was to assist the electronic and mechanical engineering staff in designing a computerized security access system too functionally and ergonomically accommodate 100% of the Laboratory user population. The new computerized access system was intended to control entry into sensitive exclusion areas by requiring personnel to use an entry booth-based system and/or a remote access control panel system. The primary user interface with the system was through a control panel containing a magnetic card reader, function buttons, LCD display, and push-button keypad

Towards an Approach of Semantic Access Control for Cloud Computing

Science.gov (United States)

Hu, Luokai; Ying, Shi; Jia, Xiangyang; Zhao, Kai

With the development of cloud computing, the mutual understandability among distributed Access Control Policies (ACPs) has become an important issue in the security field of cloud computing. Semantic Web technology provides the solution to semantic interoperability of heterogeneous applications. In this paper, we analysis existing access control methods and present a new Semantic Access Control Policy Language (SACPL) for describing ACPs in cloud computing environment. Access Control Oriented Ontology System (ACOOS) is designed as the semantic basis of SACPL. Ontology-based SACPL language can effectively solve the interoperability issue of distributed ACPs. This study enriches the research that the semantic web technology is applied in the field of security, and provides a new way of thinking of access control in cloud computing.

A Flexible Component based Access Control Architecture for OPeNDAP Services

Science.gov (United States)

Kershaw, Philip; Ananthakrishnan, Rachana; Cinquini, Luca; Lawrence, Bryan; Pascoe, Stephen; Siebenlist, Frank

2010-05-01

. These components filter requests to the service they protect and apply the required authentication and authorisation schemes. Filters have been developed for OpenID and SSL client based authentication. The latter enabling access with MyProxy issued credentials. By preserving a clear separation between the security and application functionality, multiple authentication technologies may be supported without the need for modification to the underlying OPeNDAP application. The software has been developed in the Python programming language securing the Python based OPeNDAP implementation, PyDAP. This utilises the Python WSGI (Web Server Gateway Interface) specification to create distinct security filter components. Work is also currently underway to develop a parallel Java based filter implementation to secure the THREDDS Data Server. Whilst the ability to apply this flexible approach to the server side security layer is important, the development of compatible client software is vital to the take up of these services across a wide user base. To date PyDAP and wget based clients have been tested and work is planned to integrate the required security interface into the netCDF API. This forms part of ongoing collaboration with the OPeNDAP user and development community to ensure interoperability.

Web based emergency room PACS

International Nuclear Information System (INIS)

Cha, Soon Joo; Cheon, Yong Kyung; Choi, Sung Woo Kim

2005-01-01

We wished to develop the web based Picture Archiving and Communication System in the emergency room for early decision making in emergency treatment planning at a full PACS Hospital. The program tools were Microsoft Visual Studio 6.0 - Visual C++ 6.0, and the Microsoft SQL 7.0 under the Microsoft Windows 2000 server operation system. The achievement of images was performed by an auto transport program installed in the ER and the radiology department. The average compression rates were 5:1 for CT and MR, and 20:1 for CR with JPEG 2000 lossy compression. All the images were stored on hard disk for 3 months. The patients' information was displayed for 2 weeks for reducing the security risk. For interdepartmental consultation, patient query by patient hospital number was available. Our Web based ER PACS could be useful system for early decision making for treatment planning in the emergency room because it reduces the risk factors for the security of the Web Paces by using a system independent from PACS in the hospital and minimizing the information patients

Web based emergency room PACS

Energy Technology Data Exchange (ETDEWEB)

Cha, Soon Joo; Cheon, Yong Kyung; Choi, Sung Woo Kim [Ilsan Paik Hospital, Inje University, Seoul (Korea, Republic of)] (and others)

2005-07-15

We wished to develop the web based Picture Archiving and Communication System in the emergency room for early decision making in emergency treatment planning at a full PACS Hospital. The program tools were Microsoft Visual Studio 6.0 - Visual C++ 6.0, and the Microsoft SQL 7.0 under the Microsoft Windows 2000 server operation system. The achievement of images was performed by an auto transport program installed in the ER and the radiology department. The average compression rates were 5:1 for CT and MR, and 20:1 for CR with JPEG 2000 lossy compression. All the images were stored on hard disk for 3 months. The patients' information was displayed for 2 weeks for reducing the security risk. For interdepartmental consultation, patient query by patient hospital number was available. Our Web based ER PACS could be useful system for early decision making for treatment planning in the emergency room because it reduces the risk factors for the security of the Web Paces by using a system independent from PACS in the hospital and minimizing the information patients.

Toward Exposing Timing-Based Probing Attacks in Web Applications

Directory of Open Access Journals (Sweden)

Jian Mao

2017-02-01

Full Text Available Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

Toward Exposing Timing-Based Probing Attacks in Web Applications.

Science.gov (United States)

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-02-25

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users' browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach.

Security Testing in Agile Web Application Development - A Case Study Using the EAST Methodology

CERN Document Server

Erdogan, Gencer

2010-01-01

There is a need for improved security testing methodologies specialized for Web applications and their agile development environment. The number of web application vulnerabilities is drastically increasing, while security testing tends to be given a low priority. In this paper, we analyze and compare Agile Security Testing with two other common methodologies for Web application security testing, and then present an extension of this methodology. We present a case study showing how our Extended Agile Security Testing (EAST) performs compared to a more ad hoc approach used within an organization. Our working hypothesis is that the detection of vulnerabilities in Web applications will be significantly more efficient when using a structured security testing methodology specialized for Web applications, compared to existing ad hoc ways of performing security tests. Our results show a clear indication that our hypothesis is on the right track.

Performance Issues Related to Web Service Usage for Remote Data Access

International Nuclear Information System (INIS)

Pais, V. F.; Stancalie, V.; Mihailescu, F. A.; Totolici, M. C.

2008-01-01

Web services are starting to be widely used in applications for remotely accessing data. This is of special interest for research based on small and medium scale fusion devices, since scientists participating remotely to experiments are accessing large amounts of data over the Internet. Recent tests were conducted to see how the new network traffic, generated by the use of web services, can be integrated in the existing infrastructure and what would be the impact over existing applications, especially those used in a remote participation scenario

IT Security: Target: The Web

Science.gov (United States)

Waters, John K.

2009-01-01

In December, Microsoft announced a major security flaw affecting its Internet Explorer web browser. The flaw allowed hackers to use hidden computer code they had already injected into legitimate websites to steal the passwords of visitors to those sites. Reportedly, more than 10,000 websites were infected with the destructive code by the time…

Supporting Case-Based Learning in Information Security with Web-Based Technology

Science.gov (United States)

He, Wu; Yuan, Xiaohong; Yang, Li

2013-01-01

Case-based learning has been widely used in many disciplines. As an effective pedagogical method, case-based learning is also being used to support teaching and learning in the domain of information security. In this paper, we demonstrate case-based learning in information security by sharing our experiences in using a case study to teach security…

A Web Service for File-Level Access to Disk Images

Directory of Open Access Journals (Sweden)

Sunitha Misra

2014-07-01

Full Text Available Digital forensics tools have many potential applications in the curation of digital materials in libraries, archives and museums (LAMs. Open source digital forensics tools can help LAM professionals to extract digital contents from born-digital media and make more informed preservation decisions. Many of these tools have ways to display the metadata of the digital media, but few provide file-level access without having to mount the device or use complex command-line utilities. This paper describes a project to develop software that supports access to the contents of digital media without having to mount or download the entire image. The work examines two approaches in creating this tool: First, a graphical user interface running on a local machine. Second, a web-based application running in web browser. The project incorporates existing open source forensics tools and libraries including The Sleuth Kit and libewf along with the Flask web application framework and custom Python scripts to generate web pages supporting disk image browsing.

WebEase: Development of a Web-Based Epilepsy Self-Management Intervention

OpenAIRE

DiIorio, Colleen; Escoffery, Cam; Yeager, Katherine A.; Koganti, Archana; Reisinger, Elizabeth; Koganti, Archana; McCarty, Frances; Henry, Thomas R.; Robinson, Elise; Kobau, Rosemarie; Price, Patricia

2008-01-01

People with epilepsy must adopt many self-management behaviors, especially regarding medication adherence, stress management, and sleep quality. In response to the need for theory-based self-management programs that people with epilepsy can easily access, the WebEase Web site was created and tested for feasibility, acceptability, and usability. This article discusses the theoretical background and developmental phases of WebEase and lessons learned throughout the development process. The WebE...

Recent advancements on the development of web-based applications for the implementation of seismic analysis and surveillance systems

Science.gov (United States)

Friberg, P. A.; Luis, R. S.; Quintiliani, M.; Lisowski, S.; Hunter, S.

2014-12-01

Recently, a novel set of modules has been included in the Open Source Earthworm seismic data processing system, supporting the use of web applications. These include the Mole sub-system, for storing relevant event data in a MySQL database (see M. Quintiliani and S. Pintore, SRL, 2013), and an embedded webserver, Moleserv, for serving such data to web clients in QuakeML format. These modules have enabled, for the first time using Earthworm, the use of web applications for seismic data processing. These can greatly simplify the operation and maintenance of seismic data processing centers by having one or more servers providing the relevant data as well as the data processing applications themselves to client machines running arbitrary operating systems.Web applications with secure online web access allow operators to work anywhere, without the often cumbersome and bandwidth hungry use of secure shell or virtual private networks. Furthermore, web applications can seamlessly access third party data repositories to acquire additional information, such as maps. Finally, the usage of HTML email brought the possibility of specialized web applications, to be used in email clients. This is the case of EWHTMLEmail, which produces event notification emails that are in fact simple web applications for plotting relevant seismic data.Providing web services as part of Earthworm has enabled a number of other tools as well. One is ISTI's EZ Earthworm, a web based command and control system for an otherwise command line driven system; another is a waveform web service. The waveform web service serves Earthworm data to additional web clients for plotting, picking, and other web-based processing tools. The current Earthworm waveform web service hosts an advanced plotting capability for providing views of event-based waveforms from a Mole database served by Moleserve.The current trend towards the usage of cloud services supported by web applications is driving improvements in Java

A Formal Approach to Exploiting Multi-Stage Attacks based on File-System Vulnerabilities of Web Applications (Extended Version)

OpenAIRE

De Meo, Federico; Viganò, Luca

2017-01-01

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole application. Moreover, the analysis should take into consideration how file-system vulnerabilities might in- teract with other vulnerabilities leading an attacker to breach into the web application. In this paper, we first propose a classification of file-...

ARCAS (ACACIA Regional Climate-data Access System) -- a Web Access System for Climate Model Data Access, Visualization and Comparison

Science.gov (United States)

Hakkarinen, C.; Brown, D.; Callahan, J.; hankin, S.; de Koningh, M.; Middleton-Link, D.; Wigley, T.

2001-05-01

A Web-based access system to climate model output data sets for intercomparison and analysis has been produced, using the NOAA-PMEL developed Live Access Server software as host server and Ferret as the data serving and visualization engine. Called ARCAS ("ACACIA Regional Climate-data Access System"), and publicly accessible at http://dataserver.ucar.edu/arcas, the site currently serves climate model outputs from runs of the NCAR Climate System Model for the 21st century, for Business as Usual and Stabilization of Greenhouse Gas Emission scenarios. Users can select, download, and graphically display single variables or comparisons of two variables from either or both of the CSM model runs, averaged for monthly, seasonal, or annual time resolutions. The time length of the averaging period, and the geographical domain for download and display, are fully selectable by the user. A variety of arithmetic operations on the data variables can be computed "on-the-fly", as defined by the user. Expansions of the user-selectable options for defining analysis options, and for accessing other DOD-compatible ("Distributed Ocean Data System-compatible") data sets, residing at locations other than the NCAR hardware server on which ARCAS operates, are planned for this year. These expansions are designed to allow users quick and easy-to-operate web-based access to the largest possible selection of climate model output data sets available throughout the world.

Safe and Secure Services Based on NGN

Science.gov (United States)

Fukazawa, Tomoo; Nisase, Takemi; Kawashima, Masahisa; Hariu, Takeo; Oshima, Yoshihito

Next Generation Network (NGN), which has been undergoing standardization as it has developed, is expected to create new services that converge the fixed and mobile networks. This paper introduces the basic requirements for NGN in terms of security and explains the standardization activities, in particular, the requirements for the security function described in Y.2701 discussed in ITU-T SG-13. In addition to the basic NGN security function, requirements for NGN authentication are also described from three aspects: security, deployability, and service. As examples of authentication implementation, three profiles-namely, fixed, nomadic, and mobile-are defined in this paper. That is, the “fixed profile” is typically for fixed-line subscribers, the “nomadic profile” basically utilizes WiFi access points, and the “mobile profile” provides ideal NGN mobility for mobile subscribers. All three of these profiles satisfy the requirements from security aspects. The three profiles are compared from the viewpoint of requirements for deployability and service. After showing that none of the three profiles can fulfill all of the requirements, we propose that multiple profiles should be used by NGN providers. As service and application examples, two promising NGN applications are proposed. The first is a strong authentication mechanism that makes Web applications more safe and secure even against password theft. It is based on NGN ID federation function. The second provides an easy peer-to-peer broadband virtual private network service aimed at safe and secure communication for personal/SOHO (small office, home office) users, based on NGN SIP (session initiation protocol) session control.

Threats and risks to information security: a practical analysis of free access wireless networks

Science.gov (United States)

Quirumbay, Daniel I.; Coronel, Iván. A.; Bayas, Marcia M.; Rovira, Ronald H.; Gromaszek, Konrad; Tleshova, Akmaral; Kozbekova, Ainur

2017-08-01

Nowadays, there is an ever-growing need to investigate, consult and communicate through the internet. This need leads to the intensification of free access to the web in strategic and functional points for the benefit of the community. However, this open access is also related to the increase of information insecurity. The existing works on computer security primarily focus on the development of techniques to reduce cyber-attacks. However, these approaches do not address the sector of inexperienced users who have difficulty understanding browser settings. Two methods can solve this problem: first the development of friendly browsers with intuitive setups for new users and on the other hand, by implementing awareness programs on essential security without deepening on technical information. This article addresses an analysis of the vulnerabilities of wireless equipment that provides internet service in the open access zones and the potential risks that could be found when using these means.

Using secure web services to visualize poison center data for nationwide biosurveillance: a case study.

Science.gov (United States)

Savel, Thomas G; Bronstein, Alvin; Duck, William; Rhodes, M Barry; Lee, Brian; Stinn, John; Worthen, Katherine

2010-01-01

Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease Control and Prevention (CDC) has been examining the ability to use a federated model based on secure web services architecture, with data stewardship remaining with the data provider. As a case study for this approach, the American Association of Poison Control Centers and the CDC extended an existing data warehouse via a secure web service, and shared aggregate clinical effects and case counts data by geographic region and time period. To visualize these data, CDC developed a web browser-based interface, Quicksilver, which leveraged the Google Maps API and Flot, a javascript plotting library. Two iterations of the NPDS web service were completed in 12 weeks. The visualization client, Quicksilver, was developed in four months. This implementation of web services combined with a visualization client represents incremental positive progress in transitioning national data sources like BioSense and NPDS to a federated data exchange model. Quicksilver effectively demonstrates how the use of secure web services in conjunction with a lightweight, rapidly deployed visualization client can easily integrate isolated data sources for biosurveillance.

X-Switch: An Efficient , Multi-User, Multi-Language Web Application Server

Directory of Open Access Journals (Sweden)

Mayumbo Nyirenda

2010-07-01

Full Text Available Web applications are usually installed on and accessed through a Web server. For security reasons, these Web servers generally provide very few privileges to Web applications, defaulting to executing them in the realm of a guest ac- count. In addition, performance often is a problem as Web applications may need to be reinitialised with each access. Various solutions have been designed to address these security and performance issues, mostly independently of one another, but most have been language or system-specic. The X-Switch system is proposed as an alternative Web application execution environment, with more secure user-based resource management, persistent application interpreters and support for arbitrary languages/interpreters. Thus it provides a general-purpose environment for developing and deploying Web applications. The X-Switch system's experimental results demonstrated that it can achieve a high level of performance. Further- more it was shown that X-Switch can provide functionality matching that of existing Web application servers but with the added benet of multi-user support. Finally the X-Switch system showed that it is feasible to completely separate the deployment platform from the application code, thus ensuring that the developer does not need to modify his/her code to make it compatible with the deployment platform.

Secure e-mail and Web browsing

CERN Multimedia

CERN. Geneva

2009-01-01

This is an entry-level 1.5-hour training course aimed to show how to detect and avoid typical security pitfalls encountered when e-mailing and browsing the Web. It is designed for non-technical users of Internet Explorer and Outlook. Register at CTA

Building secure wireless access point based on certificate authentication and firewall captive portal

Directory of Open Access Journals (Sweden)

Soewito B.

2014-03-01

Full Text Available Wireless local area network or WLAN more vulnerability than wired network even though WLAN has many advantages over wired. Wireless networks use radio transmissions to carry data between end users and access point. Therefore, it is possible for someone to sit in your office building's lobby or parking lot or parking lot to eavesdrop on the wireless network communication. This paper discussed securing wires local area network used WPA2 Enterprise based PEAP MS-CHAP and Captive portal firewall. We also divided the network for employer and visitor to increase the level of security. Our experiment showed that the WLAN could be broken using the attacker tool such as airodump, aireply, and aircrack.

Web-based sorption database (KAERI-SDB)

International Nuclear Information System (INIS)

Lee, Jae Kwang; Baik, Min Hoon

2010-10-01

Radionuclide sorption data is necessary for the safety assessment of radioactive waste disposal. However the accessibility to the nuclide sorption database is limited. The web-based sorption database (KAERI-SDB) was developed to provide sorption data in a convenient way. The development of the KAERI-SDB was achieved by improving the performance of pre-existing sorption DB programme (SDB-21C) and incorporating the user requirement. The KAERI-SDB was designed that users can access it by using a web browser. Main functions of the KAERI-SDB include (1) log-in/join, (2) search and store of sorption data and (3) scatter plot chart and index chart. It is expected that the KAERI-SDB is widely applied to the safety assessment of radioactive waste disposal by enhancing the accessibility to experts and practitioner related the nuclear industry and governmental administration. It is also expected that reliabilities for the radioactive waste disposal increased by opening the web-based sorption DB to public

Toward Exposing Timing-Based Probing Attacks in Web Applications †

Science.gov (United States)

Mao, Jian; Chen, Yue; Shi, Futian; Jia, Yaoqi; Liang, Zhenkai

2017-01-01

Web applications have become the foundation of many types of systems, ranging from cloud services to Internet of Things (IoT) systems. Due to the large amount of sensitive data processed by web applications, user privacy emerges as a major concern in web security. Existing protection mechanisms in modern browsers, e.g., the same origin policy, prevent the users’ browsing information on one website from being directly accessed by another website. However, web applications executed in the same browser share the same runtime environment. Such shared states provide side channels for malicious websites to indirectly figure out the information of other origins. Timing is a classic side channel and the root cause of many recent attacks, which rely on the variations in the time taken by the systems to process different inputs. In this paper, we propose an approach to expose the timing-based probing attacks in web applications. It monitors the browser behaviors and identifies anomalous timing behaviors to detect browser probing attacks. We have prototyped our system in the Google Chrome browser and evaluated the effectiveness of our approach by using known probing techniques. We have applied our approach on a large number of top Alexa sites and reported the suspicious behavior patterns with corresponding analysis results. Our theoretical analysis illustrates that the effectiveness of the timing-based probing attacks is dramatically limited by our approach. PMID:28245610

Securing a web-based teleradiology platform according to German law and "best practices".

Science.gov (United States)

Spitzer, Michael; Ullrich, Tobias; Ueckert, Frank

2009-01-01

The Medical Data and Picture Exchange platform (MDPE), as a teleradiology system, facilitates the exchange of digital medical imaging data among authorized users. It features extensive support of the DICOM standard including networking functions. Since MDPE is designed as a web service, security and confidentiality of data and communication pose an outstanding challenge. To comply with demands of German laws and authorities, a generic data security concept considered as "best practice" in German health telematics was adapted to the specific demands of MDPE. The concept features strict logical and physical separation of diagnostic and identity data and thus an all-encompassing pseudonymization throughout the system. Hence, data may only be merged at authorized clients. MDPE's solution of merging data from separate sources within a web browser avoids technically questionable techniques such as deliberate cross-site scripting. Instead, data is merged dynamically by JavaScriptlets running in the user's browser. These scriptlets are provided by one server, while content and method calls are generated by another server. Additionally, MDPE uses encrypted temporary IDs for communication and merging of data.

Web based dosimetry system for reading and monitoring dose through internet access

International Nuclear Information System (INIS)

Perle, S.C.; Bennett, K.; Kahilainen, J.; Vuotila, M.

2010-01-01

The Instadose TM dosemeter from Mirion Technologies is a small, rugged device based on patented direct ion storage technology and is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) through NIST, bringing radiation monitoring into the digital age. Smaller than a flash drive, this dosemeter provides an instant read-out when connected to any computer with internet access and a USB connection. Instadose devices provide radiation workers with more flexibility than today's dosemeters. Non Volatile Analog Memory Cell surrounded by a Gas Filled Ion Chamber. Dose changes the amount of Electric Charge in the DIS Analog Memory. The total charge storage capacity of the memory determines the available dose range. The state of the Analog Memory is determined by measuring the voltage across the memory cell. AMP (Account Management Program) provides secure real time access to account details, device assignments, reports and all pertinent account information. Access can be restricted based on the role assignment assigned to an individual. A variety of reports are available for download and customizing. The Advantages of the Instadose dosemeter are: - Unlimited reading capability, - Concerns about a possible exposure can be addressed immediately, - Re-readability without loss of exposure data, with cumulative exposure maintained. (authors)

Web based dosimetry system for reading and monitoring dose through internet access

Energy Technology Data Exchange (ETDEWEB)

Perle, S.C.; Bennett, K.; Kahilainen, J.; Vuotila, M. [Mirion Technologies (United States); Mirion Technologies (Finland)

2010-07-01

The Instadose{sup TM} dosemeter from Mirion Technologies is a small, rugged device based on patented direct ion storage technology and is accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) through NIST, bringing radiation monitoring into the digital age. Smaller than a flash drive, this dosemeter provides an instant read-out when connected to any computer with internet access and a USB connection. Instadose devices provide radiation workers with more flexibility than today's dosemeters. Non Volatile Analog Memory Cell surrounded by a Gas Filled Ion Chamber. Dose changes the amount of Electric Charge in the DIS Analog Memory. The total charge storage capacity of the memory determines the available dose range. The state of the Analog Memory is determined by measuring the voltage across the memory cell. AMP (Account Management Program) provides secure real time access to account details, device assignments, reports and all pertinent account information. Access can be restricted based on the role assignment assigned to an individual. A variety of reports are available for download and customizing. The Advantages of the Instadose dosemeter are: - Unlimited reading capability, - Concerns about a possible exposure can be addressed immediately, - Re-readability without loss of exposure data, with cumulative exposure maintained. (authors)

Web Server Security on Open Source Environments

Science.gov (United States)

Gkoutzelis, Dimitrios X.; Sardis, Manolis S.

Administering critical resources has never been more difficult that it is today. In a changing world of software innovation where major changes occur on a daily basis, it is crucial for the webmasters and server administrators to shield their data against an unknown arsenal of attacks in the hands of their attackers. Up until now this kind of defense was a privilege of the few, out-budgeted and low cost solutions let the defender vulnerable to the uprising of innovating attacking methods. Luckily, the digital revolution of the past decade left its mark, changing the way we face security forever: open source infrastructure today covers all the prerequisites for a secure web environment in a way we could never imagine fifteen years ago. Online security of large corporations, military and government bodies is more and more handled by open source application thus driving the technological trend of the 21st century in adopting open solutions to E-Commerce and privacy issues. This paper describes substantial security precautions in facing privacy and authentication issues in a totally open source web environment. Our goal is to state and face the most known problems in data handling and consequently propose the most appealing techniques to face these challenges through an open solution.

Web-based GIS for spatial pattern detection: application to malaria incidence in Vietnam.

Science.gov (United States)

Bui, Thanh Quang; Pham, Hai Minh

2016-01-01

There is a great concern on how to build up an interoperable health information system of public health and health information technology within the development of public information and health surveillance programme. Technically, some major issues remain regarding to health data visualization, spatial processing of health data, health information dissemination, data sharing and the access of local communities to health information. In combination with GIS, we propose a technical framework for web-based health data visualization and spatial analysis. Data was collected from open map-servers and geocoded by open data kit package and data geocoding tools. The Web-based system is designed based on Open-source frameworks and libraries. The system provides Web-based analyst tool for pattern detection through three spatial tests: Nearest neighbour, K function, and Spatial Autocorrelation. The result is a web-based GIS, through which end users can detect disease patterns via selecting area, spatial test parameters and contribute to managers and decision makers. The end users can be health practitioners, educators, local communities, health sector authorities and decision makers. This web-based system allows for the improvement of health related services to public sector users as well as citizens in a secure manner. The combination of spatial statistics and web-based GIS can be a solution that helps empower health practitioners in direct and specific intersectional actions, thus provide for better analysis, control and decision-making.

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

Science.gov (United States)

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance. PMID:25276797

Security mechanism based on Hospital Authentication Server for secure application of implantable medical devices.

Science.gov (United States)

Park, Chang-Seop

2014-01-01

After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Accessible Web Design - The Power of the Personal Message.

Science.gov (United States)

Whitney, Gill

2015-01-01

The aim of this paper is to describe ongoing research being carried out to enable people with visual impairments to communicate directly with designers and specifiers of hobby and community web sites to maximise the accessibility of their sites. The research started with an investigation of the accessibility of community and hobby web sites as perceived by a group of visually impaired end users. It is continuing with an investigation into how to best to communicate with web designers who are not experts in web accessibility. The research is making use of communication theory to investigate how terminology describing personal experience can be used in the most effective and powerful way. By working with the users using a Delphi study the research has ensured that the views of the visually impaired end users is successfully transmitted.

Web-based Service Portal in Healthcare

Science.gov (United States)

Silhavy, Petr; Silhavy, Radek; Prokopova, Zdenka

Information delivery is one the most important task in healthcare. The growing sector of electronic healthcare has an important impact on the information delivery. There are two basic approaches towards information delivering. The first is web portal and second is touch-screen terminal. The aim of this paper is to investigate the web-based service portal. The most important advantage of web-based portal in the field of healthcare is an independent access for patients. This paper deals with the conditions and frameworks for healthcare portals

Development, implementation and pilot evaluation of a Web-based Virtual Patient Case Simulation environment--Web-SP.

Science.gov (United States)

Zary, Nabil; Johnson, Gunilla; Boberg, Jonas; Fors, Uno G H

2006-02-21

The Web-based Simulation of Patients (Web-SP) project was initiated in order to facilitate the use of realistic and interactive virtual patients (VP) in medicine and healthcare education. Web-SP focuses on moving beyond the technology savvy teachers, when integrating simulation-based education into health sciences curricula, by making the creation and use of virtual patients easier. The project strives to provide a common generic platform for design/creation, management, evaluation and sharing of web-based virtual patients. The aim of this study was to evaluate if it was possible to develop a web-based virtual patient case simulation environment where the entire case authoring process might be handled by teachers and which would be flexible enough to be used in different healthcare disciplines. The Web-SP system was constructed to support easy authoring, management and presentation of virtual patient cases. The case authoring environment was found to facilitate for teachers to create full-fledged patient cases without the assistance of computer specialists. Web-SP was successfully implemented at several universities by taking into account key factors such as cost, access, security, scalability and flexibility. Pilot evaluations in medical, dentistry and pharmacy courses shows that students regarded Web-SP as easy to use, engaging and to be of educational value. Cases adapted for all three disciplines were judged to be of significant educational value by the course leaders. The Web-SP system seems to fulfil the aim of providing a common generic platform for creation, management and evaluation of web-based virtual patient cases. The responses regarding the authoring environment indicated that the system might be user-friendly enough to appeal to a majority of the academic staff. In terms of implementation strengths, Web-SP seems to fulfil most needs from course directors and teachers from various educational institutions and disciplines. The system is currently in

Conducting Web-based Surveys.

