Viiteraamistik turvariskide haldamiseks plokiahela abil

Turvalise tarkvara loomiseks on olemas erinevad programmid (nt OWASP), ohumudelid (nt STRIDE), turvariskide juhtimise mudelid (nt ISSRM) ja eeskirjad (nt GDPR). Turvaohud aga arenevad pidevalt, sest traditsiooniline tehnoloogiline infrastruktuur ei rakenda turvameetmeid kavandatult. Blockchain näib leevendavat traditsiooniliste rakenduste turvaohte. Kuigi plokiahelapõhiseid rakendusi peetakse vähem haavatavateks, ei saanud need erinevate turvaohtude eest kaitsmise hõbekuuliks. Lisaks areneb plokiahela domeen pidevalt, pakkudes uusi tehnikaid ja sageli vahetatavaid disainikontseptsioone, mille tulemuseks on kontseptuaalne ebaselgus ja segadus turvaohtude tõhusal käsitlemisel. Üldiselt käsitleme traditsiooniliste rakenduste TJ-e probleemi, kasutades vastumeetmena plokiahelat ja plokiahelapõhiste rakenduste TJ-t. Alustuseks uurime, kuidas plokiahel leevendab traditsiooniliste rakenduste turvaohte, ja tulemuseks on plokiahelapõhine võrdlusmudel (PV), mis järgib TJ-e domeenimudelit. Järgmisena esitleme PV-it kontseptualiseerimisega alusontoloogiana kõrgema taseme võrdlusontoloogiat (ULRO). Pakume ULRO kahte eksemplari. Esimene eksemplar sisaldab Cordat, kui lubatud plokiahelat ja finantsjuhtumit. Teine eksemplar sisaldab lubadeta plokiahelate komponente ja tervishoiu juhtumit. Mõlemad ontoloogiaesitlused aitavad traditsiooniliste ja plokiahelapõhiste rakenduste TJ-es. Lisaks koostasime veebipõhise ontoloogia parsimise tööriista OwlParser. Kaastööde tulemusel loodi ontoloogiapõhine turberaamistik turvariskide haldamiseks plokiahela abil. Raamistik on dünaamiline, toetab TJ-e iteratiivset protsessi ja potentsiaalselt vähendab traditsiooniliste ja plokiahelapõhiste rakenduste turbeohte.Various programs (e.g., OWASP), threat models (e.g., STRIDE), security risk management models (e.g., ISSRM), and regulations (e.g., GDPR) exist to communicate and reduce the security threats to build secure software. However, security threats continuously evolve because the traditional technology infrastructure does not implement security measures by design. Blockchain is appearing to mitigate traditional applications’ security threats. Although blockchain-based applications are considered less vulnerable, they did not become the silver bullet for securing against different security threats. Moreover, the blockchain domain is constantly evolving, providing new techniques and often interchangeable design concepts, resulting in conceptual ambiguity and confusion in treating security threats effectively. Overall, we address the problem of traditional applications’ SRM using blockchain as a countermeasure and the SRM of blockchain-based applications. We start by surveying how blockchain mitigates the security threats of traditional applications, and the outcome is a blockchain-based reference model (BbRM) that adheres to the SRM domain model. Next, we present an upper-level reference ontology (ULRO) as a foundation ontology and provide two instantiations of the ULRO. The first instantiation includes Corda as a permissioned blockchain and the financial case. The second instantiation includes the permissionless blockchain components and the healthcare case. Both ontology representations help in the SRM of traditional and blockchain-based applications. Furthermore, we built a web-based ontology parsing tool, OwlParser. Contributions resulted in an ontology-based security reference framework for managing security risks using blockchain. The framework is dynamic, supports the iterative process of SRM, and potentially lessens the security threats of traditional and blockchain-based applications.https://www.ester.ee/record=b551352

Mobile Location Based Services for Mountaineering

Smart phones are widely accepted and popular with navigation and route guidance functionality becoming a standard feature. Locations based services, henceforth referred to as LBS in this document, are used in various contexts and are becoming more accessible with the wide adoption of mobile smart phones. Industry experts expect that Location based services to be a major success and will account for large market share and profits in mobile services. Service providers in this area are coming up with innovative services trying to grab a share in this potential area. On the other hand, there is also some pessimism on the pace at which LBS taking-off in practice due to various reasons. For any service or business to be successful it should create value to the end-users. There are many key players involved to make LBS realizable and providing value, which include technology providers, service providers, telecom companies, regulation and standardization bodies and end-users. This thesis is a literature review of LBS and its general applications in real world with emphasis on its use in mountaineering. Scope of this literature review is to study the components of LBS, its architecture, positioning techniques, general application area, established standards and potential business model. While emphasizing LBS use in mountaineering, a concluded LBS demo project for mountaineering, sponsored by Eu-ropean Commission, called PARAMOUNT (Public Safety & Commercial Info-Mobility Applications & Services in the Mountains) is taken as reference. From business pers-pective, a conceptual business model called STOF (Service, Technology, Organization and Finance) model is used to analyze PARAMOUNT. /Kir1

