A Capability-Based Module System for Authority Control (Artifact)

This artifact is intended to demonstrate the module system of the Wyvern programming language and consists of a Linux virtual machine with a snapshot of the Wyvern programming language\u27s codebase. The Wyvern codebase contains a test suite that corresponds to the code examples in the paper accompanying the artifact. In addition, the artifact contains a document describing how to compile and run Wyvern programs

Routines and representations at work - observing the architecture of conceptual design

routines, representations, artifacts, product development, workplace observation, evolutionary economics, chip manufacturing

A Capability-Based Module System for Authority Control

The principle of least authority states that each component of the system should be given authority to access only the information and resources that it needs for its operation. This principle is fundamental to the secure design of software systems, as it helps to limit an application\u27s attack surface and to isolate vulnerabilities and faults. Unfortunately, current programming languages do not provide adequate help in controlling the authority of application modules, an issue that is particularly acute in the case of untrusted third-party extensions. In this paper, we present a language design that facilitates controlling the authority granted to each application module. The key technical novelty of our approach is that modules are first-class, statically typed capabilities. First-class modules are essentially objects, and so we formalize our module system by translation into an object calculus and prove that the core calculus is type-safe and authority-safe. Unlike prior formalizations, our work defines authority non-transitively, allowing engineers to reason about software designs that use wrappers to provide an attenuated version of a more powerful capability. Our approach allows developers to determine a module\u27s authority by examining the capabilities passed as module arguments when the module is created, or delegated to the module later during execution. The type system facilitates this by identifying which objects provide capabilities to sensitive resources, and by enabling security architects to examine the capabilities passed into and out of a module based only on the module\u27s interface, without needing to examine the module\u27s implementation code. An implementation of the module system and illustrative examples in the Wyvern programming language suggest that our approach can be a practical way to control module authority

Towards Identity Relationship Management For Internet of Things

Identity and Access Management (IAM) is in the core of any information systems. Traditional IAM systems manage users, applications, and devices within organizational boundaries, and utilize static intelligence for authentication and access control. Identity federation has helped a lot to deal with boundary limitation, but still limited to static intelligence – users, applications and devices must be under known boundaries. However, today’s IAM requirements are much more complex. Boundaries between enterprise and consumer space, on premises and cloud, personal devices and organization owned devices, and home, work and public places are fading away. These challenges get more complicated for Internet of Things (IoTs) due to their diverse use and portability nature. IoTs are being used in consumer space, healthcare, manufacturing, retails, entertainment, transportation, public sector, and many other places. Identity Relationship Management (IRM) can help in solving some of these challenges as it uses a more natural way of access management - a relationship-based access control methodology. IRM can perform identity and relationship management beyond home and organizational boundaries and can simplify authorization and authentication using dynamic intelligence based on relationship. In this research, we studied the needs of IRM for the Internet of Things. We explored four fundamental questions in IRM: what relationships need to be supported in IRM, how relationships can be supported in IRM, how relationship can be used for access control, and finally what infrastructure is required to support IRM. Since relationship is globally spread out and perimeter-less in nature, we designed the IRM service with a global scalable, modular, and borderless architecture. Instead of building something from scratch, we slightly modified the UMA 2.0 protocol built on top of OAuth 2.0 to make the relationship-based access control feature easily pluggable with existing IAM frameworks. We implemented a proof-of-concept to demonstrate and analyze the results of this research. This dissertation serves as the foundation for future research and development in IRM domain

A Design Theory for Digital Platforms Supporting Online Communities: A Multiple Case Study

This research proposes and validates a design theory for digital platforms that support online communities (DPsOC). It addresses ways in which digital platforms can effectively support social interactions in online communities. Drawing upon prior literature on IS design theory, online communities, and platforms, we derive an initial set of propositions for designing effective DPsOC. Our overarching proposition is that three components of digital platform architecture (core, interface, and complements) should collectively support the mix of the three distinct types of social interaction structures of online community (information sharing, collaboration, and collective action). We validate the initial propositions and generate additional insights by conducting an in-depth analysis of an European digital platform for elderly care assistance. We further validate the propositions by analyzing three widely used digital platforms, including Twitter, Wikipedia, and Liquidfeedback, and we derive additional propositions and insights that can guide DPsOC design. We discuss the implications of this research for research and practice