OpenAIRE

David J. Solomon

2001-01-01

Web-based surveying is becoming widely used in social science and educational research. The Web offers significant advantages over more traditional survey techniques however there are still serious methodological challenges with using this approach. Currently coverage bias or the fact significant numbers of people do not have access, or choose not to use the Internet is of most concern to researchers. Survey researchers also have much to learn concerning the most effective ways to conduct s...

A new web-based tool for data visualization in MDSplus

Energy Technology Data Exchange (ETDEWEB)

Manduchi, G., E-mail: gabriele.manduchi@igi.cnr.it [Consorzio RFX, Euratom-ENEA Association, Corso Stati Uniti 4, Padova 35127 (Italy); Fredian, T.; Stillerman, J. [Massachusetts Institute of Technology, 175 Albany Street, Cambridge, MA 02139 (United States)

2014-05-15

Highlights: • The paper describes a new web-based data visualization tool for MDSplus. • It describes the experience gained with the previous data visualization tools. • It describes the used technologies for web data access and visualization. • It describes the current architecture of the tool and the new foreseen features. - Abstract: The Java tool jScope has been widely used for years to display acquired waveform in MDSplus. The choice of the Java programming language for its implementation has been successful for several reasons among which the fact that Java supports a multiplatform environment and it is well suited for graphics and the management of network communication. jScope can be used both as a local and remote application. In the latter case, data are acquired via TCP/IP communication using the mdsip protocol. Exporting data in this way however introduces several security problems due to the necessity of opening firewall holes for the user ports. For this reason, and also due to the fact that JavaScript is becoming a widely used language for web applications, a new tool written in JavaScript and called WebScope has been developed for the visualization of MDSplus data in web browsers. Data communication is now achieved via http protocol using Asynchronous JavaScript and XML (AJAX) technology. At the server side, data access is carried out by a Python module that interacts with the web server via Web Server Gateway Interface (WSGI). When a data item, described by an MDSplus expression, is requested by the web browser for visualization, it is returned as a binary message and then handled by callback JavaScript functions activated by the web browser. Scalable Vector Graphics (SVG) technology is used to handle graphics within the web browser and to carry out the same interactive data visualization provided by jScope. In addition to mouse events, touch events are supported to provide interactivity also on touch screens. In this way, waveforms can be

A new web-based tool for data visualization in MDSplus

International Nuclear Information System (INIS)

Manduchi, G.; Fredian, T.; Stillerman, J.

2014-01-01

Highlights: • The paper describes a new web-based data visualization tool for MDSplus. • It describes the experience gained with the previous data visualization tools. • It describes the used technologies for web data access and visualization. • It describes the current architecture of the tool and the new foreseen features. - Abstract: The Java tool jScope has been widely used for years to display acquired waveform in MDSplus. The choice of the Java programming language for its implementation has been successful for several reasons among which the fact that Java supports a multiplatform environment and it is well suited for graphics and the management of network communication. jScope can be used both as a local and remote application. In the latter case, data are acquired via TCP/IP communication using the mdsip protocol. Exporting data in this way however introduces several security problems due to the necessity of opening firewall holes for the user ports. For this reason, and also due to the fact that JavaScript is becoming a widely used language for web applications, a new tool written in JavaScript and called WebScope has been developed for the visualization of MDSplus data in web browsers. Data communication is now achieved via http protocol using Asynchronous JavaScript and XML (AJAX) technology. At the server side, data access is carried out by a Python module that interacts with the web server via Web Server Gateway Interface (WSGI). When a data item, described by an MDSplus expression, is requested by the web browser for visualization, it is returned as a binary message and then handled by callback JavaScript functions activated by the web browser. Scalable Vector Graphics (SVG) technology is used to handle graphics within the web browser and to carry out the same interactive data visualization provided by jScope. In addition to mouse events, touch events are supported to provide interactivity also on touch screens. In this way, waveforms can be

Web-based X-ray quality control documentation.

Science.gov (United States)

David, George; Burnett, Lou Ann; Schenkel, Robert

2003-01-01

The department of radiology at the Medical College of Georgia Hospital and Clinics has developed an equipment quality control web site. Our goal is to provide immediate access to virtually all medical physics survey data. The web site is designed to assist equipment engineers, department management and technologists. By improving communications and access to equipment documentation, we believe productivity is enhanced. The creation of the quality control web site was accomplished in three distinct steps. First, survey data had to be placed in a computer format. The second step was to convert these various computer files to a format supported by commercial web browsers. Third, a comprehensive home page had to be designed to provide convenient access to the multitude of surveys done in the various x-ray rooms. Because we had spent years previously fine-tuning the computerization of the medical physics quality control program, most survey documentation was already in spreadsheet or database format. A major technical decision was the method of conversion of survey spreadsheet and database files into documentation appropriate for the web. After an unsatisfactory experience with a HyperText Markup Language (HTML) converter (packaged with spreadsheet and database software), we tried creating Portable Document Format (PDF) files using Adobe Acrobat software. This process preserves the original formatting of the document and takes no longer than conventional printing; therefore, it has been very successful. Although the PDF file generated by Adobe Acrobat is a proprietary format, it can be displayed through a conventional web browser using the freely distributed Adobe Acrobat Reader program that is available for virtually all platforms. Once a user installs the software, it is automatically invoked by the web browser whenever the user follows a link to a file with a PDF extension. Although no confidential patient information is available on the web site, our legal

A Holistic Approach to Securing Web Applications

OpenAIRE

Stankovic, Srdjan; Simic, Dejan

2010-01-01

Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introdu...

A Framework for Transparently Accessing Deep Web Sources

Science.gov (United States)

Dragut, Eduard Constantin

2010-01-01

An increasing number of Web sites expose their content via query interfaces, many of them offering the same type of products/services (e.g., flight tickets, car rental/purchasing). They constitute the so-called "Deep Web". Accessing the content on the Deep Web has been a long-standing challenge for the database community. For a user interested in…

Developing Access Control Model of Web OLAP over Trusted and Collaborative Data Warehouses

Science.gov (United States)

Fugkeaw, Somchart; Mitrpanont, Jarernsri L.; Manpanpanich, Piyawit; Juntapremjitt, Sekpon

This paper proposes the design and development of Role- based Access Control (RBAC) model for the Single Sign-On (SSO) Web-OLAP query spanning over multiple data warehouses (DWs). The model is based on PKI Authentication and Privilege Management Infrastructure (PMI); it presents a binding model of RBAC authorization based on dimension privilege specified in attribute certificate (AC) and user identification. Particularly, the way of attribute mapping between DW user authentication and privilege of dimensional access is illustrated. In our approach, we apply the multi-agent system to automate flexible and effective management of user authentication, role delegation as well as system accountability. Finally, the paper culminates in the prototype system A-COLD (Access Control of web-OLAP over multiple DWs) that incorporates the OLAP features and authentication and authorization enforcement in the multi-user and multi-data warehouse environment.

Information security threats in web-portals on the open journal systems platform

Directory of Open Access Journals (Sweden)

Anton A. Abramov

2018-05-01

Full Text Available This article addresses the problem of security threats while working with web portals built on the Open Journal Systems platform. The Open Journal Systems (OJS platform was originally developed as part of the Public Knowledge Project and it is one of the most popular open-source platforms for web journals today. Based on the data available in the Public Knowledge Project, there were more than 10,000 active journals using the open journal systems platform by the end of 2016. A migration of a journal to such advanced and complex platform helps to handle the entire workflow over a single web portal. Therefore it is an important move and only peer-reviewed journals that are part of Russian and Worldwide citation systems go for it. At the same time the problem of keeping privacy for a manuscript before it is published is very important for these journals and for authors who submit it to the journal. The paper describes the most common threats for the web portals on the OJS platform as well as a particular model of the security threats, and suggests the measures that could help to neutralize these threats.

Content accessibility of Web documents: Overview of concepts and needed standards

DEFF Research Database (Denmark)

Alapetite, A.

2006-01-01

The concept of Web accessibility refers to a combined set of measures, namely, how easily and how efficiently different types of users may make use of a given service. While some recommendations for accessibility are focusing on people with variousspecific disabilities, this document seeks...... to broaden the scope to any type of user and any type of use case. The document provides an introduction to some required concepts and technical standards for designing accessible Web sites. A brief review of thelegal requirements in a few countries for Web accessibility complements the recommendations...

Pilot Evaluation of a Web-Based Intervention Targeting Sexual Health Service Access

Science.gov (United States)

Brown, K. E.; Newby, K.; Caley, M.; Danahay, A.; Kehal, I.

2016-01-01

Sexual health service access is fundamental to good sexual health, yet interventions designed to address this have rarely been implemented or evaluated. In this article, pilot evaluation findings for a targeted public health behavior change intervention, delivered via a website and web-app, aiming to increase uptake of sexual health services among…

A Java-Web-Based-Learning Methodology, Case Study ...

African Journals Online (AJOL)

A Java-Web-Based-Learning Methodology, Case Study : Waterborne diseases. The recent advances in web technologies have opened new opportunities for computer-based-education. One can learn independently of time and place constraints, and have instantaneous access to relevant updated material at minimal cost.

Virtual real-time inspection of nuclear material via VRML and secure web pages

International Nuclear Information System (INIS)

Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

1996-01-01

Sandia National Laboratories'' Straight-Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight-Line''s efforts is to create a system to securely disseminate this data on the Internet''s World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight-Line secure 3-D web page. A discussion of the pros and cons of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at this address, http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended

Virtual real-time inspection of nuclear material via VRML and secure web pages

International Nuclear Information System (INIS)

Nilsen, C.; Jortner, J.; Damico, J.; Friesen, J.; Schwegel, J.

1997-04-01

Sandia National Laboratories' Straight Line project is working to provide the right sensor information to the right user to enhance the safety, security, and international accountability of nuclear material. One of Straight Line's efforts is to create a system to securely disseminate this data on the Internet's World-Wide-Web. To make the user interface more intuitive, Sandia has generated a three dimensional VRML (virtual reality modeling language) interface for a secure web page. This paper will discuss the implementation of the Straight Line secure 3-D web page. A discussion of the ''pros and cons'' of a 3-D web page is also presented. The public VRML demonstration described in this paper can be found on the Internet at the following address: http://www.ca.sandia.gov/NMM/. A Netscape browser, version 3 is strongly recommended

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

Directory of Open Access Journals (Sweden)

Chang-Seop Park

2014-01-01

Full Text Available After two recent security attacks against implantable medical devices (IMDs have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient’s life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician’s treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.

Web-based discovery, access and analysis tools for the provision of different data sources like remote sensing products and climate data

Science.gov (United States)

Eberle, J.; Hese, S.; Schmullius, C.

2012-12-01

To provide different of Earth Observation products in the area of Siberia, the Siberian Earth System Science Cluster (SIB-ESS-C) was established as a spatial data infrastructure at the University of Jena (Germany), Department for Earth Observation. The infrastructure implements standards published by the Open Geospatial Consortium (OGC) and the International Organization for Standardization (ISO) for data discovery, data access and data analysis. The objective of SIB-ESS-C is to faciliate environmental research and Earth system science in Siberia. Several products from the Moderate Resolution Imaging Spectroradiometer sensor were integrated by serving ISO-compliant Metadata and providing OGC-compliant Web Map Service for data visualization and Web Coverage Services / Web Feature Service for data access. Furthermore climate data from the World Meteorological Organization were downloaded, converted, provided as OGC Sensor Observation Service. Each climate data station is described with ISO-compliant Metadata. All these datasets from multiple sources are provided within the SIB-ESS-C infrastructure (figure 1). Furthermore an automatic workflow integrates updates of these datasets daily. The brokering approach within the SIB-ESS-C system is to collect data from different sources, convert the data into common data formats, if necessary, and provide them with standardized Web services. Additional tools are made available within the SIB-ESS-C Geoportal for an easy access to download and analysis functions (figure 2). The data can be visualized, accessed and analysed with this Geoportal. Providing OGC-compliant services the data can also be accessed with other OGC-compliant clients.; Figure 1. Technical Concept of SIB-ESS-C providing different data sources ; Figure 2. Screenshot of the web-based SIB-ESS-C system.

网络无障碍的发展:政策、理论和方法%Development of Web Accessibility: Policies, Theories and Apporoaches

Institute of Scientific and Technical Information of China (English)

Xiaoming Zeng

2006-01-01

The article is intended to introduce the readers to the concept and background of Web accessibility in the United States. I will first discuss different definitions of Web accessibility. The beneficiaries of accessible Web or the sufferers from inaccessible Web will be discussed based on the type of disability. The importance of Web accessibility will be introduced from the perspectives of ethical, demographic, legal, and financial importance. Web accessibility related standards and legislations will be discussed in great detail. Previous research on evaluating Web accessibility will be presented. Lastly, a system for automated Web accessibility transformation will be introduced as an alternative approach for enhancing Web accessibility.

Web based remote instrumentation and control

International Nuclear Information System (INIS)

Dhekne, P.S.; Patil, Jitendra; Kulkarni, Jitendra; Babu, Prasad; Lad, U.C.; Rahurkar, A.G.; Kaura, H.K.

2001-01-01

The Web-based technology provides a very powerful communication medium for transmitting effectively multimedia information containing data generated from various sources, which may be in the form of audio, video, text, still or moving images etc. Large number of sophisticated web based software tools are available that can be used to monitor and control distributed electronic instrumentation projects. For example data can be collected online from various smart sensors/instruments such as images from CCD camera, pressure/ humidity sensor, light intensity transducer, smoke detectors etc and uploaded in real time to a central web server. This information can be processed further, to take control action in real time from any remote client, of course with due security care. The web-based technology offers greater flexibility, higher functionality, and high degree of integration providing standardization. Further easy to use standard browser based interface at the client end to monitor, view and control the desired process parameters allow you to cut down the development time and cost to a great extent. A system based on a web client-server approach has been designed and developed at Computer division, BARC and is operational since last year to monitor and control remotely various environmental parameters of distributed computer centers. In this paper we shall discuss details of this system, its current status and additional features which are currently under development. This type of system is typically very useful for Meteorology, Environmental monitoring of Nuclear stations, Radio active labs, Nuclear waste immobilization plants, Medical and Biological research labs., Security surveillance and in many such distributed situations. A brief description of various tools used for this project such as Java, CGI, Java Script, HTML, VBScript, M-JPEG, TCP/IP, UDP, RTP etc. along with their merits/demerits have also been included

Web Based ATM PVC Management

NARCIS (Netherlands)

van der Waaij, B.D.; Sprenkels, Ron; van Beijnum, Bernhard J.F.; Pras, Aiko

1998-01-01

This paper discusses the design of a public domain web based ATM PVC Management tool for the Dutch SURFnet research ATM network. The aim of this tool is to assists in the creation and deletion of PVCs through local and remote ATM network domains. The tool includes security mechanisms to restrict the

Development, implementation and pilot evaluation of a Web-based Virtual Patient Case Simulation environment – Web-SP

Directory of Open Access Journals (Sweden)

Boberg Jonas

2006-02-01

Full Text Available Abstract Background The Web-based Simulation of Patients (Web-SP project was initiated in order to facilitate the use of realistic and interactive virtual patients (VP in medicine and healthcare education. Web-SP focuses on moving beyond the technology savvy teachers, when integrating simulation-based education into health sciences curricula, by making the creation and use of virtual patients easier. The project strives to provide a common generic platform for design/creation, management, evaluation and sharing of web-based virtual patients. The aim of this study was to evaluate if it was possible to develop a web-based virtual patient case simulation environment where the entire case authoring process might be handled by teachers and which would be flexible enough to be used in different healthcare disciplines. Results The Web-SP system was constructed to support easy authoring, management and presentation of virtual patient cases. The case authoring environment was found to facilitate for teachers to create full-fledged patient cases without the assistance of computer specialists. Web-SP was successfully implemented at several universities by taking into account key factors such as cost, access, security, scalability and flexibility. Pilot evaluations in medical, dentistry and pharmacy courses shows that students regarded Web-SP as easy to use, engaging and to be of educational value. Cases adapted for all three disciplines were judged to be of significant educational value by the course leaders. Conclusion The Web-SP system seems to fulfil the aim of providing a common generic platform for creation, management and evaluation of web-based virtual patient cases. The responses regarding the authoring environment indicated that the system might be user-friendly enough to appeal to a majority of the academic staff. In terms of implementation strengths, Web-SP seems to fulfil most needs from course directors and teachers from various educational

A development process meta-model for Web based expert systems: The Web engineering point of view

DEFF Research Database (Denmark)

Dokas, I.M.; Alapetite, Alexandre

2006-01-01

raised their complexity. Unfortunately, there is so far no clear answer to the question: How may the methods and experience of Web engineering and expert systems be combined and applied in order todevelop effective and successful Web based expert systems? In an attempt to answer this question...... on Web based expert systems – will be presented. The idea behind the presentation of theaccessibility evaluation and its conclusions is to show to Web based expert system developers, who typically have little Web engineering background, that Web engineering issues must be considered when developing Web......Similar to many legacy computer systems, expert systems can be accessed via the Web, forming a set of Web applications known as Web based expert systems. The tough Web competition, the way people and organizations rely on Web applications and theincreasing user requirements for better services have...

10 CFR 2.905 - Access to restricted data and national security information for parties; security clearances.

Science.gov (United States)

2010-01-01

... information for parties; security clearances. 2.905 Section 2.905 Energy NUCLEAR REGULATORY COMMISSION RULES... to Adjudicatory Proceedings Involving Restricted Data and/or National Security Information § 2.905 Access to restricted data and national security information for parties; security clearances. (a) Access...

Enhancing the AliEn Web Service Authentication

International Nuclear Information System (INIS)

Zhu Jianlin; Zhou Daicui; Zhang Guoping; Saiz, Pablo; Carminati, Federico; Betev, Latchezar; Lorenzo, Patricia Mendez; Grigoras, Alina Gabriela; Grigoras, Costin; Furano, Fabrizio; Schreiner, Steffen; Datskova, Olga Vladimirovna; Banerjee, Subho Sankar

2011-01-01

Web Services are an XML based technology that allow applications to communicate with each other across disparate systems. Web Services are becoming the de facto standard that enable inter operability between heterogeneous processes and systems. AliEn2 is a grid environment based on web services. The AliEn2 services can be divided in three categories: Central services, deployed once per organization; Site services, deployed on each of the participating centers; Job Agents running on the worker nodes automatically. A security model to protect these services is essential for the whole system. Current implementations of web server, such as Apache, are not suitable to be used within the grid environment. Apache with the mod s sl and OpenSSL only supports the X.509 certificates. But in the grid environment, the common credential is the proxy certificate for the purpose of providing restricted proxy and delegation. An Authentication framework was taken for AliEn2 web services to add the ability to accept X.509 certificates and proxy certificates from client-side to Apache Web Server. The authentication framework could also allow the generation of access control policies to limit access to the AliEn2 web services.

An interactive Web-based radiation protection course in fluoroscopy

International Nuclear Information System (INIS)

Aldrich, J.

2001-01-01

The teaching of radiation protection to a large group of physicians, who are separated geographically and have complicated schedules, is a formidable problem. Therefore a Web-based solution is attractive, allowing access to the material at any time and place. In this implementation the didactic material is presented in a Web-based format. Subsequently, students attend a practical demonstration in one of the departments' fluoroscopy rooms. Because of local experience with distance education, WebCT was chosen to present the material. WebCT (Web Course Tools) was developed by the University of British Columbia (UBC) to allow educators, with or without technical expertise, to create a sophisticated Web-base. Authors use a standard Web browser to create courses, and students use their browsers to access course material. WebCT provides a wide variety of tools and features that can be added to a course. Among the most useful tools used in this fluoroscopy course are the glossary, multiple-choice questions for each section, and a final test which is scored by the computer. As with all Web-based material the courses can be viewed in the traditional linear fashion or in any random way through the use of linkages. (author)

JavaScript Access to DICOM Network and Objects in Web Browser.

Science.gov (United States)

Drnasin, Ivan; Grgić, Mislav; Gogić, Goran

2017-10-01

Digital imaging and communications in medicine (DICOM) 3.0 standard provides the baseline for the picture archiving and communication systems (PACS). The development of Internet and various communication media initiated demand for non-DICOM access to PACS systems. Ever-increasing utilization of the web browsers, laptops and handheld devices, as opposed to desktop applications and static organizational computers, lead to development of different web technologies. The DICOM standard officials accepted those subsequently as tools of alternative access. This paper provides an overview of the current state of development of the web access technology to the DICOM repositories. It presents a different approach of using HTML5 features of the web browsers through the JavaScript language and the WebSocket protocol by enabling real-time communication with DICOM repositories. JavaScript DICOM network library, DICOM to WebSocket proxy and a proof-of-concept web application that qualifies as a DICOM 3.0 device were developed.

High-Performance Secure Database Access Technologies for HEP Grids

Energy Technology Data Exchange (ETDEWEB)

Matthew Vranicar; John Weicher

2006-04-17

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist’s computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that "Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications.” There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the

High-Performance Secure Database Access Technologies for HEP Grids

International Nuclear Information System (INIS)

Vranicar, Matthew; Weicher, John

2006-01-01

The Large Hadron Collider (LHC) at the CERN Laboratory will become the largest scientific instrument in the world when it starts operations in 2007. Large Scale Analysis Computer Systems (computational grids) are required to extract rare signals of new physics from petabytes of LHC detector data. In addition to file-based event data, LHC data processing applications require access to large amounts of data in relational databases: detector conditions, calibrations, etc. U.S. high energy physicists demand efficient performance of grid computing applications in LHC physics research where world-wide remote participation is vital to their success. To empower physicists with data-intensive analysis capabilities a whole hyperinfrastructure of distributed databases cross-cuts a multi-tier hierarchy of computational grids. The crosscutting allows separation of concerns across both the global environment of a federation of computational grids and the local environment of a physicist's computer used for analysis. Very few efforts are on-going in the area of database and grid integration research. Most of these are outside of the U.S. and rely on traditional approaches to secure database access via an extraneous security layer separate from the database system core, preventing efficient data transfers. Our findings are shared by the Database Access and Integration Services Working Group of the Global Grid Forum, who states that 'Research and development activities relating to the Grid have generally focused on applications where data is stored in files. However, in many scientific and commercial domains, database management systems have a central role in data storage, access, organization, authorization, etc, for numerous applications'. There is a clear opportunity for a technological breakthrough, requiring innovative steps to provide high-performance secure database access technologies for grid computing. We believe that an innovative database architecture where the secure

Web tools for predictive toxicology model building.

Science.gov (United States)

Jeliazkova, Nina

2012-07-01

The development and use of web tools in chemistry has accumulated more than 15 years of history already. Powered by the advances in the Internet technologies, the current generation of web systems are starting to expand into areas, traditional for desktop applications. The web platforms integrate data storage, cheminformatics and data analysis tools. The ease of use and the collaborative potential of the web is compelling, despite the challenges. The topic of this review is a set of recently published web tools that facilitate predictive toxicology model building. The focus is on software platforms, offering web access to chemical structure-based methods, although some of the frameworks could also provide bioinformatics or hybrid data analysis functionalities. A number of historical and current developments are cited. In order to provide comparable assessment, the following characteristics are considered: support for workflows, descriptor calculations, visualization, modeling algorithms, data management and data sharing capabilities, availability of GUI or programmatic access and implementation details. The success of the Web is largely due to its highly decentralized, yet sufficiently interoperable model for information access. The expected future convergence between cheminformatics and bioinformatics databases provides new challenges toward management and analysis of large data sets. The web tools in predictive toxicology will likely continue to evolve toward the right mix of flexibility, performance, scalability, interoperability, sets of unique features offered, friendly user interfaces, programmatic access for advanced users, platform independence, results reproducibility, curation and crowdsourcing utilities, collaborative sharing and secure access.

Web-based Logbook System for EAST Experiments

International Nuclear Information System (INIS)

Yang Fei; Xiao Bingjia

2010-01-01

Implementation of a web-based logbook system on EAST is introduced, which can store the comments for the experiments into a database and access the documents via various web browsers. The three-tier software architecture and asynchronous access technology are adopted to improve the system effectively. Authorized users can view the information of real-time discharge, comments from others and signal plots; add, delete, or revise their own comments; search signal data or comments under complicated search conditions; and collect relevant information and output it to an excel file. The web pages can be automatically updated after a new discharge is completed and without refreshment.

Spontaneous diffusion of an effective skin cancer prevention program through Web-based access to program materials.

Science.gov (United States)

Hall, Dawn M; Escoffery, Cam; Nehl, Eric; Glanz, Karen

2010-11-01

Little information exists about the diffusion of evidence-based interventions, a process that can occur naturally in organized networks with established communication channels. This article describes the diffusion of an effective skin cancer prevention program called Pool Cool through available Web-based program materials. We used self-administered surveys to collect information from program users about access to and use of Web-based program materials. We analyzed the content of e-mails sent to the official Pool Cool Web site to obtain qualitative information about spontaneous diffusion. Program users were dispersed throughout the United States, most often learning about the program through a Web site (32%), publication (26%), or colleague (19%). Most respondents (86%) reported that their pool provided educational activities at swimming lessons. The Leader's Guide (59%) and lesson cards (50%) were the most commonly downloaded materials, and most respondents reported using these core items sometimes, often, or always. Aluminum sun-safety signs were the least frequently used materials. A limited budget was the most commonly noted obstacle to sun-safety efforts at the pool (85%). Factors supporting sun safety at the pool centered around risk management (85%) and health of the pool staff (78%). Diffusion promotes the use of evidence-based health programs and can occur with and without systematic efforts. Strategies such as providing well-packaged, user-friendly program materials at low or no cost and strategic advertisement of the availability of program materials may increase program use and exposure. Furthermore, highlighting the benefits of the program can motivate potential program users.

Development of a secure and cost-effective infrastructure for the access of arbitrary web-based image distribution systems; Entwicklung einer sicheren und kostenguenstigen Infrastruktur zum Zugriff auf beliebige webbasierte Bildverteilungssysteme

Energy Technology Data Exchange (ETDEWEB)

Hacklaender, T.; Demabre, N.; Cramer, B.M. [Klinik fuer Radiologie, HELIOS-Klinikum Wuppertal (Germany); Kleber, K.; Schneider, H. [VISUS Technology Transfer GmbH, Bochum (Germany)

2004-08-01

Purpose: To build an infrastructure that enables radiologists on-call and external users a teleradiological access to the HTML-based image distribution system inside the hospital via internet. In addition, no investment costs should arise on the user side and the image data should be sent renamed using cryptographic techniques. Materials and Methods: A pure HTML-based system manages the image distribution inside the hospital, with an open source project extending this system through a secure gateway outside the firewall of the hospital. The gateway handles the communication between the external users and the HTML server within the network of the hospital. A second firewall is installed between the gateway and the external users and builds up a virtual private network (VPN). A connection between the gateway and the external user is only acknowledged if the computers involved authenticate each other via certificates and the external users authenticate via a multi-stage password system. All data are transferred encrypted. External users get only access to images that have been renamed to a pseudonym by means of automated processing before. Results: With an ADSL internet access, external users achieve an image load frequency of 0.4 CT images per second. More than 90% of the delay during image transfer results from security checks within the firewalls. Data passing the gateway induce no measurable delay. (orig.)