Social Net-working: Exploring the Political Economy of the Online Social Network Industry

This study explores the nascent political economy of the online social network industry. Exemplars of online social networking, Facebook and Twitter have often been understood as revolutionary New Media tools. My findings show that these social networks are taking on a logic of capitalist production and accumulation, calling into question their revolutionary character. Evidence suggests that user-generated content are now being commodified and exchanged for profit. A critical discourse analysis of Facebook and Twitter’s privacy policy and terms-of-use reveals that these texts primarily function as work contracts rather than treatises on privacy protection. Drawing on the work of Karl Marx, this study revisits his theory of value and develops an expanded form of variable capital model to demonstrate how social networkers fit into this new capitalist circuit of accumulation. This extension of the working day is problematic. Policy recommendations are offered in order to negate the commodification of user data

The Construction of Locative Situations: the Production of Agency in Locative Media Art Practice

This thesis is a practice led enquiry into Locative Media (LM) which argues that this emergent art practice has played an influential role in the shaping of locative technologies in their progression from new to everyday technologies. The research traces LM to its origins at the Karosta workshops, reviews the stated objectives of early practitioners and the ambitions of early projects, establishing it as a coherent art movement located within established traditions of technological art and of situated art practice. Based on a prescient analysis of the potential for ubiquitous networked location-awareness, LM developed an ambitious program aimed at repositioning emergent locative technologies as tools which enhance and augment space rather than surveil and control. Drawing on Krzysztof Ziarek\u27s treatment of avant-garde art and technology in The Force of Art , theories of technology drawn from Science and Technology Studies (STS) and software studies, the thesis builds an argument for the agency of Locative Media. LM is positioned as an interface layer which in connecting the user to the underlying functionality of locative technologies offers alternative interpretations, introduces new usage modes, and ultimately shifts the understanding and meaning of the technology. Building on the Situationist concept of the constructed situation, with reference to an ongoing body of practice, an experimental practice-based framework for LM art is advanced which accounts for its agency and, it is proposed, preserves this agency in a rapidly developing field

Practical, appropriate, empirically-validated guidelines for designing educational games

There has recently been a great deal of interest in the potential of computer games to function as innovative educational tools. However, there is very little evidence of games fulfilling that potential. Indeed, the process of merging the disparate goals of education and games design appears problematic, and there are currently no practical guidelines for how to do so in a coherent manner. In this paper, we describe the successful, empirically validated teaching methods developed by behavioural psychologists and point out how they are uniquely suited to take advantage of the benefits that games offer to education. We conclude by proposing some practical steps for designing educational games, based on the techniques of Applied Behaviour Analysis. It is intended that this paper can both focus educational games designers on the features of games that are genuinely useful for education, and also introduce a successful form of teaching that this audience may not yet be familiar with

Data and the city – accessibility and openness. a cybersalon paper on open data

This paper showcases examples of bottom–up open data and smart city applications and identifies lessons for future such efforts. Examples include Changify, a neighbourhood-based platform for residents, businesses, and companies; Open Sensors, which provides APIs to help businesses, startups, and individuals develop applications for the Internet of Things; and Cybersalon’s Hackney Treasures. a location-based mobile app that uses Wikipedia entries geolocated in Hackney borough to map notable local residents. Other experiments with sensors and open data by Cybersalon members include Ilze Black and Nanda Khaorapapong's The Breather, a "breathing" balloon that uses high-end, sophisticated sensors to make air quality visible; and James Moulding's AirPublic, which measures pollution levels. Based on Cybersalon's experience to date, getting data to the people is difficult, circuitous, and slow, requiring an intricate process of leadership, public relations, and perseverance. Although there are myriad tools and initiatives, there is no one solution for the actual transfer of that data

Bridging the Information Gap for Ulcerative Colitis Patients

Nearly all humans, throughout the course of their life, have been diagnosed with everything from a mild cold, to a viral infection, or perhaps a diagnosis of a chronic condition. Upon experiencing symptoms, patients are exposed to a plethora of information. The Internet holds home remedies, for those wary of the doctor\u27s office, or there are advice boards where people share their experiences, trials, and tribulations. In some cases, the doctor is the purveyor of the information and written materials are sent home with the patient dictating the regimen to follow to achieve wellness. However, some patients, particularly ulcerative colitis patients, find themselves without these written materials and without access to health information specifically tailored to their needs. Patients must forage for information while trying to maintain their health after diagnosis. This study explores the holes in the information-sharing process through interviews and surveys, focusing specifically on patients, technical medical writers, and gastroenterologists. The study finds most ulcerative colitis patients do not receive the information they need