An Evolutionary Perspective of Radical Innovation and its implications for Management and Organizations

The thesis develops an evolutionary perspective of technological change based on a complex analogy between biological and technological evolution. The theoretical framework is based on a rich tradition of interdisciplinary research, integrating Herbert Simon\u2019s seminal theory on modular complex systems, artifact-centered evolutionary models of innovation (e.g. Basalla\u2019s), and fundamental evolutionary processes recently researched in microbiology \u2013 including in particular exaptation and horizontal transfer. The novel evolutionary perspective is supported by analytical narratives of paradigmatic historical and prehistorical cases \u2013 including the bow-and-arrow and the turbojet revolution \u2013 emphasizing its explanatory power in understanding presumptive anomalies and the inception of radical innovation. Finally, some implications for innovation management (managing creative radical engineering), organizations (rethinking the mirror hypothesis) are explored as promising implications of this novel perspective of technological change.The thesis develops an evolutionary perspective of technological change based on a complex analogy between biological and technological evolution. The theoretical framework is based on a rich tradition of interdisciplinary research, integrating Herbert Simon\u2019s seminal theory on modular complex systems, artifact-centered evolutionary models of innovation (e.g. Basalla\u2019s), and fundamental evolutionary processes recently researched in microbiology \u2013 including in particular exaptation and horizontal transfer. The novel evolutionary perspective is supported by analytical narratives of paradigmatic historical and prehistorical cases \u2013 including the bow-and-arrow and the turbojet revolution \u2013 emphasizing its explanatory power in understanding presumptive anomalies and the inception of radical innovation. Finally, some implications for innovation management (managing creative radical engineering), organizations (rethinking the mirror hypothesis) are explored as promising implications of this novel perspective of technological change

Design and development of certification compliance tool for airborne systems.

Certification compliance check for airborne software is very critical as it aids in the certification of the software. Since this compliance check is performed manually which is time-consuming and erroneous, an in-house developed Certification Compliance Tool (CCT) helps in checking the compliance as per RTCA DO-178B/C and generate artifacts depicting the magnitude of compliance. In order to generate the magnitude of compliance for the artifacts with respect to the Civil Aerospace Certification standard, RTCA DO-178B/C, an effective parsing technique is required to be incorporated to parse the artifact/s and generate compliance metric for the artifact/s. In this paper we propose a novel approach used in the design and development of an effective and efficient parsing technique incorporated in the indigenous software tool CCT used for compliance check. The tool checks the ratio of compliance of the artifacts generated across various phases of Software Development Life Cycle (SDLC) process involved in the development of Safety-Critical software as per RTCA DO-178B/C. The indigenous tool accepts these artifacts as inputs and based on the software criticality level, it analyzes the compliance of these artifacts with the guidelines provided and recommended by RTCA DO-178B/C. The output of the tool provides the percentage of compliance of the artifacts that helps in accessing the Certification capabilities of the developed software. The percentage of compliance predicts the acceptance or rejection probabilities of the software being certified by the Certification Agency. The certification parser is developed using Python modules like Pywin32, Pypdf parsers and different approaches for Natural language processing using Python Natural Language Toolkit (NLTK). The in-house tool replaces the manual effort by an individual/s which may be erroneous and impact the time-schedule, which compromises the software safety. The integration of the tool with commercial tools will help in analyzing the report/ documentation content with respect to the certification

A FRAMEWORK FOR NEXT GENERATION iCBT APPLICATIONS FOR SAD PATIENTS

Our paper aims to develop a web-based IT system based on a framework for CCBT and iCBT applications for the treatment of mild to moderate SAD diagnoses. We place our research in the intervention area of CCBT, where the facilitation of interaction with therapists in a non-threatening environment, peer interaction, and access to self-help and educational resources, will likely lead to changes in the perception of the self and a reduction of SAD symptoms in patients. This DSR proposal contributes with a novel requirements engineering and validation process through an adaptation of Activity Theory. It also leveraged the SAD model to derive a framework that caters to SAD patients. And lastly it provides an artifact that acts like a platform to deliver CBT that can be generalized to other disorders