The web based user interface of RODOS

International Nuclear Information System (INIS)

Raskob, W.; Mueller, A.; Munz, E.; Rafat, M.

2003-01-01

and platform independent web technology. This enables accessing the RODOS systems by remote users from all kinds of computer platforms with Internet browser. The layout and content structure of this web interface have been designed and developed with a unique standardized interface layout and information structure under due consideration of the needs of the RODOS users. Two types of web-based interfaces have been realized: category B: active user with access to the RODOS system via web browser. The interaction with RODOS is limited to the level (2) and (3) mentioned above: category B users can only define interactive runs via input forms and select results from predefined information. They have no access to data bases and cannot operate RODOS in its automatic mode. Category C: passive user with access via web browser and - if desired - via X-desktop only to RODOS results produced by users of category A or B. The category B users define their requests to the RODOS system via an interactive Web-based interface. The corresponding HTML file is sent to the RODOS Web server. lt transforms the information into RODOS compatible input data, initiates the corresponding RODOS runs, produces an HTML results file and returns it to the web browser. The web browser receives the HTML file, it interprets the page content and displays the page. The layout, content and functions of the new web based interface for category B and category C users will be demonstrated. Example interactive runs will show the interaction with the RODOS system. fig. 1 (author)

Optimizing man-machine performance of a personnel access restriction security system

International Nuclear Information System (INIS)

Banks, W.W.; Moore, J.W.

1988-01-01

This paper describes a human engineering design and analysis effort for a major security system upgrade at a DOE facility. This upgrade was accomplished by replacing an obsolete and poorly human engineered security screening both the with a new, user oriented, semiautomated, computer-based access control system. Human factors engineers assisted the designer staff in specifying a security access interface to physically and cognitively accommodate all employees which included handicapped individuals in wheel chairs, and several employees who were severely disabled, both visually and aurally. The new access system was intended to control entry into sensitive exclusion areas by requiring personnel to enter a security screening booth and interact with card reader devices and a-simple-to-operate access control panel system. Extensive man-machine testing with prototype mock-ups was conducted to assess human engineered design features and to illuminate potentially confusing or difficult-to-operated hardware placement, layout, and operation sequencing. These evaluations, along with the prototype mock-ups, provided input which resulted in a prototype which was easy to enter, operate, and understand by end users. This prototype later served as the design basis for the final systems design

Securing the Global Airspace System Via Identity-Based Security

Science.gov (United States)

Ivancic, William D.

2015-01-01

Current telecommunications systems have very good security architectures that include authentication and authorization as well as accounting. These three features enable an edge system to obtain access into a radio communication network, request specific Quality-of-Service (QoS) requirements and ensure proper billing for service. Furthermore, the links are secure. Widely used telecommunication technologies are Long Term Evolution (LTE) and Worldwide Interoperability for Microwave Access (WiMAX) This paper provides a system-level view of network-centric operations for the global airspace system and the problems and issues with deploying new technologies into the system. The paper then focuses on applying the basic security architectures of commercial telecommunication systems and deployment of federated Authentication, Authorization and Accounting systems to provide a scalable, evolvable reliable and maintainable solution to enable a globally deployable identity-based secure airspace system.

The information-seeking behaviour of paediatricians accessing web-based resources.

LENUS (Irish Health Repository)

Prendiville, T W

2012-02-01

OBJECTIVES: To establish the information-seeking behaviours of paediatricians in answering every-day clinical queries. DESIGN: A questionnaire was distributed to every hospital-based paediatrician (paediatric registrar and consultant) working in Ireland. RESULTS: The study received 156 completed questionnaires, a 66.1% response. 67% of paediatricians utilised the internet as their first "port of call" when looking to answer a medical question. 85% believe that web-based resources have improved medical practice, with 88% reporting web-based resources are essential for medical practice today. 93.5% of paediatricians believe attempting to answer clinical questions as they arise is an important component in practising evidence-based medicine. 54% of all paediatricians have recommended websites to parents or patients. 75.5% of paediatricians report finding it difficult to keep up-to-date with new information relevant to their practice. CONCLUSIONS: Web-based paediatric resources are of increasing significance in day-to-day clinical practice. Many paediatricians now believe that the quality of patient care depends on it. Information technology resources play a key role in helping physicians to deliver, in a time-efficient manner, solutions to clinical queries at the point of care.

Automated Security Testing of Web Widget Interactions

NARCIS (Netherlands)

Bezemer, C.P.; Mesbah, A.; Van Deursen, A.

2009-01-01

This paper is a pre-print of: Cor-Paul Bezemer, Ali Mesbah, and Arie van Deursen. Automated Security Testing of Web Widget Interactions. In Proceedings of the 7th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering

Web-based Factors Affecting Online Purchasing Behaviour

Science.gov (United States)

Ariff, Mohd Shoki Md; Sze Yan, Ng; Zakuan, Norhayati; Zaidi Bahari, Ahamad; Jusoh, Ahmad

2013-06-01

The growing use of internet and online purchasing among young consumers in Malaysia provides a huge prospect in e-commerce market, specifically for B2C segment. In this market, if E-marketers know the web-based factors affecting online buyers' behaviour, and the effect of these factors on behaviour of online consumers, then they can develop their marketing strategies to convert potential customers into active one, while retaining existing online customers. Review of previous studies related to the online purchasing behaviour in B2C market has point out that the conceptualization and empirical validation of the online purchasing behaviour of Information and Communication Technology (ICT) literate users, or ICT professional, in Malaysia has not been clearly addressed. This paper focuses on (i) web-based factors which online buyers (ICT professional) keep in mind while shopping online; and (ii) the effect of web-based factors on online purchasing behaviour. Based on the extensive literature review, a conceptual framework of 24 items of five factors was constructed to determine web-based factors affecting online purchasing behaviour of ICT professional. Analysis of data was performed based on the 310 questionnaires, which were collected using a stratified random sampling method, from ICT undergraduate students in a public university in Malaysia. The Exploratory factor analysis performed showed that five factors affecting online purchase behaviour are Information Quality, Fulfilment/Reliability/Customer Service, Website Design, Quick and Details, and Privacy/Security. The result of Multiple Regression Analysis indicated that Information Quality, Quick and Details, and Privacy/Security affect positively online purchase behaviour. The results provide a usable model for measuring web-based factors affecting buyers' online purchase behaviour in B2C market, as well as for online shopping companies to focus on the factors that will increase customers' online purchase.

Web-based Factors Affecting Online Purchasing Behaviour

International Nuclear Information System (INIS)

Ariff, Mohd Shoki Md; Yan, Ng Sze; Zakuan, Norhayati; Bahari, Ahamad Zaidi; Jusoh, Ahmad

2013-01-01

The growing use of internet and online purchasing among young consumers in Malaysia provides a huge prospect in e-commerce market, specifically for B2C segment. In this market, if E-marketers know the web-based factors affecting online buyers' behaviour, and the effect of these factors on behaviour of online consumers, then they can develop their marketing strategies to convert potential customers into active one, while retaining existing online customers. Review of previous studies related to the online purchasing behaviour in B2C market has point out that the conceptualization and empirical validation of the online purchasing behaviour of Information and Communication Technology (ICT) literate users, or ICT professional, in Malaysia has not been clearly addressed. This paper focuses on (i) web-based factors which online buyers (ICT professional) keep in mind while shopping online; and (ii) the effect of web-based factors on online purchasing behaviour. Based on the extensive literature review, a conceptual framework of 24 items of five factors was constructed to determine web-based factors affecting online purchasing behaviour of ICT professional. Analysis of data was performed based on the 310 questionnaires, which were collected using a stratified random sampling method, from ICT undergraduate students in a public university in Malaysia. The Exploratory factor analysis performed showed that five factors affecting online purchase behaviour are Information Quality, Fulfilment/Reliability/Customer Service, Website Design, Quick and Details, and Privacy/Security. The result of Multiple Regression Analysis indicated that Information Quality, Quick and Details, and Privacy/Security affect positively online purchase behaviour. The results provide a usable model for measuring web-based factors affecting buyers' online purchase behaviour in B2C market, as well as for online shopping companies to focus on the factors that will increase customers' online purchase.

An electronically controlled automatic security access gate

Directory of Open Access Journals (Sweden)

Jonathan A. ENOKELA

2014-11-01

Full Text Available The security challenges being encountered in many places require electronic means of controlling access to communities, recreational centres, offices, and homes. The electronically controlled automated security access gate being proposed in this work helps to prevent an unwanted access to controlled environments. This is achieved mainly through the use of a Radio Frequency (RF transmitter-receiver pair. In the design a microcontroller is programmed to decode a given sequence of keys that is entered on a keypad and commands a transmitter module to send out this code as signal at a given radio frequency. Upon reception of this RF signal by the receiver module, another microcontroller activates a driver circuitry to operate the gate automatically. The codes for the microcontrollers were written in C language and were debugged and compiled using the KEIL Micro vision 4 integrated development environment. The resultant Hex files were programmed into the memories of the microcontrollers with the aid of a universal programmer. Software simulation was carried out using the Proteus Virtual System Modeling (VSM version 7.7. A scaled-down prototype of the system was built and tested. The electronically controlled automated security access gate can be useful in providing security for homes, organizations, and automobile terminals. The four-character password required to operate the gate gives the system an increased level of security. Due to its standalone nature of operation the system is cheaper to maintain in comparison with a manually operated type.

WebGimm: An integrated web-based platform for cluster analysis, functional analysis, and interactive visualization of results.

Science.gov (United States)

Joshi, Vineet K; Freudenberg, Johannes M; Hu, Zhen; Medvedovic, Mario

2011-01-17

Cluster analysis methods have been extensively researched, but the adoption of new methods is often hindered by technical barriers in their implementation and use. WebGimm is a free cluster analysis web-service, and an open source general purpose clustering web-server infrastructure designed to facilitate easy deployment of integrated cluster analysis servers based on clustering and functional annotation algorithms implemented in R. Integrated functional analyses and interactive browsing of both, clustering structure and functional annotations provides a complete analytical environment for cluster analysis and interpretation of results. The Java Web Start client-based interface is modeled after the familiar cluster/treeview packages making its use intuitive to a wide array of biomedical researchers. For biomedical researchers, WebGimm provides an avenue to access state of the art clustering procedures. For Bioinformatics methods developers, WebGimm offers a convenient avenue to deploy their newly developed clustering methods. WebGimm server, software and manuals can be freely accessed at http://ClusterAnalysis.org/.

Web services interface to EPICS channel access

Institute of Scientific and Technical Information of China (English)

DUAN Lei; SHEN Liren

2008-01-01

Web services is used in Experimental Physics and Industrial Control System (EPICS). Combined with EPICS Channel Access protocol, Web services' high usability, platform independence and language independence can be used to design a fully transparent and uniform software interface layer, which helps us complete channel data acquisition, modification and monitoring functions. This software interface layer, a cross-platform of cross-language,has good interopcrability and reusability.

Web services interface to EPICS channel access

International Nuclear Information System (INIS)

Duan Lei; Shen Liren

2008-01-01

Web services is used in Experimental Physics and Industrial Control System (EPICS). Combined with EPICS Channel Access protocol, Web services high usability, platform independence and language independence can be used to design a fully transparent and uniform software interface layer, which helps us complete channel data acquisition, modification and monitoring functions. This software interface layer, a cross-platform of cross-language, has good interoperability and reusability. (authors)

Hera-FFX: a Firefox add-on for Semi-automatic Web Accessibility Evaluation

OpenAIRE

Fuertes Castro, José Luis; González, Ricardo; Gutiérrez, Emmanuelle; Martínez Normand, Loïc

2009-01-01

Website accessibility evaluation is a complex task requiring a combination of human expertise and software support. There are several online and offline tools to support the manual web accessibility evaluation process. However, they all have some weaknesses because none of them includes all the desired features. In this paper we present Hera-FFX, an add-on for the Firefox web browser that supports semi-automatic web accessibility evaluation.

Applying Web-Based Tools for Research, Engineering, and Operations

Science.gov (United States)

Ivancic, William D.

2011-01-01

Personnel in the NASA Glenn Research Center Network and Architectures branch have performed a variety of research related to space-based sensor webs, network centric operations, security and delay tolerant networking (DTN). Quality documentation and communications, real-time monitoring and information dissemination are critical in order to perform quality research while maintaining low cost and utilizing multiple remote systems. This has been accomplished using a variety of Internet technologies often operating simultaneously. This paper describes important features of various technologies and provides a number of real-world examples of how combining Internet technologies can enable a virtual team to act efficiently as one unit to perform advanced research in operational systems. Finally, real and potential abuses of power and manipulation of information and information access is addressed.

Study of HTML Meta-Tags Utilization in Web-based Open-Access Journals

Directory of Open Access Journals (Sweden)

Pegah Pishva

2007-04-01

Full Text Available The present study investigates the extent of utilization of two meta tags – “keywords” and “descriptors” – in Web-based Open-Access Journals. A sample composed of 707 journals taken from DOAJ was used. These were analyzed on the account of utilization of the said meta tags. Findings demonstrated that these journals utilized “keywords” and “descriptors” meta-tags, 33.1% and 29.9% respectively. It was further demonstrated that among various subject classifications, “General Journals” had been the highest while “Mathematics and Statistics Journals” had the least utilization as “keywords” meta-tags. Moreover, “General Journals” and “Chemistry journals”, with 55.6% and 15.4% utilization respectively, had the highest and the lowest “descriptors” meta-tag usage rate. Based on our findings, and when compared against other similar research findings, there had been no significant growth experienced in utilization of these meta tags.

Nucleonica. Web-based software tools for simulation and analysis

International Nuclear Information System (INIS)

Magill, J.; Dreher, R.; Soti, Z.

2014-01-01

The authors present a description of the Nucleonica web-based portal for simulation and analysis for a wide range of commonly encountered nuclear science applications. Advantages of a web-based approach include availability wherever there is internet access, intuitive user-friendly interface, remote access to high-power computing resources, and continual maintenance, improvement, and addition of tools and techniques common to the nuclear science industry. A description of the nuclear data resources, and some applications is given.

Transactions Concurrency Control in Web Service Environment

DEFF Research Database (Denmark)

Alrifai, Mohammad; Dolog, Peter; Nejdl, Wolfgang

2006-01-01

an engineering point of view as it does not change the way consumers or clients of web services have to be programmed. Furthermore, it avoids direct communication between transaction coordinators which preserves security by keeping the information about business transactions restricted to the coordinators which......Business transactions in web service environments run with relaxed isolation and atomicity property. In such environments, transactions can commit and roll back independently on each other. Transaction management has to reflect this issue and address the problems which result for example from...... concurrent access to web service resources and data. In this paper we propose an extension to the WS-Transaction Protocol which ensures the consistency of the data when independent business transactions access the data concurrently under the relaxed transaction properties. Our extension is based...

An Expressive, Lightweight and Secure Construction of Key Policy Attribute-Based Cloud Data Sharing Access Control

Science.gov (United States)

Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin

2017-10-01

Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.

A Secured Cognitive Agent based Multi-strategic Intelligent Search System

Directory of Open Access Journals (Sweden)

Neha Gulati

2018-04-01

Full Text Available Search Engine (SE is the most preferred information retrieval tool ubiquitously used. In spite of vast scale involvement of users in SE’s, their limited capabilities to understand the user/searcher context and emotions places high cognitive, perceptual and learning load on the user to maintain the search momentum. In this regard, the present work discusses a Cognitive Agent (CA based approach to support the user in Web-based search process. The work suggests a framework called Secured Cognitive Agent based Multi-strategic Intelligent Search System (CAbMsISS to assist the user in search process. It helps to reduce the contextual and emotional mismatch between the SE’s and user. After implementation of the proposed framework, performance analysis shows that CAbMsISS framework improves Query Retrieval Time (QRT and effectiveness for retrieving relevant results as compared to Present Search Engine (PSE. Supplementary to this, it also provides search suggestions when user accesses a resource previously tagged with negative emotions. Overall, the goal of the system is to enhance the search experience for keeping the user motivated. The framework provides suggestions through the search log that tracks the queries searched, resources accessed and emotions experienced during the search. The implemented framework also considers user security. Keywords: BDI model, Cognitive Agent, Emotion, Information retrieval, Intelligent search, Search Engine

MODEL-BASED SECURITY ENGINEERING OF SOA SYSTEM USING SECURITY INTENT DSL

OpenAIRE

Muhammad Qaiser Saleem; Jafreezal Jaafar; Mohd Fadzil Hassan

2011-01-01

Currently most of the enterprises are using SOA and web services technologies to build their web information system. They are using MDA principles for design and development of WIS and using UML as a modelling language for business process modelling. Along with the increased connectivity in SOA environment, security risks rise exponentially. Security is not defined during the early phases of development and left onto developer. Properly configuring security requirements in SOA applications is...

Systems and Services for Real-Time Web Access to NPP Data, Phase I

Data.gov (United States)

National Aeronautics and Space Administration — Global Science & Technology, Inc. (GST) proposes to investigate information processing and delivery technologies to provide near-real-time Web-based access to...

Security Engine Management of Router based on Security Policy

OpenAIRE

Su Hyung Jo; Ki Young Kim; Sang Ho Lee

2007-01-01

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

General Practitioners' Attitudes Toward a Web-Based Mental Health Service for Adolescents: Implications for Service Design and Delivery.

Science.gov (United States)

Subotic-Kerry, Mirjana; King, Catherine; O'Moore, Kathleen; Achilles, Melinda; O'Dea, Bridianne

2018-03-23

Anxiety disorders and depression are prevalent among youth. General practitioners (GPs) are often the first point of professional contact for treating health problems in young people. A Web-based mental health service delivered in partnership with schools may facilitate increased access to psychological care among adolescents. However, for such a model to be implemented successfully, GPs' views need to be measured. This study aimed to examine the needs and attitudes of GPs toward a Web-based mental health service for adolescents, and to identify the factors that may affect the provision of this type of service and likelihood of integration. Findings will inform the content and overall service design. GPs were interviewed individually about the proposed Web-based service. Qualitative analysis of transcripts was performed using thematic coding. A short follow-up questionnaire was delivered to assess background characteristics, level of acceptability, and likelihood of integration of the Web-based mental health service. A total of 13 GPs participated in the interview and 11 completed a follow-up online questionnaire. Findings suggest strong support for the proposed Web-based mental health service. A wide range of factors were found to influence the likelihood of GPs integrating a Web-based service into their clinical practice. Coordinated collaboration with parents, students, school counselors, and other mental health care professionals were considered important by nearly all GPs. Confidence in Web-based care, noncompliance of adolescents and GPs, accessibility, privacy, and confidentiality were identified as potential barriers to adopting the proposed Web-based service. GPs were open to a proposed Web-based service for the monitoring and management of anxiety and depression in adolescents, provided that a collaborative approach to care is used, the feedback regarding the client is clear, and privacy and security provisions are assured. ©Mirjana Subotic

Incentives to Encourage Scientific Web Contribution (Invited)

Science.gov (United States)

Antunes, A. K.

2010-12-01

We suggest improvements to citation standards and creation of remuneration opportunities to encourage career scientist contributions to Web2.0 and social media science channels. At present, agencies want to accomplish better outreach and engagement with no funding, while scientists sacrifice their personal time to contribute to web and social media sites. Securing active participation by scientists requires career recognition of the value scientists provide to web knowledge bases and to the general public. One primary mechanism to encourage participation is citation standards, which let a contributor improve their reputation in a quantifiable way. But such standards must be recognized by their scientific and workplace communities. Using case studies such as the acceptance of web in the workplace and the growth of open access journals, we examine what agencies and individual can do as well as the time scales needed to secure increased active contribution by scientists. We also discuss ways to jumpstart this process.

Secure electronic commerce communication system based on CA

Science.gov (United States)

Chen, Deyun; Zhang, Junfeng; Pei, Shujun

2001-07-01

In this paper, we introduce the situation of electronic commercial security, then we analyze the working process and security for SSL protocol. At last, we propose a secure electronic commerce communication system based on CA. The system provide secure services such as encryption, integer, peer authentication and non-repudiation for application layer communication software of browser clients' and web server. The system can implement automatic allocation and united management of key through setting up the CA in the network.

Web Accessibility of the Higher Education Institute Websites Based on the World Wide Web Consortium and Section 508 of the Rehabilitation Act

Science.gov (United States)

Alam, Najma H.

2014-01-01

The problem observed in this study is the low level of compliance of higher education website accessibility with Section 508 of the Rehabilitation Act of 1973. The literature supports the non-compliance of websites with the federal policy in general. Studies were performed to analyze the accessibility of fifty-four sample web pages using automated…

J-TEXT WebScope: An efficient data access and visualization system for long pulse fusion experiment

Energy Technology Data Exchange (ETDEWEB)

Zheng, Wei, E-mail: zhenghaku@gmail.com [State Key Laboratory of Advanced Electromagnetic Engineering and Technology in Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering in Huazhong University of Science and Technology, Wuhan 430074 (China); Wan, Kuanhong; Chen, Zhi; Hu, Feiran; Liu, Qiang [State Key Laboratory of Advanced Electromagnetic Engineering and Technology in Huazhong University of Science and Technology, Wuhan 430074 (China); School of Electrical and Electronic Engineering in Huazhong University of Science and Technology, Wuhan 430074 (China)

2016-11-15

Highlights: • No matter how large the data is, the response time is always less than 500 milliseconds. • It is intelligent and just gives you the data you want. • It can be accessed directly over the Internet without installing special client software if you already have a browser. • Adopt scale and segment technology to organize data. • To support a new database for the WebScope is quite easy. • With the configuration stored in user’s profile, you have your own portable WebScope. - Abstract: Fusion research is an international collaboration work. To enable researchers across the world to visualize and analyze the experiment data, a web based data access and visualization tool is quite important [1]. Now, a new WebScope based on RIA (Rich Internet Application) is designed and implemented to meet these requirements. On the browser side, a fluent and intuitive interface is provided for researchers at J-TEXT laboratory and collaborators from all over the world to view experiment data and related metadata. The fusion experiments will feature long pulse and high sampling rate in the future. The data access and visualization system in this work has adopted segment and scale concept. Large data samples are re-sampled in different scales and then split into segments for instant response. It allows users to view extremely large data on the web browser efficiently, without worrying about the limitation on the size of the data. The HTML5 and JavaScript based web front-end can provide intuitive and fluent user experience. On the server side, a RESTful (Representational State Transfer) web API, which is based on ASP.NET MVC (Model View Controller), allows users to access the data and its metadata through HTTP (HyperText Transfer Protocol). An interface to the database has been designed to decouple the data access and visualization system from the data storage. It can be applied upon any data storage system like MDSplus or JTEXTDB, and this system is very easy to

J-TEXT WebScope: An efficient data access and visualization system for long pulse fusion experiment

International Nuclear Information System (INIS)

Zheng, Wei; Wan, Kuanhong; Chen, Zhi; Hu, Feiran; Liu, Qiang

2016-01-01

Highlights: • No matter how large the data is, the response time is always less than 500 milliseconds. • It is intelligent and just gives you the data you want. • It can be accessed directly over the Internet without installing special client software if you already have a browser. • Adopt scale and segment technology to organize data. • To support a new database for the WebScope is quite easy. • With the configuration stored in user’s profile, you have your own portable WebScope. - Abstract: Fusion research is an international collaboration work. To enable researchers across the world to visualize and analyze the experiment data, a web based data access and visualization tool is quite important [1]. Now, a new WebScope based on RIA (Rich Internet Application) is designed and implemented to meet these requirements. On the browser side, a fluent and intuitive interface is provided for researchers at J-TEXT laboratory and collaborators from all over the world to view experiment data and related metadata. The fusion experiments will feature long pulse and high sampling rate in the future. The data access and visualization system in this work has adopted segment and scale concept. Large data samples are re-sampled in different scales and then split into segments for instant response. It allows users to view extremely large data on the web browser efficiently, without worrying about the limitation on the size of the data. The HTML5 and JavaScript based web front-end can provide intuitive and fluent user experience. On the server side, a RESTful (Representational State Transfer) web API, which is based on ASP.NET MVC (Model View Controller), allows users to access the data and its metadata through HTTP (HyperText Transfer Protocol). An interface to the database has been designed to decouple the data access and visualization system from the data storage. It can be applied upon any data storage system like MDSplus or JTEXTDB, and this system is very easy to

Interactive Web-based e-learning for Studying Flexible Manipulator Systems

Directory of Open Access Journals (Sweden)

Abul K. M. Azad

2008-03-01

Full Text Available Abstract— This paper presents a web-based e-leaning facility for simulation, modeling, and control of flexible manipulator systems. The simulation and modeling part includes finite difference and finite element simulations along with neural network and genetic algorithm based modeling strategies for flexible manipulator systems. The controller part constitutes a number of open-loop and closed-loop designs. Closed loop control designs include the classical, adaptive, and neuro-model based strategies. Matlab software package and its associated toolboxes are used to implement these. The Matlab web server is used as the gateway between the facility and web-access. ASP.NET technology and SQL database are utilized to develop web applications for access control, user account and password maintenance, administrative management, and facility utilization monitoring. The reported facility provides a flexible but effective approach of web-based interactive e-learning facility of an engineering system. This can be extended to incorporate additional engineering systems within the e-learning framework.

Single-centre experience with Renal PatientView, a web-based system that provides patients with access to their laboratory results.

Science.gov (United States)

Woywodt, Alexander; Vythelingum, Kervina; Rayner, Scott; Anderton, John; Ahmed, Aimun

2014-10-01

Renal PatientView (RPV) is a novel, web-based system in the UK that provides patients with access to their laboratory results, in conjunction with patient information. To study how renal patients within our centre access and use RPV. We sent out questionnaires in December 2011 to all 651 RPV users under our care. We collected information on aspects such as the frequency and timing of RPV usage, the parameters viewed by users, and the impact of RPV on their care. A total of 295 (45 %) questionnaires were returned. The predominant users of RPV were transplant patients (42 %) followed by pre-dialysis chronic kidney disease patients (37 %). Forty-two percent of RPV users accessed their results after their clinic appointments, 38 % prior to visiting the clinic. The majority of patients (76 %) had used the system to discuss treatment with their renal physician, while 20 % of patients gave permission to other members of their family to use RPV to monitor results on their behalf. Most users (78 %) reported accessing RPV on average 1-5 times/month. Most patients used RPV to monitor their kidney function, 81 % to check creatinine levels, 57 % to check potassium results. Ninety-two percent of patients found RPV easy to use and 93 % felt that overall the system helps them in taking care of their condition; 53 % of patients reported high satisfaction with RPV. Our results provide interesting insight into use of a system that gives patients web-based access to laboratory results. The fact that 20 % of patients delegate access to relatives also warrants further study. We propose that online access to laboratory results should be offered to all renal patients, although clinicians need to be mindful of the 'digital divide', i.e. part of the population that is not amenable to IT-based strategies for patient empowerment.

Ontology-Based Information Visualization: Toward Semantic Web Applications

NARCIS (Netherlands)

Fluit, Christiaan; Sabou, Marta; Harmelen, Frank van

2006-01-01

The Semantic Web is an extension of the current World Wide Web, based on the idea of exchanging information with explicit, formal, and machine-accessible descriptions of meaning. Providing information with such semantics will enable the construction of applications that have an increased awareness

A Web-based telemedicine system for diabetic retinopathy screening using digital fundus photography.

Science.gov (United States)

Wei, Jack C; Valentino, Daniel J; Bell, Douglas S; Baker, Richard S

2006-02-01

The purpose was to design and implement a Web-based telemedicine system for diabetic retinopathy screening using digital fundus cameras and to make the software publicly available through Open Source release. The process of retinal imaging and case reviewing was modeled to optimize workflow and implement use of computer system. The Web-based system was built on Java Servlet and Java Server Pages (JSP) technologies. Apache Tomcat was chosen as the JSP engine, while MySQL was used as the main database and Laboratory of Neuro Imaging (LONI) Image Storage Architecture, from the LONI-UCLA, as the platform for image storage. For security, all data transmissions were carried over encrypted Internet connections such as Secure Socket Layer (SSL) and HyperText Transfer Protocol over SSL (HTTPS). User logins were required and access to patient data was logged for auditing. The system was deployed at Hubert H. Humphrey Comprehensive Health Center and Martin Luther King/Drew Medical Center of Los Angeles County Department of Health Services. Within 4 months, 1500 images of more than 650 patients were taken at Humphrey's Eye Clinic and successfully transferred to King/Drew's Department of Ophthalmology. This study demonstrates an effective architecture for remote diabetic retinopathy screening.

Computer access security code system

Science.gov (United States)

Collins, Earl R., Jr. (Inventor)

1990-01-01

A security code system for controlling access to computer and computer-controlled entry situations comprises a plurality of subsets of alpha-numeric characters disposed in random order in matrices of at least two dimensions forming theoretical rectangles, cubes, etc., such that when access is desired, at least one pair of previously unused character subsets not found in the same row or column of the matrix is chosen at random and transmitted by the computer. The proper response to gain access is transmittal of subsets which complete the rectangle, and/or a parallelepiped whose opposite corners were defined by first groups of code. Once used, subsets are not used again to absolutely defeat unauthorized access by eavesdropping, and the like.

Information System Security: Army Web Site Administration, Policies, and Practices

National Research Council Canada - National Science Library

2002-01-01

.... The Policy requires heads of DoD Components to establish a process to identify appropriate information for posting to Web sites and to review all information placed on publicly accessible Web sites...

PKI-based secure mobile access to electronic health services and data.

Science.gov (United States)

Kambourakis, G; Maglogiannis, I; Rouskas, A

2005-01-01

Recent research works examine the potential employment of public-key cryptography schemes in e-health environments. In such systems, where a Public Key Infrastructure (PKI) is established beforehand, Attribute Certificates (ACs) and public key enabled protocols like TLS, can provide the appropriate mechanisms to effectively support authentication, authorization and confidentiality services. In other words, mutual trust and secure communications between all the stakeholders, namely physicians, patients and e-health service providers, can be successfully established and maintained. Furthermore, as the recently introduced mobile devices with access to computer-based patient record systems are expanding, the need of physicians and nurses to interact increasingly with such systems arises. Considering public key infrastructure requirements for mobile online health networks, this paper discusses the potential use of Attribute Certificates (ACs) in an anticipated trust model. Typical trust interactions among doctors, patients and e-health providers are presented, indicating that resourceful security mechanisms and trust control can be obtained and implemented. The application of attribute certificates to support medical mobile service provision along with the utilization of the de-facto TLS protocol to offer competent confidentiality and authorization services is also presented and evaluated through experimentation, using both the 802.11 WLAN and General Packet Radio Service (GPRS) networks.

WebViz:A Web-based Collaborative Interactive Visualization System for large-Scale Data Sets

Science.gov (United States)

Yuen, D. A.; McArthur, E.; Weiss, R. M.; Zhou, J.; Yao, B.

2010-12-01

WebViz is a web-based application designed to conduct collaborative, interactive visualizations of large data sets for multiple users, allowing researchers situated all over the world to utilize the visualization services offered by the University of Minnesota’s Laboratory for Computational Sciences and Engineering (LCSE). This ongoing project has been built upon over the last 3 1/2 years .The motivation behind WebViz lies primarily with the need to parse through an increasing amount of data produced by the scientific community as a result of larger and faster multicore and massively parallel computers coming to the market, including the use of general purpose GPU computing. WebViz allows these large data sets to be visualized online by anyone with an account. The application allows users to save time and resources by visualizing data ‘on the fly’, wherever he or she may be located. By leveraging AJAX via the Google Web Toolkit (http://code.google.com/webtoolkit/), we are able to provide users with a remote, web portal to LCSE's (http://www.lcse.umn.edu) large-scale interactive visualization system already in place at the University of Minnesota. LCSE’s custom hierarchical volume rendering software provides high resolution visualizations on the order of 15 million pixels and has been employed for visualizing data primarily from simulations in astrophysics to geophysical fluid dynamics . In the current version of WebViz, we have implemented a highly extensible back-end framework built around HTTP "server push" technology. The web application is accessible via a variety of devices including netbooks, iPhones, and other web and javascript-enabled cell phones. Features in the current version include the ability for users to (1) securely login (2) launch multiple visualizations (3) conduct collaborative visualization sessions (4) delegate control aspects of a visualization to others and (5) engage in collaborative chats with other users within the user interface

SIDECACHE: Information access, management and dissemination framework for web services.

Science.gov (United States)

Doderer, Mark S; Burkhardt, Cory; Robbins, Kay A

2011-06-14

Many bioinformatics algorithms and data sets are deployed using web services so that the results can be explored via the Internet and easily integrated into other tools and services. These services often include data from other sites that is accessed either dynamically or through file downloads. Developers of these services face several problems because of the dynamic nature of the information from the upstream services. Many publicly available repositories of bioinformatics data frequently update their information. When such an update occurs, the developers of the downstream service may also need to update. For file downloads, this process is typically performed manually followed by web service restart. Requests for information obtained by dynamic access of upstream sources is sometimes subject to rate restrictions. SideCache provides a framework for deploying web services that integrate information extracted from other databases and from web sources that are periodically updated. This situation occurs frequently in biotechnology where new information is being continuously generated and the latest information is important. SideCache provides several types of services including proxy access and rate control, local caching, and automatic web service updating. We have used the SideCache framework to automate the deployment and updating of a number of bioinformatics web services and tools that extract information from remote primary sources such as NCBI, NCIBI, and Ensembl. The SideCache framework also has been used to share research results through the use of a SideCache derived web service.

Becoming a web-based learner: registered nurses' experiences.

Science.gov (United States)

Atack, Lynda

2003-11-01

The purpose of the study was to describe Registered Nurses' experiences when taking a web-based course from either the workplace or home, and the impact of their learning on clinical practice. Little is known about the web-based learners' experience, particularly when courses are accessed from the nursing practice setting. Even less is known about whether nurses transfer their web-based learning to clinical practice. A qualitative design employing focus group interviews was used. Participants included hospital and community nurses from three Canadian provinces and one territory. Data were collected at three points over a 6-month period and analysed using a thematic analysis process. These findings emanate from a larger study using survey method and focus group interviews. The focus group interviews captured the hurdles nurses faced during the first weeks when they struggled with technology, re-framed their views of teaching and adjusted to web-based learning from home and work. These first stressful weeks were followed by a period during which nurses developed relationships with the teacher and peers that enabled them to focus on learning and prevented attrition. Most nurses reported the web course was convenient and that they would be interested and comfortable using technology for learning and work purposes in the future. Six weeks after the course was completed, nurses articulated a number of ways the course had improved their practice. Initial weeks in a web-based course can be very challenging for novice Internet users, however, most nurses who completed the course reported a positive learning experience. Nurses, employers and educators should evaluate computer skills, computer access and the learning environment when preparing for web-based learning.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium.

Science.gov (United States)

Somasundaram, M; Sivakumar, R

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security.

Game Theory Based Security in Wireless Body Area Network with Stackelberg Security Equilibrium

Science.gov (United States)

Somasundaram, M.; Sivakumar, R.

2015-01-01

Wireless Body Area Network (WBAN) is effectively used in healthcare to increase the value of the patient's life and also the value of healthcare services. The biosensor based approach in medical care system makes it difficult to respond to the patients with minimal response time. The medical care unit does not deploy the accessing of ubiquitous broadband connections full time and hence the level of security will not be high always. The security issue also arises in monitoring the user body function records. Most of the systems on the Wireless Body Area Network are not effective in facing the security deployment issues. To access the patient's information with higher security on WBAN, Game Theory with Stackelberg Security Equilibrium (GTSSE) is proposed in this paper. GTSSE mechanism takes all the players into account. The patients are monitored by placing the power position authority initially. The position authority in GTSSE is the organizer and all the other players react to the organizer decision. Based on our proposed approach, experiment has been conducted on factors such as security ratio based on patient's health information, system flexibility level, energy consumption rate, and information loss rate. Stackelberg Security considerably improves the strength of solution with higher security. PMID:26759829

Secure wide area network access to CMS analysis data using the Lustre filesystem

Science.gov (United States)

Bourilkov, D.; Avery, P.; Cheng, M.; Fu, Y.; Kim, B.; Palencia, J.; Budden, R.; Benninger, K.; Rodriquez, J. L.; Dilascio, J.; Dykstra, D.; Seenu, N.

2012-12-01

This paper reports the design and implementation of a secure, wide area network (WAN), distributed filesystem by the ExTENCI project (Extending Science Through Enhanced National CyberInfrastructure), based on the Lustre filesystem. The system is used for remote access to analysis data from the Compact Muon Solenoid (CMS) experiment at the Large Hadron Collider (LHC), and from the Lattice Quantum ChromoDynamics (LQCD) project. Security is provided by Kerberos authentication and authorization with additional fine grained control based on Lustre ACLs (Access Control List) and quotas. We investigate the impact of using various Kerberos security flavors on the I/O rates of CMS applications on client nodes reading and writing data to the Lustre filesystem, and on LQCD benchmarks. The clients can be real or virtual nodes. We are investigating additional options for user authentication based on user certificates.

Secure wide area network access to CMS analysis data using the Lustre filesystem

International Nuclear Information System (INIS)

Bourilkov, D; Avery, P; Cheng, M; Fu, Y; Kim, B; Palencia, J; Budden, R; Benninger, K; Rodriquez, J L; Dilascio, J; Dykstra, D; Seenu, N

2012-01-01

This paper reports the design and implementation of a secure, wide area network (WAN), distributed filesystem by the ExTENCI project (Extending Science Through Enhanced National CyberInfrastructure), based on the Lustre filesystem. The system is used for remote access to analysis data from the Compact Muon Solenoid (CMS) experiment at the Large Hadron Collider (LHC), and from the Lattice Quantum ChromoDynamics (LQCD) project. Security is provided by Kerberos authentication and authorization with additional fine grained control based on Lustre ACLs (Access Control List) and quotas. We investigate the impact of using various Kerberos security flavors on the I/O rates of CMS applications on client nodes reading and writing data to the Lustre filesystem, and on LQCD benchmarks. The clients can be real or virtual nodes. We are investigating additional options for user authentication based on user certificates.

AN INTERACTIVE WEB-BASED ANALYSIS FRAMEWORK FOR REMOTE SENSING CLOUD COMPUTING

Directory of Open Access Journals (Sweden)

X. Z. Wang

2015-07-01

Full Text Available Spatiotemporal data, especially remote sensing data, are widely used in ecological, geographical, agriculture, and military research and applications. With the development of remote sensing technology, more and more remote sensing data are accumulated and stored in the cloud. An effective way for cloud users to access and analyse these massive spatiotemporal data in the web clients becomes an urgent issue. In this paper, we proposed a new scalable, interactive and web-based cloud computing solution for massive remote sensing data analysis. We build a spatiotemporal analysis platform to provide the end-user with a safe and convenient way to access massive remote sensing data stored in the cloud. The lightweight cloud storage system used to store public data and users’ private data is constructed based on open source distributed file system. In it, massive remote sensing data are stored as public data, while the intermediate and input data are stored as private data. The elastic, scalable, and flexible cloud computing environment is built using Docker, which is a technology of open-source lightweight cloud computing container in the Linux operating system. In the Docker container, open-source software such as IPython, NumPy, GDAL, and Grass GIS etc., are deployed. Users can write scripts in the IPython Notebook web page through the web browser to process data, and the scripts will be submitted to IPython kernel to be executed. By comparing the performance of remote sensing data analysis tasks executed in Docker container, KVM virtual machines and physical machines respectively, we can conclude that the cloud computing environment built by Docker makes the greatest use of the host system resources, and can handle more concurrent spatial-temporal computing tasks. Docker technology provides resource isolation mechanism in aspects of IO, CPU, and memory etc., which offers security guarantee when processing remote sensing data in the IPython Notebook

An Interactive Web-Based Analysis Framework for Remote Sensing Cloud Computing

Science.gov (United States)

Wang, X. Z.; Zhang, H. M.; Zhao, J. H.; Lin, Q. H.; Zhou, Y. C.; Li, J. H.

2015-07-01

Spatiotemporal data, especially remote sensing data, are widely used in ecological, geographical, agriculture, and military research and applications. With the development of remote sensing technology, more and more remote sensing data are accumulated and stored in the cloud. An effective way for cloud users to access and analyse these massive spatiotemporal data in the web clients becomes an urgent issue. In this paper, we proposed a new scalable, interactive and web-based cloud computing solution for massive remote sensing data analysis. We build a spatiotemporal analysis platform to provide the end-user with a safe and convenient way to access massive remote sensing data stored in the cloud. The lightweight cloud storage system used to store public data and users' private data is constructed based on open source distributed file system. In it, massive remote sensing data are stored as public data, while the intermediate and input data are stored as private data. The elastic, scalable, and flexible cloud computing environment is built using Docker, which is a technology of open-source lightweight cloud computing container in the Linux operating system. In the Docker container, open-source software such as IPython, NumPy, GDAL, and Grass GIS etc., are deployed. Users can write scripts in the IPython Notebook web page through the web browser to process data, and the scripts will be submitted to IPython kernel to be executed. By comparing the performance of remote sensing data analysis tasks executed in Docker container, KVM virtual machines and physical machines respectively, we can conclude that the cloud computing environment built by Docker makes the greatest use of the host system resources, and can handle more concurrent spatial-temporal computing tasks. Docker technology provides resource isolation mechanism in aspects of IO, CPU, and memory etc., which offers security guarantee when processing remote sensing data in the IPython Notebook. Users can write

Deep iCrawl: An Intelligent Vision-Based Deep Web Crawler

OpenAIRE

R.Anita; V.Ganga Bharani; N.Nityanandam; Pradeep Kumar Sahoo

2011-01-01

The explosive growth of World Wide Web has posed a challenging problem in extracting relevant data. Traditional web crawlers focus only on the surface web while the deep web keeps expanding behind the scene. Deep web pages are created dynamically as a result of queries posed to specific web databases. The structure of the deep web pages makes it impossible for traditional web crawlers to access deep web contents. This paper, Deep iCrawl, gives a novel and vision-based app...

Guidelines for Making Web Content Accessible to All Users

Science.gov (United States)

Thompson, Terrill; Primlani, Saroj; Fiedor, Lisa

2009-01-01

The main goal of accessibility standards and guidelines is to design websites everyone can use. The "IT Accessibility Constituent Group" developed this set of draft guidelines to help EQ authors, reviewers, and staff and the larger EDUCAUSE community ensure that web content is accessible to all users, including those with disabilities. This…

Detection of the Security Vulnerabilities in Web Applications

Directory of Open Access Journals (Sweden)

2009-01-01

Full Text Available The contemporary organizations develop business processes in a very complex environment. The IT&C technologies are used by organizations to improve their competitive advantages. But, the IT&C technologies are not perfect. They are developed in an iterative process and their quality is the result of the lifecycle activities. The audit and evaluation processes are required by the increased complexity of the business processes supported by IT&C technologies. In order to organize and develop a high-quality audit process, the evaluation team must analyze the risks, threats and vulnerabilities of the information system. The paper highlights the security vulnerabilities in web applications and the processes of their detection. The web applications are used as IT&C tools to support the distributed information processes. They are a major component of the distributed information systems. The audit and evaluation processes are carried out in accordance with the international standards developed for information system security assurance.

Procedures can be learned on the Web: a randomized study of ultrasound-guided vascular access training.

Science.gov (United States)

Chenkin, Jordan; Lee, Shirley; Huynh, Thien; Bandiera, Glen

2008-10-01

Web-based learning has several potential advantages over lectures, such as anytime-anywhere access, rich multimedia, and nonlinear navigation. While known to be an effective method for learning facts, few studies have examined the effectiveness of Web-based formats for learning procedural skills. The authors sought to determine whether a Web-based tutorial is at least as effective as a didactic lecture for learning ultrasound-guided vascular access (UGVA). Participating staff emergency physicians (EPs) and junior emergency medicine (EM) residents with no UGVA experience completed a precourse test and were randomized to either a Web-based or a didactic group. The Web-based group was instructed to use an online tutorial and the didactic group attended a lecture. Participants then practiced on simulators and live models without any further instruction. Following a rest period, participants completed a four-station objective structured clinical examination (OSCE), a written examination, and a postcourse questionnaire. Examination results were compared using a noninferiority data analysis with a 10% margin of difference. Twenty-one residents and EPs participated in the study. There were no significant differences in mean OSCE scores (absolute difference = -2.8%; 95% confidence interval [CI] = -9.3% to 3.8%) or written test scores (absolute difference = -1.4%; 95% CI = -7.8% to 5.0%) between the Web group and the didactic group. Both groups demonstrated similar improvements in written test scores (26.1% vs. 25.8%; p = 0.95). Ninety-one percent (10/11) of the Web group and 80% (8/10) of the didactic group participants found the teaching format to be effective (p = 0.59). Our Web-based tutorial was at least as effective as a traditional didactic lecture for teaching the knowledge and skills essential for UGVA. Participants expressed high satisfaction with this teaching technology. Web-based teaching may be a useful alternative to didactic teaching for learning procedural

EnviroAtlas - Accessibility Characteristics in the Conterminous U.S. Web Service

Data.gov (United States)

U.S. Environmental Protection Agency — This EnviroAtlas web service includes maps that illustrate factors affecting transit accessibility, and indicators of accessibility. Accessibility measures how...

Checking an integrated model of web accessibility and usability evaluation for disabled people.

Science.gov (United States)

Federici, Stefano; Micangeli, Andrea; Ruspantini, Irene; Borgianni, Stefano; Corradi, Fabrizio; Pasqualotto, Emanuele; Olivetti Belardinelli, Marta

2005-07-08

A combined objective-oriented and subjective-oriented method for evaluating accessibility and usability of web pages for students with disability was tested. The objective-oriented approach is devoted to verifying the conformity of interfaces to standard rules stated by national and international organizations responsible for web technology standardization, such as W3C. Conversely, the subjective-oriented approach allows assessing how the final users interact with the artificial system, accessing levels of user satisfaction based on personal factors and environmental barriers. Five kinds of measurements were applied as objective-oriented and subjective-oriented tests. Objective-oriented evaluations were performed on the Help Desk web page for students with disability, included in the website of a large Italian state university. Subjective-oriented tests were administered to 19 students labeled as disabled on the basis of their own declaration at the University enrolment: 13 students were tested by means of the SUMI test and six students by means of the 'Cooperative evaluation'. Objective-oriented and subjective-oriented methods highlighted different and sometimes conflicting results. Both methods have pointed out much more consistency regarding levels of accessibility than of usability. Since usability is largely affected by individual differences in user's own (dis)abilities, subjective-oriented measures underscored the fact that blind students encountered much more web surfing difficulties.

A Web-Based Rice Plant Expert System Using Rule-Based Reasoning

Directory of Open Access Journals (Sweden)

Anton Setiawan Honggowibowo

2009-12-01

Full Text Available Rice plants can be attacked by various kinds of diseases which are possible to be determined from their symptoms. However, it is to recognize that to find out the exact type of disease, an agricultural expert’s opinion is needed, meanwhile the numbers of agricultural experts are limited and there are too many problems to be solved at the same time. This makes a system with a capability as an expert is required. This system must contain the knowledge of the diseases and symptom of rice plants as an agricultural expert has to have. This research designs a web-based expert system using rule-based reasoning. The rule are modified from the method of forward chaining inference and backward chaining in order to to help farmers in the rice plant disease diagnosis. The web-based rice plants disease diagnosis expert system has the advantages to access and use easily. With web-based features inside, it is expected that the farmer can accesse the expert system everywhere to overcome the problem to diagnose rice diseases.

36 CFR 1256.70 - What controls access to national security-classified information?

Science.gov (United States)

2010-07-01

... national security-classified information? 1256.70 Section 1256.70 Parks, Forests, and Public Property... HISTORICAL MATERIALS Access to Materials Containing National Security-Classified Information § 1256.70 What controls access to national security-classified information? (a) The declassification of and public access...

Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

Directory of Open Access Journals (Sweden)

Donald A. Cecil

2016-01-01

Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

Knowledge-based personalized search engine for the Web-based Human Musculoskeletal System Resources (HMSR) in biomechanics.

Science.gov (United States)

Dao, Tien Tuan; Hoang, Tuan Nha; Ta, Xuan Hien; Tho, Marie Christine Ho Ba

2013-02-01

Human musculoskeletal system resources of the human body are valuable for the learning and medical purposes. Internet-based information from conventional search engines such as Google or Yahoo cannot response to the need of useful, accurate, reliable and good-quality human musculoskeletal resources related to medical processes, pathological knowledge and practical expertise. In this present work, an advanced knowledge-based personalized search engine was developed. Our search engine was based on a client-server multi-layer multi-agent architecture and the principle of semantic web services to acquire dynamically accurate and reliable HMSR information by a semantic processing and visualization approach. A security-enhanced mechanism was applied to protect the medical information. A multi-agent crawler was implemented to develop a content-based database of HMSR information. A new semantic-based PageRank score with related mathematical formulas were also defined and implemented. As the results, semantic web service descriptions were presented in OWL, WSDL and OWL-S formats. Operational scenarios with related web-based interfaces for personal computers and mobile devices were presented and analyzed. Functional comparison between our knowledge-based search engine, a conventional search engine and a semantic search engine showed the originality and the robustness of our knowledge-based personalized search engine. In fact, our knowledge-based personalized search engine allows different users such as orthopedic patient and experts or healthcare system managers or medical students to access remotely into useful, accurate, reliable and good-quality HMSR information for their learning and medical purposes. Copyright © 2012 Elsevier Inc. All rights reserved.

MDWeb and MDMoby: an integrated web-based platform for molecular dynamics simulations.

Science.gov (United States)

Hospital, Adam; Andrio, Pau; Fenollosa, Carles; Cicin-Sain, Damjan; Orozco, Modesto; Gelpí, Josep Lluís

2012-05-01

MDWeb and MDMoby constitute a web-based platform to help access to molecular dynamics (MD) in the standard and high-throughput regime. The platform provides tools to prepare systems from PDB structures mimicking the procedures followed by human experts. It provides inputs and can send simulations for three of the most popular MD packages (Amber, NAMD and Gromacs). Tools for analysis of trajectories, either provided by the user or retrieved from our MoDEL database (http://mmb.pcb.ub.es/MoDEL) are also incorporated. The platform has two ways of access, a set of web-services based on the BioMoby framework (MDMoby), programmatically accessible and a web portal (MDWeb). http://mmb.irbbarcelona.org/MDWeb; additional information and methodology details can be found at the web site ( http://mmb.irbbarcelona.org/MDWeb/help.php)

Guide on Project Web Access of SFR R and D and Technology Monitoring System

International Nuclear Information System (INIS)

Lee, Dong Uk; Won, Byung Chool; Lee, Yong Bum; Kim, Young In; Hahn, Do Hee

2008-09-01

The SFR R and D and technology monitoring system based on the MS enterprise project management is developed for systematic effective management of 'Development of Basic Key Technologies for Gen IV SFR' project which was performed under the Mid- and Long-term Nuclear R and D Program sponsored by the Ministry of Education, Science and Technology. This system is a tool for project management based on web access. Therefore this manual is a detailed guide for Project Web Access(PWA). Section 1 describes the common guide for using of system functions such as project server 2007 client connection setting, additional outlook function setting etc. The section 2 describes the guide for system administrator. It is described the guide for project management in section 3, 4

Guide on Project Web Access of SFR R and D and Technology Monitoring System

Energy Technology Data Exchange (ETDEWEB)

Lee, Dong Uk; Won, Byung Chool; Lee, Yong Bum; Kim, Young In; Hahn, Do Hee

2008-09-15

The SFR R and D and technology monitoring system based on the MS enterprise project management is developed for systematic effective management of 'Development of Basic Key Technologies for Gen IV SFR' project which was performed under the Mid- and Long-term Nuclear R and D Program sponsored by the Ministry of Education, Science and Technology. This system is a tool for project management based on web access. Therefore this manual is a detailed guide for Project Web Access(PWA). Section 1 describes the common guide for using of system functions such as project server 2007 client connection setting, additional outlook function setting etc. The section 2 describes the guide for system administrator. It is described the guide for project management in section 3, 4.

Android Based Area Web Monitoring

Science.gov (United States)

Kanigoro, Bayu; Galih Salman, Afan; Moniaga, Jurike V.; Chandra, Eric; Rezky Chandra, Zein

2014-03-01

The research objective is to develop an application that can be used in the monitoring of an area by using a webcam. It aims to create a sense of security on the user's application because it can monitor an area using mobile phone anywhere. The results obtained in this study is to create an area with a webcam monitoring application that can be accessed anywhere as long as the monitoring results have internet access and can also be accessed through Android Based Mobile Phone.

Android Based Area Web Monitoring

Directory of Open Access Journals (Sweden)

Kanigoro Bayu

2014-03-01

Full Text Available The research objective is to develop an application that can be used in the monitoring of an area by using a webcam. It aims to create a sense of security on the user's application because it can monitor an area using mobile phone anywhere. The results obtained in this study is to create an area with a webcam monitoring application that can be accessed anywhere as long as the monitoring results have internet access and can also be accessed through Android Based Mobile Phone.

How to Use Web 2.0 and Social Networking Sites Securely

CERN Document Server

Team, ITG Research

2009-01-01

Given the widespread use of Web 2.0 technologies and their impact in terms of the number and types of incidents and the cost of them, controlling Web 2.0 risks needs to be a high priority for all organisations. This pocket guide provides recommendations for organisations that will help them ensure that their employees are using Web 2.0 sites in a secure manner, and that their personal and confidential corporate data is protected.

Access Contested: Security, Identity, and Resistance in Asian ...

International Development Research Centre (IDRC) Digital Library (Canada)

2011-09-30

Sep 30, 2011 ... Book cover Access Contested: Security, Identity, and Resistance in Asian ... examines the interplay of national security, social and ethnic identity, and ... Burmese media, and distributed-denial-of-service attacks and other ...

Compression-based aggregation model for medical web services.

Science.gov (United States)

Al-Shammary, Dhiah; Khalil, Ibrahim

2010-01-01

Many organizations such as hospitals have adopted Cloud Web services in applying their network services to avoid investing heavily computing infrastructure. SOAP (Simple Object Access Protocol) is the basic communication protocol of Cloud Web services that is XML based protocol. Generally,Web services often suffer congestions and bottlenecks as a result of the high network traffic that is caused by the large XML overhead size. At the same time, the massive load on Cloud Web services in terms of the large demand of client requests has resulted in the same problem. In this paper, two XML-aware aggregation techniques that are based on exploiting the compression concepts are proposed in order to aggregate the medical Web messages and achieve higher message size reduction.

The Web Application Hacker's Handbook Finding and Exploiting Security Flaws

CERN Document Server

Stuttard, Dafydd

2011-01-01

The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack technique

mORCA: ubiquitous access to life science web services.

Science.gov (United States)

Diaz-Del-Pino, Sergio; Trelles, Oswaldo; Falgueras, Juan

2018-01-16

Technical advances in mobile devices such as smartphones and tablets have produced an extraordinary increase in their use around the world and have become part of our daily lives. The possibility of carrying these devices in a pocket, particularly mobile phones, has enabled ubiquitous access to Internet resources. Furthermore, in the life sciences world there has been a vast proliferation of data types and services that finish as Web Services. This suggests the need for research into mobile clients to deal with life sciences applications for effective usage and exploitation. Analysing the current features in existing bioinformatics applications managing Web Services, we have devised, implemented, and deployed an easy-to-use web-based lightweight mobile client. This client is able to browse, select, compose parameters, invoke, and monitor the execution of Web Services stored in catalogues or central repositories. The client is also able to deal with huge amounts of data between external storage mounts. In addition, we also present a validation use case, which illustrates the usage of the application while executing, monitoring, and exploring the results of a registered workflow. The software its available in the Apple Store and Android Market and the source code is publicly available in Github. Mobile devices are becoming increasingly important in the scientific world due to their strong potential impact on scientific applications. Bioinformatics should not fall behind this trend. We present an original software client that deals with the intrinsic limitations of such devices and propose different guidelines to provide location-independent access to computational resources in bioinformatics and biomedicine. Its modular design makes it easily expandable with the inclusion of new repositories, tools, types of visualization, etc.

Legal, privacy, security, access and regulatory issues in cloud computing

CSIR Research Space (South Africa)

Dlodlo, N

2011-04-01

Full Text Available a gap on reporting are on are legal , privacy, security, access and regulatory issues. This paper raises an awareness of legal, privacy, security, access and regulatory issues that are associated with the advent of cloud computing. An in...

Web-Based Activity Within a Sexual Health Economy: Observational Study.

Science.gov (United States)

Turner, Katy Me; Zienkiewicz, Adam K; Syred, Jonathan; Looker, Katharine J; de Sa, Joia; Brady, Michael; Free, Caroline; Holdsworth, Gillian; Baraitser, Paula

2018-03-07

Regular testing for sexually transmitted infections (STIs) is important to maintain sexual health. Self-sampling kits ordered online and delivered in the post may increase access, convenience, and cost-effectiveness. Sexual health economies may target limited resources more effectively by signposting users toward Web-based or face-to-face services according to clinical need. The aim of this paper was to investigate the impact of two interventions on testing activity across a whole sexual health economy: (1) the introduction of open access Web-based STI testing services and (2) a clinic policy of triage and signpost online where users without symptoms who attended clinics for STI testing were supported to access the Web-based service instead. Data on attendances at all specialist public sexual health providers in an inner-London area were collated into a single database. Each record included information on user demographics, service type accessed, and clinical activity provided, including test results. Clinical activity was categorized as a simple STI test (could be done in a clinic or online), a complex visit (requiring face-to-face consultation), or other. Introduction of Web-based services increased total testing activity across the whole sexual health economy by 18.47% (from 36,373 to 43,091 in the same 6-month period-2014-2015 and 2015-2016), suggesting unmet need for testing in the area. Triage and signposting shifted activity out of the clinic onto the Web-based service, with simple STI testing in the clinic decreasing from 16.90% (920/5443) to 12.25% (511/4172) of total activity, P<.001, and complex activity in the clinic increasing from 69.15% (3764/5443) to 74.86% (3123/4172) of total activity, P<.001. This intervention created a new population of online users with different demographic and clinical profiles from those who use Web-based services spontaneously. Some triage and signposted users (29.62%, 375/1266) did not complete the Web-based testing

SWS: accessing SRS sites contents through Web Services

OpenAIRE

Romano, Paolo; Marra, Domenico

2008-01-01

Background Web Services and Workflow Management Systems can support creation and deployment of network systems, able to automate data analysis and retrieval processes in biomedical research. Web Services have been implemented at bioinformatics centres and workflow systems have been proposed for biological data analysis. New databanks are often developed by taking into account these technologies, but many existing databases do not allow a programmatic access. Only a fraction of available datab...

An implementation of a security infrastructure compliant with the Italian Personal Data Protection Code in a web-based cooperative work system.

Science.gov (United States)

Eccher, Claudio; Eccher, Lorenzo; Izzo, Umberto

2005-01-01

In this poster we describe the security solutions implemented in a web-based cooperative work frame-work for managing heart failure patients among different health care professionals involved in the care process. The solution, developed in close collaboration with the Law Department of the University of Trento, is compliant with the new Italian Personal Data Protection Code, issued in 2003, that regulates also the storing and processing of health data.

A World Wide Web Region-Based Image Search Engine

DEFF Research Database (Denmark)

Kompatsiaris, Ioannis; Triantafyllou, Evangelia; Strintzis, Michael G.

2001-01-01

In this paper the development of an intelligent image content-based search engine for the World Wide Web is presented. This system will offer a new form of media representation and access of content available in WWW. Information Web Crawlers continuously traverse the Internet and collect images...

The quality and accessibility of Australian depression sites on the World Wide Web.

Science.gov (United States)

Griffiths, Kathleen M; Christensen, Helen

2002-05-20

To provide information about Australian depression sites and the quality of their content; to identify possible indicators of the quality of site content; and determine the accessibility of Australian depression web sites. Cross-sectional survey of 15 Australian depression web sites. (i) Quality of treatment content (concordance of site information with evidence-based guidelines, number of evidence-based treatments recommended, discussion of other relevant issues, subjective rating of treatment content); (ii) potential quality indicators (conformity with DISCERN criteria, citation of scientific evidence); (iii) accessibility (search engine rank). Mean content quality scores were not high and site accessibility was poor. There was a consistent association between the quality-of-content measures and the DISCERN and scientific accountability scores. Search engine rank was not associated with content quality. The quality of information about depression on Australian websites could be improved. DISCERN may be a useful indicator of website quality, as may scientific accountability. The sites that received the highest quality-of-content ratings were beyondblue, BluePages, CRUfAD and InfraPsych.

The value of Web-based library services at Cedars-Sinai Health System.

Science.gov (United States)

Halub, L P

1999-07-01

Cedars-Sinai Medical Library/Information Center has maintained Web-based services since 1995 on the Cedars-Sinai Health System network. In that time, the librarians have found the provision of Web-based services to be a very worthwhile endeavor. Library users value the services that they access from their desktops because the services save time. They also appreciate being able to access services at their convenience, without restriction by the library's hours of operation. The library values its Web site because it brings increased visibility within the health system, and it enables library staff to expand services when budget restrictions have forced reduced hours of operation. In creating and maintaining the information center Web site, the librarians have learned the following lessons: consider the design carefully; offer what services you can, but weigh the advantages of providing the services against the time required to maintain them; make the content as accessible as possible; promote your Web site; and make friends in other departments, especially information services.

Status and determinants of small farming households' food security and role of market access in enhancing food security in rural Pakistan.

Directory of Open Access Journals (Sweden)

Umar Ijaz Ahmed

Full Text Available In most of the developing countries, lack of resources and little market accessibility are among the major factors that affect small farming household food security. This study aims to investigate the status of small farming households' food security, and its determinants including the role of market accessibility factors in enhancing food security at household level. In addition, this study also determines the households' perception about different kinds of livelihoods risks. This study is based on a household survey of 576 households conducted through face-to-face interviews using structured interviews in Punjab, Pakistan. Food security status is calculated using dietary intake method. The study findings show that one-fourth of the households are food insecure. The study findings reveal that farm households perceive increase in food prices, crop diseases, lack of irrigation water and increase in health expenses as major livelihood risks. Further, the results of logistic regression show that family size, monthly income, food prices, health expenses and debt are main factors influencing the food security status of rural households. Furthermore, the market accessibility factors (road distance and transportation cost do significantly affect the small farming household food security. The results suggest that local food security can be enhanced by creating off-farm employment opportunities, improved transportation facilities and road infrastructure.

BrainBrowser: distributed, web-based neurological data visualization

Directory of Open Access Journals (Sweden)

Tarek eSherif

2015-01-01

Full Text Available Recent years have seen massive, distributed datasets become the norm in neuroimaging research, and the methodologies used analyze them have, in response, become more collaborative and exploratory. Tools and infrastructure are continuously being developed and deployed to facilitate research in this context: grid computation platforms to process the data, distributed data stores to house and share them, high-speed networks to move them around and collaborative, often web-based, platforms to provide access to and sometimes manage the entire system. BrainBrowser is a lightweight, high-performance JavaScript visualization library built to provide easy-to-use, powerful, on-demand visualization of remote datasets in this new research environment. BrainBrowser leverages modern Web technologies, such as WebGL, HTML5 and Web Workers, to visualize 3D surface and volumetric neuroimaging data in any modern web browser without requiring any browser plugins. It is thus trivial to integrate BrainBrowser into any web-based platform. BrainBrowser is simple enough to produce a basic web-based visualization in a few lines of code, while at the same time being robust enough to create full-featured visualization applications. BrainBrowser can dynamically load the data required for a given visualization, so no network bandwidth needs to be waisted on data that will not be used. BrainBrowser's integration into the standardized web platform also allows users to consider using 3D data visualization in novel ways, such as for data distribution, data sharing and dynamic online publications. BrainBrowser is already being used in two major online platforms, CBRAIN and LORIS, and has been used to make the 1TB MACACC dataset openly accessible.

Privacy, security and access with sensitive health information.

Science.gov (United States)

Croll, Peter

2010-01-01

This chapter gives an educational overview of: * Confidentiality issues and the challenges faced; * The fundamental differences between privacy and security; * The different access control mechanisms; * The challenges of Internet security; * How 'safety and quality' relate to all the above.

CMS OnlineWeb-Based Monitoring

CERN Document Server

Wan, Zongru; Chakaberia, Irakli; Lopez-Perez, Juan Antonio; Maeshima, Kaori; Maruyama, Sho; Soha, Aron; Sulmanas, Balys; Wan, Zongru

2012-01-01

For large international High Energy Physics experiments, modern web technologies make the online monitoring of detector status, data acquisition status, trigger rates, luminosity, etc., accessible for the collaborators anywhere and anytime. This helps the collaborating experts monitor the status of the experiment, identify the problems, and improve data-taking efficiency. We present the Web-Based Monitoring project of the CMS experiment at the LHC of CERN. The data sources are relational databases and various messaging systems. The project provides a vast amount of in-depth information including real time data, historical trend, and correlations, in a user friendly way.

Integrated web-based viewing and secure remote access to a clinical data repository and diverse clinical systems.

Science.gov (United States)

Duncan, R G; Saperia, D; Dulbandzhyan, R; Shabot, M M; Polaschek, J X; Jones, D T

2001-01-01

The advent of the World-Wide-Web protocols and client-server technology has made it easy to build low-cost, user-friendly, platform-independent graphical user interfaces to health information systems and to integrate the presentation of data from multiple systems. The authors describe a Web interface for a clinical data repository (CDR) that was moved from concept to production status in less than six months using a rapid prototyping approach, multi-disciplinary development team, and off-the-shelf hardware and software. The system has since been expanded to provide an integrated display of clinical data from nearly 20 disparate information systems.

Secure Management of Personal Health Records by Applying Attribute-Based Encryption

NARCIS (Netherlands)

Ibraimi, L.; Asim, Muhammad; Petkovic, M.

2009-01-01

The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access Control, have several limitations with respect to enforcing access control policies and

Identity and Access Management and Security in Higher Education.

Science.gov (United States)

Bruhn, Mark; Gettes, Michael; West, Ann

2003-01-01

Discusses the drivers for an identity management system (IdM), components of this system, and its role within a school security strategy, focusing on: basic access management; requirements for access management; middleware support for an access management system; IdM implementation considerations (e.g., access eligibilities, authentication…

Wi-Fi Networks Security and Accessing Control

OpenAIRE

Tarek S. Sobh

2013-01-01

As wireless networks access gains popularity in corporate, private and personal networks, the nature of wireless networks opens up new possibilities for network attacks. This paper negotiating Wi-Fi security against scanning of rogue Wi-Fi networks and other related activities and considers the monitoring of Wi-Fi traffic effects. The unauthorized access point (AP) problem has raised more attention and resulted in obtaining wireless access without subscriber permission.This work assumes Wi-Fi...

Comparison of trial participants and open access users of a web-based physical activity intervention regarding adherence, attrition, and repeated participation.

Science.gov (United States)

Wanner, Miriam; Martin-Diener, Eva; Bauer, Georg; Braun-Fahrländer, Charlotte; Martin, Brian W

2010-02-10

Web-based interventions are popular for promoting healthy lifestyles such as physical activity. However, little is known about user characteristics, adherence, attrition, and predictors of repeated participation on open access physical activity websites. The focus of this study was Active-online, a Web-based individually tailored physical activity intervention. The aims were (1) to assess and compare user characteristics and adherence to the website (a) in the open access context over time from 2003 to 2009, and (b) between trial participants and open access users; and (2) to analyze attrition and predictors of repeated use among participants in a randomized controlled trial compared with registered open access users. Data routinely recorded in the Active-online user database were used. Adherence was defined as: the number of pages viewed, the proportion of visits during which a tailored module was begun, the proportion of visits during which tailored feedback was received, and the time spent in the tailored modules. Adherence was analyzed according to six one-year periods (2003-2009) and according to the context (trial or open access) based on first visits and longest visits. Attrition and predictors of repeated participation were compared between trial participants and open access users. The number of recorded visits per year on Active-online decreased from 42,626 in 2003-2004 to 8343 in 2008-2009 (each of six one-year time periods ran from April 23 to April 22 of the following year). The mean age of users was between 38.4 and 43.1 years in all time periods and both contexts. The proportion of women increased from 49.5% in 2003-2004 to 61.3% in 2008-2009 (Popen access users. For open access users, adherence was similar during the first and the longest visits; for trial participants, adherence was lower during the first visits and higher during the longest visits. Of registered open access users and trial participants, 25.8% and 67.3% respectively visited Active

Cost reduction for web-based data imputation

KAUST Repository

Li, Zhixu

2014-01-01

Web-based Data Imputation enables the completion of incomplete data sets by retrieving absent field values from the Web. In particular, complete fields can be used as keywords in imputation queries for absent fields. However, due to the ambiguity of these keywords and the data complexity on the Web, different queries may retrieve different answers to the same absent field value. To decide the most probable right answer to each absent filed value, existing method issues quite a few available imputation queries for each absent value, and then vote on deciding the most probable right answer. As a result, we have to issue a large number of imputation queries for filling all absent values in an incomplete data set, which brings a large overhead. In this paper, we work on reducing the cost of Web-based Data Imputation in two aspects: First, we propose a query execution scheme which can secure the most probable right answer to an absent field value by issuing as few imputation queries as possible. Second, we recognize and prune queries that probably will fail to return any answers a priori. Our extensive experimental evaluation shows that our proposed techniques substantially reduce the cost of Web-based Imputation without hurting its high imputation accuracy. © 2014 Springer International Publishing Switzerland.

Inclusão digital via acessibilidade web | Digital inclusion via web accessibility

Directory of Open Access Journals (Sweden)

Cesar Augusto Cusin

2009-03-01

Full Text Available Resumo A natureza atual da web, que destaca a participação colaborativa dos usuários em diversos ambientes informacionais digitais, conduz ao desenvolvimento de diretrizes que enfocam a arquitetura da informação digital inclusiva para diferentes públicos nas mais diversas ambiências informacionais. A pesquisa propõe e objetiva um ambiente informacional digital inclusivo, visando apontar os elementos de acessibilidade que permitam a promoção da inclusão informacional digital, de forma a destacar os referenciais da Arquitetura da Informação Digital, de recomendações internacionais, com o olhar da Ciência da Informação e das novas tecnologias de informação e comunicação (TIC. Palavras-chave inclusão digital; web; acessibilidade; ciência da informação; arquitetura da informação. Abstract The current nature of the web, which highlights the collaborative participation of users in various digital informational environments, leads to the development of guidelines that focus on the digital inclusive information architecture for different audiences in diverse informational environments. The study proposes an inclusive digital information environment, aiming to establish the elements of accessibility that  enable the promotion of digital inclusion information in order to highlight the references of digital information architecture, the international recommendations, with the perspective of Information Science and the new information and communication technologies (ICT. Keywords digital inclusion; web; accessibility; information science; information architecture.

Secure Dynamic access control scheme of PHR in cloud computing.

Science.gov (United States)

Chen, Tzer-Shyong; Liu, Chia-Hui; Chen, Tzer-Long; Chen, Chin-Sheng; Bau, Jian-Guo; Lin, Tzu-Ching

2012-12-01

With the development of information technology and medical technology, medical information has been developed from traditional paper records into electronic medical records, which have now been widely applied. The new-style medical information exchange system "personal health records (PHR)" is gradually developed. PHR is a kind of health records maintained and recorded by individuals. An ideal personal health record could integrate personal medical information from different sources and provide complete and correct personal health and medical summary through the Internet or portable media under the requirements of security and privacy. A lot of personal health records are being utilized. The patient-centered PHR information exchange system allows the public autonomously maintain and manage personal health records. Such management is convenient for storing, accessing, and sharing personal medical records. With the emergence of Cloud computing, PHR service has been transferred to storing data into Cloud servers that the resources could be flexibly utilized and the operation cost can be reduced. Nevertheless, patients would face privacy problem when storing PHR data into Cloud. Besides, it requires a secure protection scheme to encrypt the medical records of each patient for storing PHR into Cloud server. In the encryption process, it would be a challenge to achieve accurately accessing to medical records and corresponding to flexibility and efficiency. A new PHR access control scheme under Cloud computing environments is proposed in this study. With Lagrange interpolation polynomial to establish a secure and effective PHR information access scheme, it allows to accurately access to PHR with security and is suitable for enormous multi-users. Moreover, this scheme also dynamically supports multi-users in Cloud computing environments with personal privacy and offers legal authorities to access to PHR. From security and effectiveness analyses, the proposed PHR access

Access control based on attribute certificates for medical intranet applications.

Science.gov (United States)

Mavridis, I; Georgiadis, C; Pangalos, G; Khair, M

2001-01-01

Clinical information systems frequently use intranet and Internet technologies. However these technologies have emphasized sharing and not security, despite the sensitive and private nature of much health information. Digital certificates (electronic documents which recognize an entity or its attributes) can be used to control access in clinical intranet applications. To outline the need for access control in distributed clinical database systems, to describe the use of digital certificates and security policies, and to propose the architecture for a system using digital certificates, cryptography and security policy to control access to clinical intranet applications. We have previously developed a security policy, DIMEDAC (Distributed Medical Database Access Control), which is compatible with emerging public key and privilege management infrastructure. In our implementation approach we propose the use of digital certificates, to be used in conjunction with DIMEDAC. Our proposed access control system consists of two phases: the ways users gain their security credentials; and how these credentials are used to access medical data. Three types of digital certificates are used: identity certificates for authentication; attribute certificates for authorization; and access-rule certificates for propagation of access control policy. Once a user is identified and authenticated, subsequent access decisions are based on a combination of identity and attribute certificates, with access-rule certificates providing the policy framework. Access control in clinical intranet applications can be successfully and securely managed through the use of digital certificates and the DIMEDAC security policy.

Instructional Uses of Web-Based Survey Software

Directory of Open Access Journals (Sweden)

Concetta A. DePaolo, Ph.D.

2006-07-01

Full Text Available Recent technological advances have led to changes in how instruction is delivered. Such technology can create opportunities to enhance instruction and make instructors more efficient in performing instructional tasks, especially if the technology is easy to use and requires no training. One such technology, web-based survey software, is extremely accessible for anyone with basic computer skills. Web-based survey software can be used for a variety of instructional purposes to streamline instructor tasks, as well as enhance instruction and communication with students. Following a brief overview of the technology, we discuss how Web Forms from nTreePoint can be used to conduct instructional surveys, collect course feedback, conduct peer evaluations of group work, collect completed assignments, schedule meeting times among multiple people, and aid in pedagogical research. We also discuss our experiences with these tasks within traditional on-campus courses and how they were enhanced or expedited by the use of web-based survey software.

Web based remote monitoring and controlling system for vulnerable environments

Science.gov (United States)

Thomas, Aparna; George, Minu

2016-03-01

The two major areas of concern in industrial establishments are monitoring and security. The remote monitoring and controlling can be established with the help of Web technology. Managers can monitor and control the equipment in the remote area through a web browser. The targeted area includes all type of susceptible environment like gas filling station, research and development laboratories. The environmental parameters like temperature, light intensity, gas etc. can be monitored. Security is a very important factor in an industrial setup. So motion detection feature is added to the system to ensure the security. The remote monitoring and controlling system makes use of the latest, less power consumptive and fast working microcontroller like S3C2440. This system is based on ARM9 and Linux operating system. The ARM9 will collect the sensor data and establish real time video monitoring along with motion detection feature. These captured video data as well as environmental data is transmitted over internet using embedded web server which is integrated within the ARM9 board.

Accessibility of dynamic web applications with emphasis on visually impaired users

Directory of Open Access Journals (Sweden)

Kingsley Okoye

2014-09-01

Full Text Available As the internet is fast migrating from static web pages to dynamic web pages, the users with visual impairment find it confusing and challenging when accessing the contents on the web. There is evidence that dynamic web applications pose accessibility challenges for the visually impaired users. This study shows that a difference can be made through the basic understanding of the technical requirement of users with visual impairment and addresses a number of issues pertinent to the accessibility needs for such users. We propose that only by designing a framework that is structurally flexible, by removing unnecessary extras and thereby making every bit useful (fit-for-purpose, will visually impaired users be given an increased capacity to intuitively access e-contents. This theory is implemented in a dynamic website for the visually impaired designed in this study. Designers should be aware of how the screen reading software works to enable them make reasonable adjustments or provide alternative content that still corresponds to the objective content to increase the possibility of offering faultless service to such users. The result of our research reveals that materials can be added to a content repository or re-used from existing ones by identifying the content types and then transforming them into a flexible and accessible one that fits the requirements of the visually impaired through our method (no-frill + agile methodology rather than computing in advance or designing according to a given specification.

Security concept in 'MyAngelWeb' a website for the individual patient at risk of emergency.

Science.gov (United States)

Pinciroli, F; Nahaissi, D; Boschini, M; Ferrari, R; Meloni, G; Camnasio, M; Spaggiari, P; Carnerone, G

2000-11-01

We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

gemcWeb: A Cloud Based Nuclear Physics Simulation Software

Science.gov (United States)

Markelon, Sam

2017-09-01

gemcWeb allows users to run nuclear physics simulations from the web. Being completely device agnostic, scientists can run simulations from anywhere with an Internet connection. Having a full user system, gemcWeb allows users to revisit and revise their projects, and share configurations and results with collaborators. gemcWeb is based on simulation software gemc, which is based on standard GEant4. gemcWeb requires no C++, gemc, or GEant4 knowledge. Using a simple but powerful GUI allows users to configure their project from geometries and configurations stored on the deployment server. Simulations are then run on the server, with results being posted to the user, and then securely stored. Python based and open-source, the main version of gemcWeb is hosted internally at Jefferson National Labratory and used by the CLAS12 and Electron-Ion Collider Project groups. However, as the software is open-source, and hosted as a GitHub repository, an instance can be deployed on the open web, or any institution's intra-net. An instance can be configured to host experiments specific to an institution, and the code base can be modified by any individual or group. Special thanks to: Maurizio Ungaro, PhD., creator of gemc; Markus Diefenthaler, PhD., advisor; and Kyungseon Joo, PhD., advisor.

Sign Language Translation in State Administration in Germany: Barrier Free Web Accessibility

OpenAIRE

Lišková, Kateřina

2014-01-01

The aim of this thesis is to describe Web accessibility in state administration in the Federal Republic of Germany in relation to the socio-demographic group of deaf sign language users who did not have the opportunity to gain proper knowledge of a written form of the German language. The demand of the Deaf to information in an accessible form as based on legal documents is presented in relation to the theory of translation. How translating from written texts into sign language works in pract...

Web Extensible Display Manager

Energy Technology Data Exchange (ETDEWEB)

Slominski, Ryan [Thomas Jefferson National Accelerator Facility (TJNAF), Newport News, VA (United States); Larrieu, Theodore L. [Thomas Jefferson National Accelerator Facility (TJNAF), Newport News, VA (United States)

2018-02-01

Jefferson Lab's Web Extensible Display Manager (WEDM) allows staff to access EDM control system screens from a web browser in remote offices and from mobile devices. Native browser technologies are leveraged to avoid installing and managing software on remote clients such as browser plugins, tunnel applications, or an EDM environment. Since standard network ports are used firewall exceptions are minimized. To avoid security concerns from remote users modifying a control system, WEDM exposes read-only access and basic web authentication can be used to further restrict access. Updates of monitored EPICS channels are delivered via a Web Socket using a web gateway. The software translates EDM description files (denoted with the edl suffix) to HTML with Scalable Vector Graphics (SVG) following the EDM's edl file vector drawing rules to create faithful screen renderings. The WEDM server parses edl files and creates the HTML equivalent in real-time allowing existing screens to work without modification. Alternatively, the familiar drag and drop EDM screen creation tool can be used to create optimized screens sized specifically for smart phones and then rendered by WEDM.

Creating an interactive Web-based e-learning course: a practical introduction for radiologists.

Science.gov (United States)

Hoa, Denis; Micheau, Antoine; Gahide, Gerald

2006-01-01

With the development of e-learning and its ability to provide rich animated content rapidly to a wide audience, new methods for teaching medical imaging have evolved. E-learning tools allow building of learner-focused structured courses. Standards such as shareable content object reference model (SCORM) or Aviation Industry Computer-based Training Committee (AICC) guidelines and recommendations provide the framework required to combine text, images, videos, animations, and quizzes for learning assessment, even if each of these elements is created with different software. The main features to consider when choosing a learning management system are content management, assessment and reporting tools, customization options, course delivery, administration, and security. The tools for building a Web-based course with pages containing text, images, videos, and Flash animations are now accessible to any radiologist. Open-source learning management systems and content authoring software are available at no cost. The authors developed e-MRI.com, a free Web-based e-learning course with interactive animations and simulations, self-tests, and clinical cases to demonstrate the potential of the latest advances in e-learning and pedagogy applied to magnetic resonance imaging physics.

Tracking clinical competencies on the web.

Science.gov (United States)

Hobbs, Dan L

2005-01-01

The American Registry of Radiologic Technologists (ARRT) has defined several core examinations that student radiographers must perform to demonstrate competency. Furthermore, the ARRT has left the method of tracking competency exams to educators. This article describes a Web-based system that can be used to track clinical competencies. The pedagogy employed in designing a meaningful and successful Web site to track competencies can be overwhelming. Considerations include selecting software, the design and implementation process, and providing security to protect confidential information. The Web-based system described in this article is innovative, sensible and relatively easy to adopt. This tracking method provides faculty members with instantaneous access and a quick review of the student's competency examinations. Students' competency information for the entire program is contained in 1 electronic file. With minor modification, the system can be used in a variety of educational and administrative settings.

Accelerating cancer systems biology research through Semantic Web technology.

Science.gov (United States)

Wang, Zhihui; Sagotsky, Jonathan; Taylor, Thomas; Shironoshita, Patrick; Deisboeck, Thomas S

2013-01-01

Cancer systems biology is an interdisciplinary, rapidly expanding research field in which collaborations are a critical means to advance the field. Yet the prevalent database technologies often isolate data rather than making it easily accessible. The Semantic Web has the potential to help facilitate web-based collaborative cancer research by presenting data in a manner that is self-descriptive, human and machine readable, and easily sharable. We have created a semantically linked online Digital Model Repository (DMR) for storing, managing, executing, annotating, and sharing computational cancer models. Within the DMR, distributed, multidisciplinary, and inter-organizational teams can collaborate on projects, without forfeiting intellectual property. This is achieved by the introduction of a new stakeholder to the collaboration workflow, the institutional licensing officer, part of the Technology Transfer Office. Furthermore, the DMR has achieved silver level compatibility with the National Cancer Institute's caBIG, so users can interact with the DMR not only through a web browser but also through a semantically annotated and secure web service. We also discuss the technology behind the DMR leveraging the Semantic Web, ontologies, and grid computing to provide secure inter-institutional collaboration on cancer modeling projects, online grid-based execution of shared models, and the collaboration workflow protecting researchers' intellectual property. Copyright © 2012 Wiley Periodicals, Inc.

Design of the XML Security System for Electronic Commerce Application

Institute of Scientific and Technical Information of China (English)

无

2003-01-01

The invocation of World Wide Web (www) first triggered mass adoption of the Internet for public access to digital information exchanges across the globe. To get a big market on the Web, a special security infrastructure would need to be put into place transforming the wild-and-woolly Internet into a network with end-to-end protections. XML (extensible Markup Language) is widely accepted as powerful data representation standard for electronic documents, so a security mechanism for XML documents must be provided in the first place to secure electronic commerce over Internet. In this paper the authors design and implement a secure framework that provides XML signature function, XML Element-wise Encryption function, smart card based crypto API library and Public Key Infrastructure (PKI) security functions to achieve confidentiality, integrity, message authentication, and/or signer authentication services for XML documents and existing non-XML documents that are exchanged by Internet for E-commerce application.

Integration of EGA secure data access into Galaxy.

Science.gov (United States)

Hoogstrate, Youri; Zhang, Chao; Senf, Alexander; Bijlard, Jochem; Hiltemann, Saskia; van Enckevort, David; Repo, Susanna; Heringa, Jaap; Jenster, Guido; J A Fijneman, Remond; Boiten, Jan-Willem; A Meijer, Gerrit; Stubbs, Andrew; Rambla, Jordi; Spalding, Dylan; Abeln, Sanne

2016-01-01

High-throughput molecular profiling techniques are routinely generating vast amounts of data for translational medicine studies. Secure access controlled systems are needed to manage, store, transfer and distribute these data due to its personally identifiable nature. The European Genome-phenome Archive (EGA) was created to facilitate access and management to long-term archival of bio-molecular data. Each data provider is responsible for ensuring a Data Access Committee is in place to grant access to data stored in the EGA. Moreover, the transfer of data during upload and download is encrypted. ELIXIR, a European research infrastructure for life-science data, initiated a project (2016 Human Data Implementation Study) to understand and document the ELIXIR requirements for secure management of controlled-access data. As part of this project, a full ecosystem was designed to connect archived raw experimental molecular profiling data with interpreted data and the computational workflows, using the CTMM Translational Research IT (CTMM-TraIT) infrastructure http://www.ctmm-trait.nl as an example. Here we present the first outcomes of this project, a framework to enable the download of EGA data to a Galaxy server in a secure way. Galaxy provides an intuitive user interface for molecular biologists and bioinformaticians to run and design data analysis workflows. More specifically, we developed a tool -- ega_download_streamer - that can download data securely from EGA into a Galaxy server, which can subsequently be further processed. This tool will allow a user within the browser to run an entire analysis containing sensitive data from EGA, and to make this analysis available for other researchers in a reproducible manner, as shown with a proof of concept study.  The tool ega_download_streamer is available in the Galaxy tool shed: https://toolshed.g2.bx.psu.edu/view/yhoogstrate/ega_download_streamer.

Web 2.0 Sites for Collaborative Self-Access: The Learning Advisor vs. Google®

Directory of Open Access Journals (Sweden)

Craig D. Howard

2011-09-01

Full Text Available While Web 2.0 technologies provide motivated, self-access learners with unprecedented opportunities for language learning, Web 2.0 designs are not of universally equal value for learning. This article reports on research carried out at Indiana University Bloomington using an empirical method to select websites for self-access language learning. Two questions related to Web 2.0 recommendations were asked: (1 How do recommended Web 2.0 sites rank in terms of interactivity features? (2 How likely is a learner to find highly interactive sites on their own? A list of 20 sites used for supplemental and self-access activities in language programs at five universities was compiled and provided the initial data set. Purposive sampling criteria revealed 10 sites truly represented Web 2.0 design. To address the first question, a feature analysis was applied (Herring, The international handbook of internet research. Berlin: Springer, 2008. An interactivity framework was developed from previous research to identify Web 2.0 design features, and sites were ranked according to feature quantity. The method used to address the second question was an interconnectivity analysis that measured direct and indirect interconnectivity within Google results. Highly interactive Web 2.0 sites were not prominent in Google search results, nor were they often linked via third party sites. It was determined that, using typical keywords or searching via blogs and recommendation sites, self-access learners were highly unlikely to find the most promising Web 2.0 sites for language learning. A discussion of the role of the learning advisor in guiding Web 2.0 collaborative self-access, as well as some strategic short cuts to quick analysis, conclude the article.

A descriptive study of registered nurses' experiences with web-based learning.

Science.gov (United States)

Atack, Lynda; Rankin, James

2002-11-01

To describe the experiences of registered nurses (RNs) who enrolled in a web-based course from either their home or the workplace. In order to maintain competency in rapidly changing health care systems, and meet the challenge of overcoming traditional barriers to continuing education, RNs need access to innovative educational delivery methods. As yet, little is known about the web-based learners' experience, particularly when courses are accessed from the nursing practice setting. The article focuses on the results from questionnaires conducted with 57 RNs enrolled in a web-based, postdiploma course. These findings emanate from a larger study using survey method and focus group interviews. Nurses' experiences were measured using the Online Learner Support Instrument which was developed and tested for use in the study. Most nurses found the course highly satisfactory. Not all experiences were positive however, and a number of challenges were faced. Access to the course from home was reported as very satisfactory for the majority, while work users encountered a number of serious barriers such as insufficient time and limited computer access. The RNs made significant gains in their learning with e-mail, Internet, keyboarding and word processing skills during the 16-week course. Lack of computer skills, erroneous perceptions of course workload and inadequate preparation for web learning were largely responsible for the majority of withdrawals. Web-based learning can be an effective mode of delivery for nursing education. Advance preparation by educational institutions, employers and prospective students is essential. Teachers, peers, technology, course design and the learning environment are key variables that influence the learners' experience and success.

Web accessibility practical advice for the library and information professional

CERN Document Server

Craven, Jenny

2008-01-01

Offers an introduction to web accessibility and usability for information professionals, offering advice on the concerns relevant to library and information organizations. This book can be used as a resource for developing staff training and awareness activities. It will also be of value to website managers involved in web design and development.

Using Web 2.0 technologies to enhance evidence-based medical information.

Science.gov (United States)

Metzger, Miriam J; Flanagin, Andrew J

2011-01-01

This article invokes research on information seeking and evaluation to address how providers of evidence-based medical information can use Web 2.0 technologies to increase access to, enliven users' experiences with, and enrich the quality of the information available. In an ideal scenario, evidence-based medical information can take appropriate advantage of community intelligence spawned by Web 2.0 technologies, resulting in the ideal combination of scientifically sound, high-quality information that is imbued with experiential insights from a multitude of individuals. To achieve this goal, the authors argue that people will engage with information that they can access easily, and that they perceive as (a) relevant to their information-seeking goals and (b) credible. The authors suggest the utility of Web 2.0 technologies for engaging stakeholders with evidence-based medical information through these mechanisms, and the degree to which the information provided can and should be trusted. Last, the authors discuss potential problems with Web 2.0 information in relation to decision making in health contexts, and they conclude with specific and practical recommendations for the dissemination of evidence-based health information via Web 2.0 technologies.

Hand Society and Matching Program Web Sites Provide Poor Access to Information Regarding Hand Surgery Fellowship.

Science.gov (United States)

Hinds, Richard M; Klifto, Christopher S; Naik, Amish A; Sapienza, Anthony; Capo, John T

2016-08-01

The Internet is a common resource for applicants of hand surgery fellowships, however, the quality and accessibility of fellowship online information is unknown. The objectives of this study were to evaluate the accessibility of hand surgery fellowship Web sites and to assess the quality of information provided via program Web sites. Hand fellowship Web site accessibility was evaluated by reviewing the American Society for Surgery of the Hand (ASSH) on November 16, 2014 and the National Resident Matching Program (NRMP) fellowship directories on February 12, 2015, and performing an independent Google search on November 25, 2014. Accessible Web sites were then assessed for quality of the presented information. A total of 81 programs were identified with the ASSH directory featuring direct links to 32% of program Web sites and the NRMP directory directly linking to 0%. A Google search yielded direct links to 86% of program Web sites. The quality of presented information varied greatly among the 72 accessible Web sites. Program description (100%), fellowship application requirements (97%), program contact email address (85%), and research requirements (75%) were the most commonly presented components of fellowship information. Hand fellowship program Web sites can be accessed from the ASSH directory and, to a lesser extent, the NRMP directory. However, a Google search is the most reliable method to access online fellowship information. Of assessable programs, all featured a program description though the quality of the remaining information was variable. Hand surgery fellowship applicants may face some difficulties when attempting to gather program information online. Future efforts should focus on improving the accessibility and content quality on hand surgery fellowship program Web sites.

Making a web based ulcer record work by aligning architecture, legislation and users - a formative evaluation study.

Science.gov (United States)

Ekeland, Anne G; Skipenes, Eva; Nyheim, Beate; Christiansen, Ellen K

2011-01-01

The University Hospital of North Norway selected a web-based ulcer record used in Denmark, available from mobile phones. Data was stored in a common database and easily accessible. According to Norwegian legislation, only employees of the organization that owns an IT system can access the system, and use of mobile units requires strong security solutions. The system had to be changed. The paper addresses interactions in order to make the system legal, and assesses regulations that followed. By addressing conflicting scripts and the contingent nature of knowledge, we conducted a formative evaluation aiming at improving the object being studied. Participatory observation in a one year process, minutes from meetings and information from participants, constitute the data material. In the technological domain, one database was replaced by four. In the health care delivery domain, easy access was replaced by a more complicated log on procedure, and in the domain of law and security, a clarification of risk levels was obtained, thereby allowing for access by mobile phones with today's authentication mechanisms. Flexibility concerning predefined scripts was important in all domains. Changes were made that improved the platform for further development of legitimate communication of patient data via mobile units. The study also shows the value of formative evaluations in innovations.

Usability and Accessibility of Air Force Intranet Web Sites

National Research Council Canada - National Science Library

Bentley, Richard S

2006-01-01

.... This research effort seeks to establish an understanding of how well common practice usability design principles and government mandated accessibility guidelines are followed by Air Force intranet web sites...

Web accessibility: a longitudinal study of college and university home pages in the northwestern United States.

Science.gov (United States)

Thompson, Terrill; Burgstahler, Sheryl; Moore, Elizabeth J

2010-01-01

This article reports on a follow-up assessment to Thompson et al. (Proceedings of The First International Conference on Technology-based Learning with Disability, July 19-20, Dayton, Ohio, USA; 2007. pp 127-136), in which higher education home pages were evaluated over a 5-year period on their accessibility to individuals with disabilities. The purpose of this article is to identify trends in web accessibility and long-term impact of outreach and education. Home pages from 127 higher education institutions in the Northwest were evaluated for accessibility three times over a 6-month period in 2004-2005 (Phase I), and again in 2009 (Phase II). Schools in the study were offered varying degrees of training and/or support on web accessibility during Phase I. Pages were evaluated for accessibility using a set of manual checkpoints developed by the researchers. Over the 5-year period reported in this article, significant positive gains in accessibility were revealed on some measures, but accessibility declined on other measures. The areas of improvement are arguably the more basic, easy-to-implement accessibility features, while the area of decline is keyboard accessibility, which is likely associated with the emergence of dynamic new technologies on web pages. Even on those measures where accessibility is improving, it is still strikingly low. In Phase I of the study, institutions that received extensive training and support were more likely than other institutions to show improved accessibility on the measures where institutions improved overall, but were equally or more likely than others to show a decline on measures where institutions showed an overall decline. In Phase II, there was no significant difference between institutions who had received support earlier in the study, and those who had not. Results suggest that growing numbers of higher education institutions in the Northwest are motivated to add basic accessibility features to their home pages, and that

Spring security 3.x cookbook

CERN Document Server

Mankale, Anjana

2013-01-01

This book follows a cookbook style exploring various security solutions provided by Spring Security for various vulnerabilities and threat scenarios that web applications may be exposed to at the authentication and session level layers.This book is for all Spring-based application developers as well as Java web developers who wish to implement robust security mechanisms into web application development using Spring Security.Readers are assumed to have a working knowledge of Java web application development, a basic understanding of the Spring framework, and some knowledge of the fundamentals o

Web-based control application using WebSocket

International Nuclear Information System (INIS)

Furukawa, Y.

2012-01-01

The WebSocket allows asynchronous full-duplex communication between a Web-based (i.e. Java Script-based) application and a Web-server. WebSocket started as a part of HTML5 standardization but has now been separated from HTML5 and has been developed independently. Using WebSocket, it becomes easy to develop platform independent presentation layer applications for accelerator and beamline control software. In addition, a Web browser is the only application program that needs to be installed on client computer. The WebSocket-based applications communicate with the WebSocket server using simple text-based messages, so WebSocket is applicable message-based control system like MADOCA, which was developed for the SPring-8 control system. A simple WebSocket server for the MADOCA control system and a simple motor control application were successfully made as a first trial of the WebSocket control application. Using Google-Chrome (version 13.0) on Debian/Linux and Windows 7, Opera (version 11.0) on Debian/Linux and Safari (version 5.0.3) on Mac OS X as clients, the motors can be controlled using a WebSocket-based Web-application. Diffractometer control application use in synchrotron radiation diffraction experiment was also developed. (author)

WebPresent: a World Wide Web-based telepresentation tool for physicians

Science.gov (United States)

Sampath-Kumar, Srihari; Banerjea, Anindo; Moshfeghi, Mehran

1997-05-01

In this paper, we present the design architecture and the implementation status of WebPresent - a world wide web based tele-presentation tool. This tool allows a physician to use a conference server workstation and make a presentation of patient cases to a geographically distributed audience. The audience consists of other physicians collaborating on patients' health care management and physicians participating in continuing medical education. These physicians are at several locations with networks of different bandwidth and capabilities connecting them. Audiences also receive the patient case information on different computers ranging form high-end display workstations to laptops with low-resolution displays. WebPresent is a scalable networked multimedia tool which supports the presentation of hypertext, images, audio, video, and a white-board to remote physicians with hospital Intranet access. WebPresent allows the audience to receive customized information. The data received can differ in resolution and bandwidth, depending on the availability of resources such as display resolution and network bandwidth.

A Web-based Architecture Enabling Multichannel Telemedicine Applications

Directory of Open Access Journals (Sweden)

Fabrizio Lamberti

2003-02-01

Full Text Available Telemedicine scenarios include today in-hospital care management, remote teleconsulting, collaborative diagnosis and emergency situations handling. Different types of information need to be accessed by means of etherogeneous client devices in different communication environments in order to enable high quality continuous sanitary assistance delivery wherever and whenever needed. In this paper, a Web-based telemedicine architecture based on Java, XML and XSL technologies is presented. By providing dynamic content delivery services and Java based client applications for medical data consultation and modification, the system enables effective access to an Electronic Patient Record based standard database by means of any device equipped with a Web browser, such as traditional Personal Computers and workstation as well as modern Personal Digital Assistants. The effectiveness of the proposed architecture has been evaluated in different scenarios, experiencing fixed and mobile clinical data transmissions over Local Area Networks, wireless LANs and wide coverage telecommunication network including GSM and GPRS.

Rweb:Web-based Statistical Analysis

Directory of Open Access Journals (Sweden)

Jeff Banfield

1999-03-01

Full Text Available Rweb is a freely accessible statistical analysis environment that is delivered through the World Wide Web (WWW. It is based on R, a well known statistical analysis package. The only requirement to run the basic Rweb interface is a WWW browser that supports forms. If you want graphical output you must, of course, have a browser that supports graphics. The interface provides access to WWW accessible data sets, so you may run Rweb on your own data. Rweb can provide a four window statistical computing environment (code input, text output, graphical output, and error information through browsers that support Javascript. There is also a set of point and click modules under development for use in introductory statistics courses.

Are web-based questionnaires accepted in patients attending rehabilitation?

Science.gov (United States)

Engan, Harald K; Hilmarsen, Christina; Sittlinger, Sverre; Sandmæl, Jon Arne; Skanke, Frode; Oldervoll, Line M

2016-12-01

The aim of the present paper was to study preferences for web based self-administered questionnaires (web SAQs) vs. paper-based self-administered questionnaires (paper SAQs) and to evaluate the feasibility of using web SAQs in patients referred to cardiac, lung, occupational and cancer rehabilitation programs. The patients were approached by mail and given the choice to answer the compulsory SAQs either on paper or on a web-based platform. Hundred and twenty seven out of 183 eligible patients (69.3%) were willing to participate and 126 completed the study. Web SAQs were preferred by 77.7%, and these patients were significantly younger, more often cohabiting and tended to have higher level of education than paper SAQ users. Mean number of data missing per patient was less among the web SAQ users than the paper SAQ users (0.55 vs. 2.15, p questionnaires on internet platforms when internet access is common and available. Implications for Rehabilitation The high acceptability of web-based self-administered questionnaires among rehabilitation patients suggests that internet platforms are suitable tools to collect patient information for rehabilitation units. Web-based modes of patient data collection demonstrate low number of missing data and can therefore improve the quality of data collection from rehabilitation patients. Use of web-based questionnaires considerably reduces administrative costs of data collection in rehabilitation settings compared to traditional pen and paper methods.

ELAN - the web page based information system for emergency preparedness in Germany

International Nuclear Information System (INIS)

Zaehringer, M.; Hoebler, Ch.; Bieringer, P.

2002-01-01

A plan for a WEB-page based system was developed which compiles all important information in case of an nuclear emergency with actual or potential release of radioactivity into the environment. A prototype system providing information of the Federal Ministry for Environment, Nature Conservation and Reactor Safety (BMU) was tested successfully. The implementation at the National Emergency Operations Centre of Switzerland was used as template. However, further planning takes into account the special conditions of the federal structure in Germany. The main purpose of the system is to compile, to clearly arrange, and to timely provide on a central server all relevant information of the federal government, the states (Laender), and, if available, from foreign authorities that is needed for decision making. It is envisaged to integrate similar existing systems in some states conceptually and technically. ELAN makes use of standardised and secure web technology. Uploading of information and delivery to national and foreign authorities, international organisations and the public is managed by role specific access controlling. (orig.)

The Battle to Secure Our Public Access Computers

Science.gov (United States)

Sendze, Monique

2006-01-01

Securing public access workstations should be a significant part of any library's network and information-security strategy because of the sensitive information patrons enter on these workstations. As the IT manager for the Johnson County Library in Kansas City, Kan., this author is challenged to make sure that thousands of patrons get the access…

Global Nuclear Safety and Security Network

International Nuclear Information System (INIS)

Guo Lingquan

2013-01-01

The objectives of the Regulatory Network are: - to contribute to the effectiveness of nuclear regulatory systems; - to contribute to continuous enhancements, and - to achieve and promote radiation and nuclear safety and security by: • Enhancing the effectiveness and efficiency of international cooperation in the regulation of nuclear and radiation safety of facilities and activities; • Enabling adequate access by regulators to relevant safety and security information; • Promoting dissemination of information on safety and security issues as well as information of good practices for addressing and resolving these issues; • Enabling synergies among different web based networks with a view to strengthening and enhancing the global nuclear safety framework and serving the specific needs of regulators and international organizations; • Providing additional information to the public on international regulatory cooperation in safety and security matters

Information Security and Wireless: Alternate Approaches for Controlling Access to Critical Information

National Research Council Canada - National Science Library

Nandram, Winsome

2004-01-01

.... Typically, network managers implement countermeasures to augment security. The goal of this thesis is to research approaches that compliment existing security measures with fine grain access control measures. The Extensible Markup Language (XML) is adopted to accommodate such granular access control as it provides the mechanisms for scaling security down to the document content level.

Aber-OWL: a framework for ontology-based data access in biology

KAUST Repository

Hoehndorf, Robert

2015-01-28

Background: Many ontologies have been developed in biology and these ontologies increasingly contain large volumes of formalized knowledge commonly expressed in the Web Ontology Language (OWL). Computational access to the knowledge contained within these ontologies relies on the use of automated reasoning. Results: We have developed the Aber-OWL infrastructure that provides reasoning services for bio-ontologies. Aber-OWL consists of an ontology repository, a set of web services and web interfaces that enable ontology-based semantic access to biological data and literature. Aber-OWL is freely available at http://aber-owl.net. Conclusions: Aber-OWL provides a framework for automatically accessing information that is annotated with ontologies or contains terms used to label classes in ontologies. When using Aber-OWL, access to ontologies and data annotated with them is not merely based on class names or identifiers but rather on the knowledge the ontologies contain and the inferences that can be drawn from it.

Towards automated processing of the right of access in inter-organizational Web Service compositions

DEFF Research Database (Denmark)

Herkenhöner, Ralph; De Meer, Hermann; Jensen, Meiko

2010-01-01

with trade secret protection. In this paper, we present an automated architecture to enable exercising the right of access in the domain of inter-organizational business processes based on Web Services technology. Deriving its requirements from the legal, economical, and technical obligations, we show...

Texting and accessing the web while driving: traffic citations and crashes among young adult drivers.

Science.gov (United States)

Cook, Jerry L; Jones, Randall M

2011-12-01

We examined relations between young adult texting and accessing the web while driving with driving outcomes (viz. crashes and traffic citations). Our premise is that engaging in texting and accessing the web while driving is not only distracting but that these activities represent a pattern of behavior that leads to an increase in unwanted outcomes, such as crashes and citations. College students (N = 274) on 3 campuses (one in California and 2 in Utah) completed an electronic questionnaire regarding their driving experience and cell phone use. Our data indicate that 3 out of 4 (74.3%) young adults engage in texting while driving, over half on a weekly basis (51.8%), and some engage in accessing the web while driving (16.8%). Data analysis revealed a relationship between these cell phone behaviors and traffic citations and crashes. The findings support Jessor and Jessor's (1977) "problem behavior syndrome" by showing that traffic citations are related to texting and accessing the web while driving and that crashes are related to accessing the web while driving. Limitations and recommendations are discussed.

CoP Sensing Framework on Web-Based Environment

Science.gov (United States)

Mustapha, S. M. F. D. Syed

The Web technologies and Web applications have shown similar high growth rate in terms of daily usages and user acceptance. The Web applications have not only penetrated in the traditional domains such as education and business but have also encroached into areas such as politics, social, lifestyle, and culture. The emergence of Web technologies has enabled Web access even to the person on the move through PDAs or mobile phones that are connected using Wi-Fi, HSDPA, or other communication protocols. These two phenomena are the inducement factors toward the need of building Web-based systems as the supporting tools in fulfilling many mundane activities. In doing this, one of the many focuses in research has been to look at the implementation challenges in building Web-based support systems in different types of environment. This chapter describes the implementation issues in building the community learning framework that can be supported on the Web-based platform. The Community of Practice (CoP) has been chosen as the community learning theory to be the case study and analysis as it challenges the creativity of the architectural design of the Web system in order to capture the presence of learning activities. The details of this chapter describe the characteristics of the CoP to understand the inherent intricacies in modeling in the Web-based environment, the evidences of CoP that need to be traced automatically in a slick manner such that the evidence-capturing process is unobtrusive, and the technologies needed to embrace a full adoption of Web-based support system for the community learning framework.

Security concept in 'MyAngelWeb((R))' a website for the individual patient at risk of emergency.

Science.gov (United States)

Pinciroli; Nahaissi; Boschini; Ferrari; Meloni; Camnasio; Spaggiari; Carnerone

2000-11-01

We describe the Security Plan for the 'MyAngelWeb' service. The different actors involved in the service are subject to different security procedures. The core of the security system is implemented at the host site by means of a DBMS and standard Information Technology tools. Hardware requirements for sustainable security are needed at the web-site construction sites. They are not needed at the emergency physician's site. At the emergency physician's site, a two-way authentication system (password and test phrase method) is implemented.

Mixed Reality Environment for Web-Based Laboratory Interactive Learning

Directory of Open Access Journals (Sweden)

A. I. Saleem

2008-02-01

Full Text Available This paper presents a web-based laboratory fordistance learners by incorporating simulation andhardware implementation into web-based e-learningsystems. It presents a development consisting of laboratorycourse through internet based on mixed reality technique tosetup, run and manipulateset of experiments. Eachexperiment has been designed in a way that allows thelearner to manipulate the components and check if it worksproperly in order to achieve the experiment objective. Theproposed laboratory e-learning tool has web-basedcomponents accessed by authorized users. Learners canacquire the necessary skills they need, while learning thetheory of the experiment and the basic characteristics ofeach component used in the experiment. Finally, a casestudy was conducted to show the feasibility and efficiencyof the proposed method.

Method for secure electronic voting system: face recognition based approach

Science.gov (United States)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

A physical implementation of the Turing machine accessed through Web

Directory of Open Access Journals (Sweden)

Marijo Maracic

2008-11-01

Full Text Available A Turing machine has an important role in education in the field of computer science, as it is a milestone in courses related to automata theory, theory of computation and computer architecture. Its value is also recognized in the Computing Curricula proposed by the Association for Computing Machinery (ACM and IEEE Computer Society. In this paper we present a physical implementation of the Turing machine accessed through Web. To enable remote access to the Turing machine, an implementation of the client-server architecture is built. The web interface is described in detail and illustrations of remote programming, initialization and the computation of the Turing machine are given. Advantages of such approach and expected benefits obtained by using remotely accessible physical implementation of the Turing machine as an educational tool in the teaching process are discussed.

Education problems and Web-based teaching: how it impacts dental educators?

Science.gov (United States)

Clark, G T

2001-01-01

This article looks at six problems that vex educators and how web-based teaching might help solve them. These problems include: (1) limited access to educational content, (2) need for asynchronous access to educational content, (3) depth and diversity of educational content, (4) training in complex problem solving, (5) promotion of lifelong learning behaviors and (6) achieving excellence in education. The advantages and disadvantage of web-based educational content for each problem are discussed. The article suggests that when a poorly organized course with inaccurate and irrelevant content is placed online, it solves no problems. However some of the above issues can be partially or fully solved by hosting well-constructed teaching modules on the web. This article also reviews the literature investigating the efficacy of off-site education as compared to that provided on-site. The conclusion of this review is that teleconference-based and web-based delivery of educational content can be as effective as traditional classroom-based teaching assuming the technologic problems sometimes associated with delivering teaching content to off-site locations do not interfere in the learning process. A suggested hierarchy for rating and comparing e-learning concepts and methods is presented for consideration.

A re-conceptualization of access for 21st century healthcare.

Science.gov (United States)

Fortney, John C; Burgess, James F; Bosworth, Hayden B; Booth, Brenda M; Kaboli, Peter J

2011-11-01

Many e-health technologies are available to promote virtual patient-provider communication outside the context of face-to-face clinical encounters. Current digital communication modalities include cell phones, smartphones, interactive voice response, text messages, e-mails, clinic-based interactive video, home-based web-cams, mobile smartphone two-way cameras, personal monitoring devices, kiosks, dashboards, personal health records, web-based portals, social networking sites, secure chat rooms, and on-line forums. Improvements in digital access could drastically diminish the geographical, temporal, and cultural access problems faced by many patients. Conversely, a growing digital divide could create greater access disparities for some populations. As the paradigm of healthcare delivery evolves towards greater reliance on non-encounter-based digital communications between patients and their care teams, it is critical that our theoretical conceptualization of access undergoes a concurrent paradigm shift to make it more relevant for the digital age. The traditional conceptualizations and indicators of access are not well adapted to measure access to health services that are delivered digitally outside the context of face-to-face encounters with providers. This paper provides an overview of digital "encounterless" utilization, discusses the weaknesses of traditional conceptual frameworks of access, presents a new access framework, provides recommendations for how to measure access in the new framework, and discusses future directions for research on access.

PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

International Nuclear Information System (INIS)

Castro, R.; Vega, J.; Portas, A.; Lopez, D.R.; Balme, S.; Theis, J.M.; Lebourg, P.; Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F.; Purahoo, K.; Thomsen, K.; Schiller, W.; Kadlecsik, J.

2008-01-01

Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well

PAPI based federation as a test-bed for a common security infrastructure in EFDA sites

Energy Technology Data Exchange (ETDEWEB)

Castro, R. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain)], E-mail: rodrigo.castro@ciemat.es; Vega, J.; Portas, A. [Asociacion EURATOM/CIEMAT para Fusion, Madrid (Spain); Lopez, D.R. [Departamento RedIRIS, Entidad publica empresarial Red.es, Madrid (Spain); Balme, S.; Theis, J.M.; Lebourg, P. [Association EURATOM-CEA, CEA/DSM/Departement de Recherches sur la Fusion Controlee DRFC, CEA-Cadarache (France); Fernandes, H.; Neto, A.; Duarte, A.; Oliveira, F.; Reis, F. [Centro de Fusao Nuclear, Associacao EURATOM/IST, Lisboa (Portugal); Purahoo, K. [EURATOM/UKAEA Fusion Association, Culham Science Centre, Abingdon OX14 3DB (United Kingdom); Thomsen, K.; Schiller, W. [EFDA Close Support Unit Garching, Max Planck Institut fuer Plasmaphysik, Boltzmannstr. 2, D-85748 Garching (Germany); Kadlecsik, J. [KFKI R.I. for Particle and Nuclear Physics of the Hungarian Academy of Sciences, and the Association EURATOM/HAS, Budapest (Hungary)

2008-04-15

Federated authentication and authorization systems provide several advantages to collaborative environments, for example, easy authentication integration, simpler user management, easier security policy implementation and quicker implementation of access control elements for new type of resources. A federation integrates different aspects that have to be coordinated by all the organizations involved. The most relevant are: definition of common schemas and attributes, definition of common policies and procedures, management of keys and certificates, management of common repositories and implementation of a home location service. A federation enabling collaboration of European sites has been put into operation. Four laboratories have been integrated and two more organizations (EFDA and KFKI/HAS) are finishing their integration. The federation infrastructure is based on Point of Access to Providers of Information (PAPI), a distributed authentication and authorization system. PAPI technology gives some important features, such as, single sign on for accessing to different resources, mobility for users, and compatibility with open and standard technologies: Java, JNLP protocol, XML-RPC and web technologies among others. In this article, the test-bed of EFDA federation is presented. Some examples of resources, securely shared inside the federation, are shown. Specific issues and experience gained in deploying federated collaboration systems will be addressed as well.

An Overview of DRAM-Based Security Primitives

Directory of Open Access Journals (Sweden)

Nikolaos Athanasios Anagnostopoulos

2018-03-01

Full Text Available Recent developments have increased the demand for adequate security solutions, based on primitives that cannot be easily manipulated or altered, such as hardware-based primitives. Security primitives based on Dynamic Random Access Memory (DRAM can provide cost-efficient and practical security solutions, especially for resource-constrained devices, such as hardware used in the Internet of Things (IoT, as DRAMs are an intrinsic part of most contemporary computer systems. In this work, we present a comprehensive overview of the literature regarding DRAM-based security primitives and an extended classification of it, based on a number of different criteria. In particular, first, we demonstrate the way in which DRAMs work and present the characteristics being exploited for the implementation of security primitives. Then, we introduce the primitives that can be implemented using DRAM, namely Physical Unclonable Functions (PUFs and True Random Number Generators (TRNGs, and present the applications of each of the two types of DRAM-based security primitives. We additionally proceed to assess the security such primitives can provide, by discussing potential attacks and defences, as well as the proposed security metrics. Subsequently, we also compare these primitives to other hardware-based security primitives, noting their advantages and shortcomings, and proceed to demonstrate their potential for commercial adoption. Finally, we analyse our classification methodology, by reviewing the criteria employed in our classification and examining their significance.

Web Application Software for Ground Operations Planning Database (GOPDb) Management

Science.gov (United States)

Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey

2013-01-01

A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.

Perceived and geographic food access and food security status among households with children.

Science.gov (United States)

Ma, Xiaoguang; Liese, Angela D; Bell, Bethany A; Martini, Lauren; Hibbert, James; Draper, Carrie; Burke, Michael P; Jones, Sonya J

2016-10-01

To examine the association of both perceived and geographic neighbourhood food access with food security status among households with children. This was a cross-sectional study in which participants' perceptions of neighbourhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. The Midlands Family Study included 544 households with children in eight counties in South Carolina, USA. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Compared with FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighbourhood access to affordable fruits and vegetables compared with FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables, and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Caregivers with children who experienced hunger perceived that they had less access to healthy affordable food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger.

Perceived and Geographic Food Access and Food Security Status among Households with Children

Science.gov (United States)

Ma, Xiaoguang; Liese, Angela D.; Bell, Bethany; Martini, Lauren; Hibbert, James; Draper, Carrie; Jones, Sonya J.

2017-01-01

Objective To examine the association of both perceived and geographic neighborhood food access with food security status among households with children. Design This was a cross-sectional study in which participants’ perceptions of neighborhood food access were assessed by a standard survey instrument, and geographic food access was evaluated by distance to the nearest supermarket. Multinomial logistic regression models were used to examine the associations. Subjects The Midlands Family Study included 544 households with children in eight counties in South Carolina. Food security status among participants was classified into three categories: food secure (FS), food insecure (FI) and very low food security among children (VLFS-C). Results Compared to FS households, VLFS-C households had lower odds of reporting easy access to adequate food shopping. VLFS-C households also had lower odds of reporting neighborhood access to affordable fruits and vegetables compared to FS households and reported worse selection of fruits and vegetables, quality of fruits and vegetables and selection of low-fat products. FI households had lower odds of reporting fewer opportunities to purchase fast food. None of the geographic access measures was significantly associated with food security status. Conclusions Caregivers with children that experienced hunger perceived that they had less access to healthy affordably food in their community, even though grocery stores were present. Approaches to improve perceived access to healthy affordable food should be considered as part of the overall approach to improving food security and eliminating child hunger. PMID:27133939

Development of Web-Based Remote Desktop to Provide Adaptive User Interfaces in Cloud Platform

OpenAIRE

Shuen-Tai Wang; Hsi-Ya Chang

2014-01-01

Cloud virtualization technologies are becoming more and more prevalent, cloud users usually encounter the problem of how to access to the virtualized remote desktops easily over the web without requiring the installation of special clients. To resolve this issue, we took advantage of the HTML5 technology and developed web-based remote desktop. It permits users to access the terminal which running in our cloud platform from anywhere. We implemented a sketch of web interfac...

An interactive web-based extranet system model for managing ...

African Journals Online (AJOL)

... objectives for students, lecturers and parents to access and compute results ... The database will serve as repository of students' academic records over a ... Keywords: Extranet-Model, Interactive, Web-Based, Students, Academic, Records ...

Don’t screw up your web

CERN Multimedia

Computer Security Team

2012-01-01

Publish or perish. Given the large variety of information which needs to be published, you have the freedom at CERN to deploy your own web-server and put your data online on the Internet. Web content management systems like Joomla! or WordPress together with dedicated add-ons and modules make it easy to quickly create a posh look-and-feel. But hold on. With this freedom also comes responsibility!   Your responsibility does not stop once you have been granted Internet connectivity. No: It falls to you to ensure that your web server is continually secured. Only information which is meant to be public should be put online. Proper access protections must be put in place to secure other data, preferably using the CERN Single Sign-On portal and definitely using the HTTPS (secure HTTP) protocol when transmitting sensitive information like passwords. “Securing” also implies that the operating system as well as the content management system must be updated regularly.   If ...

Statmaster and HEROS - web-based courses first and second generation

DEFF Research Database (Denmark)

Larsen, Pia Veldt; Rootzen, Helle

2008-01-01

With the increasing focus on life-long learning, and with the convenience and accessibility of the Internet, the market for web-based courses has expanded vastly in recent times–in particular in connection with continuing education. However, teaching web-based courses presents various technical...... as well as pedagogical challenges. Some of these challenges are addressed, and means to dealing with them are suggested. A second generation of web-based courses is comprised of learning objects, which allows for tailoring courses for specialized groups of students, and accommodate individualized learning....... The concept of learning objects and how they are used to form new courses are discussed....

Towards Development of Web-based Assessment System Based on Semantic Web Technology

Directory of Open Access Journals (Sweden)

Hosam Farouk El-Sofany

2011-01-01

Full Text Available The assessment process in an educational system is an important and primordial part of its success to assure the correct way of knowledge transmission and to ensure that students are working correctly and succeed to acquire the needed knowledge. In this study, we aim to include Semantic Web technologies in the E-learning process, as new components. We use Semantic Web (SW to: 1 support the evaluation of open questions in e-learning courses, 2 support the creation of questions and exams automatically, 3 support the evaluation of exams created by the system. These components should allow for measuring academic performance, providing feedback mechanisms, and improving participative and collaborative ideas. Our goal is to use Semantic Web and Wireless technologies to design and implement the assessment system that allows the students, to take: web-based tutorials, quizzes, free exercises, and exams, to download: course reviews, previous exams and their model answers, to access the system through the Mobile and take quick quizzes and exercises. The system facilitates generation of automatic, balanced, and different exam sheets that contain different types of questions covering the entire curriculum, and display gradually from easiness to difficulty. The system provides the teachers and administrators with several services such as: store different types of questions, generate exams with specific criteria, and upload course assignments, exams, and reviews.

National Scale Marine Geophysical Data Portal for the Israel EEZ with Public Access Web-GIS Platform

Science.gov (United States)

Ketter, T.; Kanari, M.; Tibor, G.

2017-12-01

Recent offshore discoveries and regulation in the Israel Exclusive Economic Zone (EEZ) are the driving forces behind increasing marine research and development initiatives such as infrastructure development, environmental protection and decision making among many others. All marine operations rely on existing seabed information, while some also generate new data. We aim to create a single platform knowledge-base to enable access to existing information, in a comprehensive, publicly accessible web-based interface. The Israel EEZ covers approx. 26,000 sqkm and has been surveyed continuously with various geophysical instruments over the past decades, including 10,000 km of multibeam survey lines, 8,000 km of sub-bottom seismic lines, and hundreds of sediment sampling stations. Our database consists of vector and raster datasets from multiple sources compiled into a repository of geophysical data and metadata, acquired nation-wide by several research institutes and universities. The repository will enable public access via a web portal based on a GIS platform, including datasets from multibeam, sub-bottom profiling, single- and multi-channel seismic surveys and sediment sampling analysis. Respective data products will also be available e.g. bathymetry, substrate type, granulometry, geological structure etc. Operating a web-GIS based repository allows retrieval of pre-existing data for potential users to facilitate planning of future activities e.g. conducting marine surveys, construction of marine infrastructure and other private or public projects. User interface is based on map oriented spatial selection, which will reveal any relevant data for designated areas of interest. Querying the database will allow the user to obtain information about the data owner and to address them for data retrieval as required. Wide and free public access to existing data and metadata can save time and funds for academia, government and commercial sectors, while aiding in cooperation

Facilitating access to the web of data a guide for librarians

CERN Document Server

Stuart, David

2011-01-01

Offers an introduction to the web of data and the semantic web, exploring technologies including APIs, microformats and linked data. This title includes topical commentary and practical examples that explore how information professionals can harness the power of this phenomenon to inform strategy and become facilitators of access to data.

Grid Enabled Geospatial Catalogue Web Service

Science.gov (United States)

Chen, Ai-Jun; Di, Li-Ping; Wei, Ya-Xing; Liu, Yang; Bui, Yu-Qi; Hu, Chau-Min; Mehrotra, Piyush

2004-01-01

Geospatial Catalogue Web Service is a vital service for sharing and interoperating volumes of distributed heterogeneous geospatial resources, such as data, services, applications, and their replicas over the web. Based on the Grid technology and the Open Geospatial Consortium (0GC) s Catalogue Service - Web Information Model, this paper proposes a new information model for Geospatial Catalogue Web Service, named as GCWS which can securely provides Grid-based publishing, managing and querying geospatial data and services, and the transparent access to the replica data and related services under the Grid environment. This information model integrates the information model of the Grid Replica Location Service (RLS)/Monitoring & Discovery Service (MDS) with the information model of OGC Catalogue Service (CSW), and refers to the geospatial data metadata standards from IS0 19115, FGDC and NASA EOS Core System and service metadata standards from IS0 191 19 to extend itself for expressing geospatial resources. Using GCWS, any valid geospatial user, who belongs to an authorized Virtual Organization (VO), can securely publish and manage geospatial resources, especially query on-demand data in the virtual community and get back it through the data-related services which provide functions such as subsetting, reformatting, reprojection etc. This work facilitates the geospatial resources sharing and interoperating under the Grid environment, and implements geospatial resources Grid enabled and Grid technologies geospatial enabled. It 2!so makes researcher to focus on science, 2nd not cn issues with computing ability, data locztic, processir,g and management. GCWS also is a key component for workflow-based virtual geospatial data producing.

Web-Based Cognitive Behavioral Therapy for Female Patients With Eating Disorders: Randomized Controlled Trial.

Science.gov (United States)

ter Huurne, Elke D; de Haan, Hein A; Postel, Marloes G; van der Palen, Job; VanDerNagel, Joanne E L; DeJong, Cornelis A J

2015-06-18

Many patients with eating disorders do not receive help for their symptoms, even though these disorders have severe morbidity. The Internet may offer alternative low-threshold treatment interventions. This study evaluated the effects of a Web-based cognitive behavioral therapy (CBT) intervention using intensive asynchronous therapeutic support to improve eating disorder psychopathology, and to reduce body dissatisfaction and related health problems among patients with eating disorders. A two-arm open randomized controlled trial comparing a Web-based CBT intervention to a waiting list control condition (WL) was carried out among female patients with bulimia nervosa (BN), binge eating disorder (BED), and eating disorders not otherwise specified (EDNOS). The eating disorder diagnosis was in accordance with the Diagnostic and Statistical Manual of Mental Disorders, 4th edition, and was established based on participants' self-report. Participants were recruited from an open-access website, and the intervention consisted of a structured two-part program within a secure Web-based application. The aim of the first part was to analyze participant's eating attitudes and behaviors, while the second part focused on behavioral change. Participants had asynchronous contact with a personal therapist twice a week, solely via the Internet. Self-report measures of eating disorder psychopathology (primary outcome), body dissatisfaction, physical health, mental health, self-esteem, quality of life, and social functioning were completed at baseline and posttest. A total of 214 participants were randomized to either the Web-based CBT group (n=108) or to the WL group (n=106) stratified by type of eating disorder (BN: n=44; BED: n=85; EDNOS: n=85). Study attrition was low with 94% of the participants completing the posttest assignment. Overall, Web-based CBT showed a significant improvement over time for eating disorder psychopathology (F97=63.07, PWeb-based CBT participants in all three

EarthServer2 : The Marine Data Service - Web based and Programmatic Access to Ocean Colour Open Data

Science.gov (United States)

Clements, Oliver; Walker, Peter

2017-04-01

The ESA Ocean Colour - Climate Change Initiative (ESA OC-CCI) has produced a long-term high quality global dataset with associated per-pixel uncertainty data. This dataset has now grown to several hundred terabytes (uncompressed) and is freely available to download. However, the sheer size of the dataset can act as a barrier to many users; large network bandwidth, local storage and processing requirements can prevent researchers without the backing of a large organisation from taking advantage of this raw data. The EC H2020 project, EarthServer2, aims to create a federated data service providing access to more than 1 petabyte of earth science data. Within this federation the Marine Data Service already provides an innovative on-line tool-kit for filtering, analysing and visualising OC-CCI data. Data are made available, filtered and processed at source through a standards-based interface, the Open Geospatial Consortium Web Coverage Service and Web Coverage Processing Service. This work was initiated in the EC FP7 EarthServer project where it was found that the unfamiliarity and complexity of these interfaces itself created a barrier to wider uptake. The continuation project, EarthServer2, addresses these issues by providing higher level tools for working with these data. We will present some examples of these tools. Many researchers wish to extract time series data from discrete points of interest. We will present a web based interface, based on NASA/ESA WebWorldWind, for selecting points of interest and plotting time series from a chosen dataset. In addition, a CSV file of locations and times, such as a ship's track, can be uploaded and these points extracted and returned in a CSV file allowing researchers to work with the extract locally, such as a spreadsheet. We will also present a set of Python and JavaScript APIs that have been created to complement and extend the web based GUI. These APIs allow the selection of single points and areas for extraction. The

Web-based tools from AHRQ's National Resource Center.

Science.gov (United States)

Cusack, Caitlin M; Shah, Sapna

2008-11-06

The Agency for Healthcare Research and Quality (AHRQ) has made an investment of over $216 million in research around health information technology (health IT). As part of their investment, AHRQ has developed the National Resource Center for Health IT (NRC) which includes a public domain Web site. New content for the web site, such as white papers, toolkits, lessons from the health IT portfolio and web-based tools, is developed as needs are identified. Among the tools developed by the NRC are the Compendium of Surveys and the Clinical Decision Support (CDS) Resources. The Compendium of Surveys is a searchable repository of health IT evaluation surveys made available for public use. The CDS Resources contains content which may be used to develop clinical decision support tools, such as rules, reminders and templates. This live demonstration will show the access, use, and content of both these freely available web-based tools.

GeneDig: a web application for accessing genomic and bioinformatics knowledge.

Science.gov (United States)

Suciu, Radu M; Aydin, Emir; Chen, Brian E

2015-02-28

With the exponential increase and widespread availability of genomic, transcriptomic, and proteomic data, accessing these '-omics' data is becoming increasingly difficult. The current resources for accessing and analyzing these data have been created to perform highly specific functions intended for specialists, and thus typically emphasize functionality over user experience. We have developed a web-based application, GeneDig.org, that allows any general user access to genomic information with ease and efficiency. GeneDig allows for searching and browsing genes and genomes, while a dynamic navigator displays genomic, RNA, and protein information simultaneously for co-navigation. We demonstrate that our application allows more than five times faster and efficient access to genomic information than any currently available methods. We have developed GeneDig as a platform for bioinformatics integration focused on usability as its central design. This platform will introduce genomic navigation to broader audiences while aiding the bioinformatics analyses performed in everyday biology research.

Implementing a public web based GIS service for feedback of surveillance data on communicable diseases in Sweden

Directory of Open Access Journals (Sweden)

Ekdahl Karl

2004-06-01

Full Text Available Abstract Background Surveillance data allow for analysis, providing public health officials and policy-makers with a basis for long-term priorities and timely information on possible outbreaks for rapid response (data for action. In this article we describe the considerations and technology behind a newly introduced public web tool in Sweden for easy retrieval of county and national surveillance data on communicable diseases. Methods The web service was designed to automatically present updated surveillance statistics of some 50 statutory notifiable diseases notified to the Swedish Institute for Infectious Disease Control (SMI. The surveillance data is based on clinical notifications from the physician having treated the patient and laboratory notifications, merged into cases using a unique personal identification number issued to all Swedish residents. The web service use notification data from 1997 onwards, stored in a relational database at the SMI. Results The web service presents surveillance data to the user in various ways; tabulated data containing yearly and monthly disease data per county, age and sex distribution, interactive maps illustrating the total number of cases and the incidence per county and time period, graphs showing the total number of cases per week and graphs illustrating trends in the disease data. The system design encompasses the database (storing the data, the web server (holding the web service and an in-the-middle computer (to ensure good security standards. Conclusions The web service has provided the health community, the media, and the public with easy access to both timely and detailed surveillance data presented in various forms. Since it was introduced in May 2003, the system has been accessed more than 1,000,000 times, by more than 10,000 different viewers (over 12.600 unique IP-numbers.

SCHeMA web-based observation data information system

Science.gov (United States)

Novellino, Antonio; Benedetti, Giacomo; D'Angelo, Paolo; Confalonieri, Fabio; Massa, Francesco; Povero, Paolo; Tercier-Waeber, Marie-Louise

2016-04-01

It is well recognized that the need of sharing ocean data among non-specialized users is constantly increasing. Initiatives that are built upon international standards will contribute to simplify data processing and dissemination, improve user-accessibility also through web browsers, facilitate the sharing of information across the integrated network of ocean observing systems; and ultimately provide a better understanding of the ocean functioning. The SCHeMA (Integrated in Situ Chemical MApping probe) Project is developing an open and modular sensing solution for autonomous in situ high resolution mapping of a wide range of anthropogenic and natural chemical compounds coupled to master bio-physicochemical parameters (www.schema-ocean.eu). The SCHeMA web system is designed to ensure user-friendly data discovery, access and download as well as interoperability with other projects through a dedicated interface that implements the Global Earth Observation System of Systems - Common Infrastructure (GCI) recommendations and the international Open Geospatial Consortium - Sensor Web Enablement (OGC-SWE) standards. This approach will insure data accessibility in compliance with major European Directives and recommendations. Being modular, the system allows the plug-and-play of commercially available probes as well as new sensor probess under development within the project. The access to the network of monitoring probes is provided via a web-based system interface that, being implemented as a SOS (Sensor Observation Service), is providing standard interoperability and access tosensor observations systems through O&M standard - as well as sensor descriptions - encoded in Sensor Model Language (SensorML). The use of common vocabularies in all metadatabases and data formats, to describe data in an already harmonized and common standard is a prerequisite towards consistency and interoperability. Therefore, the SCHeMA SOS has adopted the SeaVox common vocabularies populated by

Design of IP Camera Access Control Protocol by Utilizing Hierarchical Group Key

Directory of Open Access Journals (Sweden)

Jungho Kang

2015-08-01

Full Text Available Unlike CCTV, security video surveillance devices, which we have generally known about, IP cameras which are connected to a network either with or without wire, provide monitoring services through a built-in web-server. Due to the fact that IP cameras can use a network such as the Internet, multiple IP cameras can be installed at a long distance and each IP camera can utilize the function of a web server individually. Even though IP cameras have this kind of advantage, it has difficulties in access control management and weakness in user certification, too. Particularly, because the market of IP cameras did not begin to be realized a long while ago, systems which are systematized from the perspective of security have not been built up yet. Additionally, it contains severe weaknesses in terms of access authority to the IP camera web server, certification of users, and certification of IP cameras which are newly installed within a network, etc. This research grouped IP cameras hierarchically to manage them systematically, and provided access control and data confidentiality between groups by utilizing group keys. In addition, IP cameras and users are certified by using PKI-based certification, and weak points of security such as confidentiality and integrity, etc., are improved by encrypting passwords. Thus, this research presents specific protocols of the entire process and proved through experiments that this method can be actually applied.

Simple Enough--Even for Web Virgins: Lisa Mitten's Access to Native American Web Sites. Web Site Review Essay.

Science.gov (United States)

Belgarde, Mary Jiron

1998-01-01

A mixed-blood Mohawk urban Indian and university librarian, Lisa Mitten provides access to Web sites with solid information about American Indians. Links are provided to 10 categories--Native nations, Native organizations, Indian education, Native media, powwows and festivals, Indian music, Native arts, Native businesses, and Indian-oriented home…

WebGIS based on semantic grid model and web services

Science.gov (United States)

Zhang, WangFei; Yue, CaiRong; Gao, JianGuo

2009-10-01

As the combination point of the network technology and GIS technology, WebGIS has got the fast development in recent years. With the restriction of Web and the characteristics of GIS, traditional WebGIS has some prominent problems existing in development. For example, it can't accomplish the interoperability of heterogeneous spatial databases; it can't accomplish the data access of cross-platform. With the appearance of Web Service and Grid technology, there appeared great change in field of WebGIS. Web Service provided an interface which can give information of different site the ability of data sharing and inter communication. The goal of Grid technology was to make the internet to a large and super computer, with this computer we can efficiently implement the overall sharing of computing resources, storage resource, data resource, information resource, knowledge resources and experts resources. But to WebGIS, we only implement the physically connection of data and information and these is far from the enough. Because of the different understanding of the world, following different professional regulations, different policies and different habits, the experts in different field will get different end when they observed the same geographic phenomenon and the semantic heterogeneity produced. Since these there are large differences to the same concept in different field. If we use the WebGIS without considering of the semantic heterogeneity, we will answer the questions users proposed wrongly or we can't answer the questions users proposed. To solve this problem, this paper put forward and experienced an effective method of combing semantic grid and Web Services technology to develop WebGIS. In this paper, we studied the method to construct ontology and the method to combine Grid technology and Web Services and with the detailed analysis of computing characteristics and application model in the distribution of data, we designed the WebGIS query system driven by

28 CFR 16.74 - Exemption of National Security Division Systems-limited access.

Science.gov (United States)

2010-07-01

... National Security Division Systems—limited access. (a) The following system of records is exempted from... 28 Judicial Administration 1 2010-07-01 2010-07-01 false Exemption of National Security Division Systems-limited access. 16.74 Section 16.74 Judicial Administration DEPARTMENT OF JUSTICE PRODUCTION OR...

SalanderMaps: A rapid overview about felt earthquakes through data mining of web-accesses

Science.gov (United States)

Kradolfer, Urs

2013-04-01

While seismological observatories detect and locate earthquakes based on measurements of the ground motion, they neither know a priori whether an earthquake has been felt by the public nor is it known, where it has been felt. Such information is usually gathered by evaluating feedback reported by the public through on-line forms on the web. However, after a felt earthquake in Switzerland, many people visit the webpages of the Swiss Seismological Service (SED) at the ETH Zurich and each such visit leaves traces in the logfiles on our web-servers. Data mining techniques, applied to these logfiles and mining publicly available data bases on the internet open possibilities to obtain previously unknown information about our virtual visitors. In order to provide precise information to authorities and the media, it would be desirable to rapidly know from which locations these web-accesses origin. The method 'Salander' (Seismic Activitiy Linked to Area codes - Nimble Detection of Earthquake Rumbles) will be introduced and it will be explained, how the IP-addresses (each computer or router directly connected to the internet has a unique IP-address; an example would be 129.132.53.5) of a sufficient amount of our virtual visitors were linked to their geographical area. This allows us to unprecedentedly quickly know whether and where an earthquake was felt in Switzerland. It will also be explained, why the method Salander is superior to commercial so-called geolocation products. The corresponding products of the Salander method, animated SalanderMaps, which are routinely generated after each earthquake with a magnitude of M>2 in Switzerland (http://www.seismo.ethz.ch/prod/salandermaps/, available after March 2013), demonstrate how the wavefield of earthquakes propagates through Switzerland and where it was felt. Often, such information is available within less than 60 seconds after origin time, and we always get a clear picture within already five minutes after origin time

Web technology for emergency medicine and secure transmission of electronic patient records.

Science.gov (United States)

Halamka, J D

1998-01-01

The American Heritage dictionary defines the word "web" as "something intricately contrived, especially something that ensnares or entangles." The wealth of medical resources on the World Wide Web is now so extensive, yet disorganized and unmonitored, that such a definition seems fitting. In emergency medicine, for example, a field in which accurate and complete information, including patients' records, is urgently needed, more than 5000 Web pages are available today, whereas fewer than 50 were available in December 1994. Most sites are static Web pages using the Internet to publish textbook material, but new technology is extending the scope of the Internet to include online medical education and secure exchange of clinical information. This article lists some of the best Web sites for use in emergency medicine and then describes a project in which the Web is used for transmission and protection of electronic medical records.

Securing the anonymity of content providers in the World Wide Web

Science.gov (United States)

Demuth, Thomas; Rieke, Andreas

1999-04-01

Nowadays the World Wide Web (WWW) is an established service used by people all over the world. Most of them do not recognize the fact that they reveal plenty of information about themselves or their affiliation and computer equipment to the providers of web pages they connect to. As a result, a lot of services offer users to access web pages unrecognized or without risk of being backtracked, respectively. This kind of anonymity is called user or client anonymity. But on the other hand, an equivalent protection for content providers does not exist, although this feature is desirable for many situations in which the identity of a publisher or content provider shall be hidden. We call this property server anonymity. We will introduce the first system with the primary target to offer anonymity for providers of information in the WWW. Beside this property, it provides also client anonymity. Based on David Chaum's idea of mixes and in relation to the context of the WWW, we explain the term 'server anonymity' motivating the system JANUS which offers both client and server anonymity.

Study on Mandatory Access Control in a Secure Database Management System

Institute of Scientific and Technical Information of China (English)

无

2001-01-01

This paper proposes a security policy model for mandatory access control in class B1 database management system whose level of labeling is tuple. The relation-hierarchical data model is extended to multilevel relation-hierarchical data model. Based on the multilevel relation-hierarchical data model, the concept of upper-lower layer relational integrity is presented after we analyze and eliminate the covert channels caused by the database integrity. Two SQL statements are extended to process polyinstantiation in the multilevel secure environment. The system is based on the multilevel relation-hierarchical data model and is capable of integratively storing and manipulating multilevel complicated objects (e. g., multilevel spatial data) and multilevel conventional data ( e. g., integer. real number and character string).

Generating WS-SecurityPolicy documents via security model transformation

DEFF Research Database (Denmark)

Jensen, Meiko

2009-01-01

When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriat...... security model definition and transformation approach, targeting the WS-SecurityPolicy and WS-BPEL specifications, in order to enable a Web-Service-based secure business process development.......When SOA-based business processes are to be enhanced with security properties, the model-driven business process development approach enables an easier and more reliable security definition compared to manually crafting the security realizations afterwards. In this paper, we outline an appropriate...

A Solution of Data-Level Security Access Control%一种数据级安全访问控制方案①

Institute of Scientific and Technical Information of China (English)

唐建; 徐罡; 许舒人

2013-01-01

To protect sensitive data in Web applications from unauthorized access, a data access strategy consisting of user set and data access authority is proposed, which is based on traditional role based access control model. The data access strategy is related to function. After parsing the original business SQL, row-level-rules are applied to filter the data records in row level, and column-level-rules are applied to mask the corresponding attributes of the data records. A data security access control framework is designed. Finally, this strategy is implemented in the Agricultural Products Supply Chain Management System of Xinfadi, and the validity and effectiveness of the presented strategy is demonstrated.%为了更好地保护 Web 应用系统中敏感数据不被非法访问。在传统的基于角色的访问控制模型基础上提出了由用户集合和数据访问权限构成的数据访问策略，并将数据访问策略关联到功能，通过对原有业务 SQL 解析，使用行级访问权限对数据记录进行行级过滤，再根据列级访问权限对数据记录相应属性进行屏蔽处理来进行数据安全访问控制，并设计了数据安全访问控制的框架。最后将该方案应用到新发地农产品供应链管理平台中，验证了该方案的可行性和有效性。

Discursive Policy Webs in a Globalisation Era: A Discussion of Access to Professions and Trades for Immigrant Professionals in Ontario, Canada

Science.gov (United States)

Goldberg, Michelle P.

2006-01-01

This article explores the link between discourse and policy using a discursive web metaphor. It develops the notion of policy as a discursive web based on a post-positivist framework that recognises the way multiple discourses from multiple voices interact in a complex web of power relationships to influence reality. Using Ontario's Access to…

PV-WEB: internet-based PV information tool

International Nuclear Information System (INIS)

Cowley, P.

2003-01-01

This report gives details of a project to create a web-based information system on photovoltaic (PV) systems for the British PV Association (PV-UK) for use by decision makers in government, the utilities, and the housing and construction sectors. The project, which aims to provide an easily accessible tool for UK companies, promote PV technology, increase competitiveness, and identify market opportunities, is described. The design of the web site and its implementation and the evolution are discussed, along with the maintenance of the site by PV-UK and the opportunities offered to PV-UK Members

PV-WEB: internet-based PV information tool

Energy Technology Data Exchange (ETDEWEB)

Cowley, P

2003-07-01

This report gives details of a project to create a web-based information system on photovoltaic (PV) systems for the British PV Association (PV-UK) for use by decision makers in government, the utilities, and the housing and construction sectors. The project, which aims to provide an easily accessible tool for UK companies, promote PV technology, increase competitiveness, and identify market opportunities, is described. The design of the web site and its implementation and the evolution are discussed, along with the maintenance of the site by PV-UK and the opportunities offered to PV-UK Members.

Deploying web-based visual exploration tools on the grid

Energy Technology Data Exchange (ETDEWEB)

Jankun-Kelly, T.J.; Kreylos, Oliver; Shalf, John; Ma, Kwan-Liu; Hamann, Bernd; Joy, Kenneth; Bethel, E. Wes

2002-02-01

We discuss a web-based portal for the exploration, encapsulation, and dissemination of visualization results over the Grid. This portal integrates three components: an interface client for structured visualization exploration, a visualization web application to manage the generation and capture of the visualization results, and a centralized portal application server to access and manage grid resources. We demonstrate the usefulness of the developed system using an example for Adaptive Mesh Refinement (AMR) data visualization.

10 CFR 95.35 - Access to matter classified as National Security Information and Restricted Data.

Science.gov (United States)

2010-01-01

... SECURITY CLEARANCE AND SAFEGUARDING OF NATIONAL SECURITY INFORMATION AND RESTRICTED DATA Control of Information § 95.35 Access to matter classified as National Security Information and Restricted Data. (a... have access to matter revealing Secret or Confidential National Security Information or Restricted Data...

Some Programs Should Not Run on Laptops - Providing Programmatic Access to Applications Via Web Services

Science.gov (United States)

Gupta, V.; Gupta, N.; Gupta, S.; Field, E.; Maechling, P.

2003-12-01

hosted these Web Services as a part of the SCEC Community Modeling Environment (SCEC/CME) ITR Project (http://www.scec.org/cme). We have implemented Web Services for several of the reasons sited previously. For example, we implemented a FORTRAN-based Earthquake Rupture Forecast (ERF) as a Web Service for use by client computers that don't support a FORTRAN runtime environment. We implemented a Generic Mapping Tool (GMT) Web Service for use by systems that don't have local access to GMT. We implemented a Hazard Map Calculator Web Service to execute Hazard calculations that are too computationally intensive to run on a local system. We implemented a Coordinate Conversion Web Service to enforce a standard and consistent method for converting between UTM and Lat/Lon. Our experience developing these services indicates both strengths and weakness in current Web Service technology. Client programs that utilize Web Services typically need network access, a significant disadvantage at times. Programs with simple input and output parameters were the easiest to implement as Web Services, while programs with complex parameter-types required a significant amount of additional development. We also noted that Web services are very data-oriented, and adapting object-oriented software into the Web Service model proved problematic. Also, the Web Service approach of converting data types into XML format for network transmission has significant inefficiencies for some data sets.

Need an Information Security in Access Control System?

Directory of Open Access Journals (Sweden)

V. R. Petrov

2011-12-01

Full Text Available The purpose of this paper is the general problems of information security in access control system. The field of using is the in project of reconstruction Physical protection system.

Task-and-role-based access-control model for computational grid

Institute of Scientific and Technical Information of China (English)

LONG Tao; HONG Fan; WU Chi; SUN Ling-li

2007-01-01

Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

WSGB: A Web Service-Based Growing Book

Science.gov (United States)

Dow, C. R.; Huang, L. H.; Chen, K. H.; Chiu, J. C.; Lin, C. M.

2006-01-01

Growing Book refers to an electronic textbook that is co-developed, and has the ability to be constantly maintained, by groups of independent authors, thus creating a rich and ever-growing learning environment that can be conveniently accessible from anywhere. This work designs and implements a Web Service-based Growing Book that has the merits of…

Onco-STS: a web-based laboratory information management system for sample and analysis tracking in oncogenomic experiments.

Science.gov (United States)

Gavrielides, Mike; Furney, Simon J; Yates, Tim; Miller, Crispin J; Marais, Richard

2014-01-01

Whole genomes, whole exomes and transcriptomes of tumour samples are sequenced routinely to identify the drivers of cancer. The systematic sequencing and analysis of tumour samples, as well other oncogenomic experiments, necessitates the tracking of relevant sample information throughout the investigative process. These meta-data of the sequencing and analysis procedures include information about the samples and projects as well as the sequencing centres, platforms, data locations, results locations, alignments, analysis specifications and further information relevant to the experiments. The current work presents a sample tracking system for oncogenomic studies (Onco-STS) to store these data and make them easily accessible to the researchers who work with the samples. The system is a web application, which includes a database and a front-end web page that allows the remote access, submission and updating of the sample data in the database. The web application development programming framework Grails was used for the development and implementation of the system. The resulting Onco-STS solution is efficient, secure and easy to use and is intended to replace the manual data handling of text records. Onco-STS allows simultaneous remote access to the system making collaboration among researchers more effective. The system stores both information on the samples in oncogenomic studies and details of the analyses conducted on the resulting data. Onco-STS is based on open-source software, is easy to develop and can be modified according to a research group's needs. Hence it is suitable for laboratories that do not require a commercial system.

Engaging Physician Learners Through a Web-Based Platform: Individualized End-of-Life Education.

Science.gov (United States)

Bergman, Jonathan; Ballon-Landa, Eric; Lerman, Steven E; Kwan, Lorna; Bennett, Carol J; Litwin, Mark S

2016-09-01

Web-based modules provide a convenient and low-cost education platform, yet should be carefully designed to ensure that learners are actively engaged. In order to improve attitudes and knowledge in end-of-life (EOL) care, we developed a web-based educational module that employed hyperlinks to allow users access to auxiliary resources: clinical guidelines and seminal research papers. Participants took pre-test evaluations of attitudes and knowledge regarding EOL care prior to accessing the educational module, and a post-test evaluation following the module intervention. We recorded the type of hyperlinks (guideline or paper) accessed by learners, and stratified participants into groups based on link type accessed (none, either, or both). We used demographic and educational data to develop a multivariate mixed-effects regression analysis to develop adjusted predictions of attitudes and knowledge. 114 individuals participated. The majority had some professional exposure to EOL care (prior instruction 62%; EOL referral 53%; EOL discussion 56%), though most had no family (68%) or personal experience (51%). On bivariate analysis, non-partnered (p = .04), medical student training level (p = .03), prior palliative care referral (p = .02), having a family member (p = .02) and personal experience of EOL care (p improvements. Auxiliary resources accessible by hyperlink are an effective adjunct to web-based learning in end-of-life care. © The Author(s) 2015.

SmartVeh: Secure and Efficient Message Access Control and Authentication for Vehicular Cloud Computing.

Science.gov (United States)

Huang, Qinlong; Yang, Yixian; Shi, Yuxiang

2018-02-24

With the growing number of vehicles and popularity of various services in vehicular cloud computing (VCC), message exchanging among vehicles under traffic conditions and in emergency situations is one of the most pressing demands, and has attracted significant attention. However, it is an important challenge to authenticate the legitimate sources of broadcast messages and achieve fine-grained message access control. In this work, we propose SmartVeh, a secure and efficient message access control and authentication scheme in VCC. A hierarchical, attribute-based encryption technique is utilized to achieve fine-grained and flexible message sharing, which ensures that vehicles whose persistent or dynamic attributes satisfy the access policies can access the broadcast message with equipped on-board units (OBUs). Message authentication is enforced by integrating an attribute-based signature, which achieves message authentication and maintains the anonymity of the vehicles. In order to reduce the computations of the OBUs in the vehicles, we outsource the heavy computations of encryption, decryption and signing to a cloud server and road-side units. The theoretical analysis and simulation results reveal that our secure and efficient scheme is suitable for VCC.

New data access with HTTP/WebDAV in the ATLAS experiment

CERN Document Server

Elmsheuser, Johannes; The ATLAS collaboration; Serfon, Cedric; Garonne, Vincent; Blunier, Sylvain; Lavorini, Vincenzo; Nilsson, Paul

2015-01-01

With the exponential growth of LHC (Large Hadron Collider) data in the years 2010-2012, distributed computing has become the established way to analyze collider data. The ATLAS experiment Grid infrastructure includes more than 130 sites worldwide, ranging from large national computing centres to smaller university clusters. So far the storage technologies and access protocols to the clusters that host this tremendous amount of data vary from site to site. HTTP/WebDAV offers the possibility to use a unified industry standard to access the storage. We present the deployment and testing of HTTP/WebDAV for local and remote data access in the ATLAS experiment for the new data management system Rucio and the PanDA workload management system. Deployment and large scale tests have been performed using the Grid testing system HammerCloud and the ROOT HTTP plugin Davix.

New data access with HTTP/WebDAV in the ATLAS experiment

CERN Document Server

Elmsheuser, Johannes; The ATLAS collaboration; Serfon, Cedric; Garonne, Vincent; Blunier, Sylvain; Lavorini, Vincenzo; Nilsson, Paul

2015-01-01

With the exponential growth of LHC (Large Hadron Collider) data in the years 2010-2012, distributed computing has become the established way to analyse collider data. The ATLAS experiment Grid infrastructure includes more than 130 sites worldwide, ranging from large national computing centres to smaller university clusters. So far the storage technologies and access protocols to the clusters that host this tremendous amount of data vary from site to site. HTTP/WebDAV offers the possibility to use a unified industry standard to access the storage. We present the deployment and testing of HTTP/WebDAV for local and remote data access in the ATLAS experiment for the new data management system Rucio and the PanDA workload management system. Deployment and large scale tests have been performed using the Grid testing system HammerCloud and the ROOT HTTP plugin Davix.

Empirical analysis of the effects of cyber security incidents.

Science.gov (United States)

Davis, Ginger; Garcia, Alfredo; Zhang, Weide

2009-09-01

We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

Secure management of personal health records by applying attribute-based encryption

NARCIS (Netherlands)

Ibraimi, L.; Asim, M.; Petkovic, M.

2009-01-01

The confidentiality of personal health records is a major problem when patients use commercial Web-based systems to store their health data. Traditional access control mechanisms have several limitations with respect to enforcing access control policies and ensuring data confidentiality. In

Accessibility and content of individualized adult reconstructive hip and knee/musculoskeletal oncology fellowship web sites

Directory of Open Access Journals (Sweden)

Bradley L. Young, MD

2018-06-01

Conclusions: Several programs participating in the combined Adult Reconstructive Hip and Knee/Musculoskeletal Oncology Fellowship Match did not have accessible web sites. Of the web sites that were accessible, none contained comprehensive information and the majority lacked information that has been previously identified as being important to perspective applicants.

Provably Secure Heterogeneous Access Control Scheme for Wireless Body Area Network.

Science.gov (United States)

Omala, Anyembe Andrew; Mbandu, Angolo Shem; Mutiria, Kamenyi Domenic; Jin, Chunhua; Li, Fagen

2018-04-28

Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.

Web-Based Patient Education in Orthopedics: Systematic Review

Science.gov (United States)

Melles, Marijke; Groeneveld, Bob Sander; de Ridder, Huib

2018-01-01

Background Patients with orthopedic conditions frequently use the internet to find health information. Patient education that is distributed online may form an easily accessible, time- and cost-effective alternative to education delivered through traditional channels such as one-on-one consultations or booklets. However, no systematic evidence for the comparative effectiveness of Web-based educational interventions exists. Objective The objective of this systematic review was to examine the effects of Web-based patient education interventions for adult orthopedic patients and to compare its effectiveness with generic health information websites and traditional forms of patient education. Methods CINAHL, the Cochrane Library, EMBASE, MEDLINE, PsycINFO, PUBMED, ScienceDirect, Scopus, and Web of Science were searched covering the period from 1995 to 2016. Peer-reviewed English and Dutch studies were included if they delivered patient education via the internet to the adult orthopedic population and assessed its effects in a controlled or observational trial. Results A total of 10 trials reported in 14 studies involving 4172 patients were identified. Nine trials provided evidence for increased patients’ knowledge after Web-based patient education. Seven trials reported increased satisfaction and good evaluations of Web-based patient education. No compelling evidence exists for an effect of Web-based patient education on anxiety, health attitudes and behavior, or clinical outcomes. Conclusions Web-based patient education may be offered as a time- and cost-effective alternative to current educational interventions when the objective is to improve patients’ knowledge and satisfaction. However, these findings may not be representative for the whole orthopedic patient population as most trials included considerably younger, higher-educated, and internet-savvy participants only. PMID:29685869

Implementing Recommendations From Web Accessibility Guidelines: A Comparative Study of Nondisabled Users and Users With Visual Impairments.

Science.gov (United States)

Schmutz, Sven; Sonderegger, Andreas; Sauer, Juergen

2017-09-01

The present study examined whether implementing recommendations of Web accessibility guidelines would have different effects on nondisabled users than on users with visual impairments. The predominant approach for making Web sites accessible for users with disabilities is to apply accessibility guidelines. However, it has been hardly examined whether this approach has side effects for nondisabled users. A comparison of the effects on both user groups would contribute to a better understanding of possible advantages and drawbacks of applying accessibility guidelines. Participants from two matched samples, comprising 55 participants with visual impairments and 55 without impairments, took part in a synchronous remote testing of a Web site. Each participant was randomly assigned to one of three Web sites, which differed in the level of accessibility (very low, low, and high) according to recommendations of the well-established Web Content Accessibility Guidelines 2.0 (WCAG 2.0). Performance (i.e., task completion rate and task completion time) and a range of subjective variables (i.e., perceived usability, positive affect, negative affect, perceived aesthetics, perceived workload, and user experience) were measured. Higher conformance to Web accessibility guidelines resulted in increased performance and more positive user ratings (e.g., perceived usability or aesthetics) for both user groups. There was no interaction between user group and accessibility level. Higher conformance to WCAG 2.0 may result in benefits for nondisabled users and users with visual impairments alike. Practitioners may use the present findings as a basis for deciding on whether and how to implement accessibility best.

Implementation of clinical research trials using web-based and mobile devices: challenges and solutions

Directory of Open Access Journals (Sweden)

Roy Eagleson

2017-03-01

Full Text Available Abstract Background With the increasing implementation of web-based, mobile health interventions in clinical trials, it is crucial for researchers to address the security and privacy concerns of patient information according to high ethical standards. The full process of meeting these standards is often made more complicated due to the use of internet-based technology and smartphones for treatment, telecommunication, and data collection; however, this process is not well-documented in the literature. Results The Smart Heart Trial is a single-arm feasibility study that is currently assessing the effects of a web-based, mobile lifestyle intervention for overweight and obese children and youth with congenital heart disease in Southwestern Ontario. Participants receive telephone counseling regarding nutrition and fitness; and complete goal-setting activities on a web-based application. This paper provides a detailed overview of the challenges the study faced in meeting the high standards of our Research Ethics Board, specifically regarding patient privacy. Conclusion We outline our solutions, successes, limitations, and lessons learned to inform future similar studies; and model much needed transparency in ensuring high quality security and protection of patient privacy when using web-based and mobile devices for telecommunication and data collection in clinical research.

High security chaotic multiple access scheme for visible light communication systems with advanced encryption standard interleaving

Science.gov (United States)

Qiu, Junchao; Zhang, Lin; Li, Diyang; Liu, Xingcheng

2016-06-01

Chaotic sequences can be applied to realize multiple user access and improve the system security for a visible light communication (VLC) system. However, since the map patterns of chaotic sequences are usually well known, eavesdroppers can possibly derive the key parameters of chaotic sequences and subsequently retrieve the information. We design an advanced encryption standard (AES) interleaving aided multiple user access scheme to enhance the security of a chaotic code division multiple access-based visible light communication (C-CDMA-VLC) system. We propose to spread the information with chaotic sequences, and then the spread information is interleaved by an AES algorithm and transmitted over VLC channels. Since the computation complexity of performing inverse operations to deinterleave the information is high, the eavesdroppers in a high speed VLC system cannot retrieve the information in real time; thus, the system security will be enhanced. Moreover, we build a mathematical model for the AES-aided VLC system and derive the theoretical information leakage to analyze the system security. The simulations are performed over VLC channels, and the results demonstrate the effectiveness and high security of our presented AES interleaving aided chaotic CDMA-VLC system.

Evaluating a hybrid web-based basic genetics course for health professionals.

Science.gov (United States)

Wallen, Gwenyth R; Cusack, Georgie; Parada, Suzan; Miller-Davis, Claiborne; Cartledge, Tannia; Yates, Jan

2011-08-01

Health professionals, particularly nurses, continue to struggle with the expanding role of genetics information in the care of their patients. This paper describes an evaluation study of the effectiveness of a hybrid basic genetics course for healthcare professionals combining web-based learning with traditional face-to-face instructional techniques. A multidisciplinary group from the National Institutes of Health (NIH) created "Basic Genetics Education for Healthcare Providers" (BGEHCP). This program combined 7 web-based self-education modules with monthly traditional face-to-face lectures by genetics experts. The course was pilot tested by 186 healthcare providers from various disciplines with 69% (n=129) of the class registrants enrolling in a pre-post evaluation trial. Outcome measures included critical thinking knowledge items and a Web-based Learning Environment Inventory (WEBLEI). Results indicated a significant (peffectiveness particularly in the area of convenience, access and the course structure and design. Although significant increases in overall knowledge scores were achieved, scores in content areas surrounding genetic risk identification and ethical issues regarding genetic testing reflected continued gaps in knowledge. Web-based genetics education may help overcome genetics knowledge deficits by providing access for health professionals with diverse schedules in a variety of national and international settings. Published by Elsevier Ltd.

To Study and Explain the Different Methods to Built a Secure Web Application

OpenAIRE

Parveen Kumar

2012-01-01

The secure web application is the most important thing for any type of transaction or similar things. Information security should enable, to the extent possible, a business to take the risks it is prepared to take on, by designing and deploying countermeasuresthat allow for sensible business risk. Additionally, seemingly small exposures should be dealt with if there is a business case. The role of the security architecture is not to steer the business away from risk, but rather to educate the...

A Random-Dot Kinematogram for Web-Based Vision Research

Directory of Open Access Journals (Sweden)

Sivananda Rajananda

2018-01-01

Full Text Available Web-based experiments using visual stimuli have become increasingly common in recent years, but many frequently-used stimuli in vision research have yet to be developed for online platforms. Here, we introduce the first open access random-dot kinematogram (RDK for use in web browsers. This fully customizable RDK offers options to implement several different types of noise (random position, random walk, random direction and parameters to control aperture shape, coherence level, the number of dots, and other features. We include links to commented JavaScript code for easy implementation in web-based experiments, as well as an example of how this stimulus can be integrated as a plugin with a JavaScript library for online studies (jsPsych.

Construction and validation of a web-based epidemiological database for inflammatory bowel diseases in Europe An EpiCom study

DEFF Research Database (Denmark)

Burisch, Johan Michael; Cukovic-Cavka, Silvija; Kaimakliotis, Ioannis

2011-01-01

The EpiCom-study investigates a possible East-West-gradient in Europe in the incidence of IBD and the association with environmental factors. A secured web-based database is used to facilitate and centralize data registration.......The EpiCom-study investigates a possible East-West-gradient in Europe in the incidence of IBD and the association with environmental factors. A secured web-based database is used to facilitate and centralize data registration....

Map-IT! A Web-Based GIS Tool for Watershed Science Education.

Science.gov (United States)

Curtis, David H.; Hewes, Christopher M.; Lossau, Matthew J.

This paper describes the development of a prototypic, Web-accessible GIS solution for K-12 science education and citizen-based watershed monitoring. The server side consists of ArcView IMS running on an NT workstation. The client is built around MapCafe. The client interface, which runs through a standard Web browser, supports standard MapCafe…

Enhancing Accessibility of Web Content for the Print-Impaired and Blind People

Science.gov (United States)

Chalamandaris, Aimilios; Raptis, Spyros; Tsiakoulis, Pirros; Karabetsos, Sotiris

Blind people and in general print-impaired people are often restricted to use their own computers, enhanced most often with expensive, screen reading programs, in order to access the web, and in a form that every screen reading program allows to. In this paper we present SpellCast Navi, a tool that is intended for people with visual impairments, which attempts to combine advantages from both customized and generic web enhancement tools. It consists of a generically designed engine and a set of case-specific filters. It can run on a typical web browser and computer, without the need of installing any additional application locally. It acquires and parses the content of web pages, converts bi-lingual text into synthetic speech using high quality speech synthesizer, and supports a set of common functionalities such as navigation through hotkeys, audible navigation lists and more. By using a post-hoc approach based on a-priori information of the website's layout, the audible presentation and navigation through the website is more intuitive a more efficient than with a typical screen reading application. SpellCast Navi poses no requirements on web pages and introduces no overhead to the design and development of a website, as it functions as a hosted proxy service.

A Model-driven Role-based Access Control for SQL Databases

Directory of Open Access Journals (Sweden)

Raimundas Matulevičius

2015-07-01

Full Text Available Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC, which restricts system access to authorised users. While the benefits of RBAC are widely acknowledged, the implementation and administration of RBAC policies remains a human intensive activity, typically postponed until the implementation and maintenance phases of system development. This deferred security engineering approach makes it difficult for security requirements to be accurately captured and for the system’s implementation to be kept aligned with these requirements as the system evolves. In this paper we propose a model-driven approach to manage SQL database access under the RBAC paradigm. The starting point of the approach is an RBAC model captured in SecureUML. This model is automatically translated to Oracle Database views and instead-of triggers code, which implements the security constraints. The approach has been fully instrumented as a prototype and its effectiveness has been validated by means of a case study.