Security and computer forensics in web engineering education

The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications

Modeling of Personalized Privacy Disclosure Behavior: A Formal Method Approach

In order to create user-centric and personalized privacy management tools, the underlying models must account for individual users' privacy expectations, preferences, and their ability to control their information sharing activities. Existing studies of users' privacy behavior modeling attempt to frame the problem from a request's perspective, which lack the crucial involvement of the information owner, resulting in limited or no control of policy management. Moreover, very few of them take into the consideration the aspect of correctness, explainability, usability, and acceptance of the methodologies for each user of the system. In this paper, we present a methodology to formally model, validate, and verify personalized privacy disclosure behavior based on the analysis of the user's situational decision-making process. We use a model checking tool named UPPAAL to represent users' self-reported privacy disclosure behavior by an extended form of finite state automata (FSA), and perform reachability analysis for the verification of privacy properties through computation tree logic (CTL) formulas. We also describe the practical use cases of the methodology depicting the potential of formal technique towards the design and development of user-centric behavioral modeling. This paper, through extensive amounts of experimental outcomes, contributes several insights to the area of formal methods and user-tailored privacy behavior modeling

Security oriented e-infrastructures supporting neurological research and clinical trials

The neurological and wider clinical domains stand to gain greatly from the vision of the grid in providing seamless yet secure access to distributed, heterogeneous computational resources and data sets. Whilst a wealth of clinical data exists within local, regional and national healthcare boundaries, access to and usage of these data sets demands that fine grained security is supported and subsequently enforced. This paper explores the security challenges of the e-health domain, focusing in particular on authorization. The context of these explorations is the MRC funded VOTES (Virtual Organisations for Trials and Epidemiological Studies) and the JISC funded GLASS (Glasgow early adoption of Shibboleth project) which are developing Grid infrastructures for clinical trials with case studies in the brain trauma domain

Forensic Artifact Finder (ForensicAF): An Approach & Tool for Leveraging Crowd-Sourced Curated Forensic Artifacts

Current methods for artifact analysis and understanding depend on investigator expertise. Experienced and technically savvy examiners spend a lot of time reverse engineering applications while attempting to find crumbs they leave behind on systems. This takes away valuable time from the investigative process, and slows down forensic examination. Furthermore, when specific artifact knowledge is gained, it stays within the respective forensic units. To combat these challenges, we present ForensicAF, an approach for leveraging curated, crowd-sourced artifacts from the Artifact Genome Project (AGP). The approach has the overarching goal of uncovering forensically relevant artifacts from storage media. We explain our approach and construct it as an Autopsy Ingest Module. Our implementation focused on both File and Registry artifacts. We evaluated ForensicAF using systematic and random sampling experiments. While ForensicAF showed consistent results with registry artifacts across all experiments, it also revealed that deeper folder traversal yields more File Artifacts during data source ingestion. When experiments were conducted on case scenario disk images without apriori knowledge, ForensicAF uncovered artifacts of forensic relevance that help in solving those scenarios. We contend that ForensicAF is a promising approach for artifact extraction from storage media, and its utility will advance as more artifacts are crowd-sourced by AGP

Gouy Phase Radial Mode Sorter for Light: Concepts and Experiments

We present an in principle lossless sorter for radial modes of light, using accumulated Gouy phases. The experimental setups have been found by a computer algorithm, and can be intuitively understood in a geometric way. Together with the ability to sort angular-momentum modes, we now have access to the complete 2-dimensional transverse plane of light. The device can readily be used in multiplexing classical information. On a quantum level, it is an analog of the Stern-Gerlach experiment -- significant for the discussion of fundamental concepts in quantum physics. As such, it can be applied in high-dimensional and multi-photonic quantum experiments.Comment: main text: 7 pages, 5 figures. Supplementary Information: 5 pages, 4 figure

Report on the ECO-PB Workshop on the proposed EC Organic Seed Regime 2004

From the Introduction to the Proceedings "The European Consortium for Organic Plant Breeding (ECO-PB) is an active network supporting the production and use of organic seeds. It sees the European Union’s Organic Seed Regime as potentially a great step forward for in the development of organic seed but is concerned about the latest discussions regarding implementation per January 1st 2004. Current European Commission proposals seem to allow a great deal of room for derogation. Seed companies are indicating that this year (2003) their organic seed sales have already dropped. Growers are aware that the probable new rules will allow derogation even for those crops for which there is sufficient, appropriate organic seeds. A number of key seed companies have announced they will definitely stop their organic programmes should the criteria for derogation remain unclear and if derogation remains possible for all crops irrespective of availability, as it becomes financially unviable. That is a real threat and would be a great setback for ongoing efforts to build up a healthy organic seed sector and hence further close the organic production chain. Furthermore, we have received much feedback about national authorities which are tentative about how to tackle the national implementation of the new seed regulation. ECO-PB has therefore decided to organise at short notice a WORKSHOP on the ORGANIC SEED Regime 2004 to help clarify the above issues. We aim to facilitate an international discussion with key national players to exchange valuable information and concerns, and to establish common points of view on the organic seed regime in the organic sector on international level. The workshop will tie into discussions held and decisions made in the Article 14 Committee of the European Commission on April 4-6.

Palimpsests of the romantic

This articles offers a longue durée perspective to illustrate that just as romanticism was a necessary, though not single-handedly sufficient condition for nationalist movements of the 19th century, an understanding of later cultural and political phenomena – including contemporary neo-nationalisms – benefits from an appreciation of the romantics’ continuing, albeit often unacknowledged legacy. Empirically, we make this argument through select and carefully contextualized Polish and Austrian discursive ‘snapshots’. Conceptually, we propose that new theoretical terminology is needed, which we find in what we describe and analyse as palimpsests of the romantic. Key assumptions and sentiments that defined romanticism are thereby shown to be re- and over-written, under novel social conditions and by later generations of political and cultural actors in both Poland and Austria

Recoil Studies in the Reaction of 12-C Ions with the Enriched Isotope 118-Sn

The recoil properties of the product nuclei from the interaction of 2.2 GeV/nucleon 12-C ions from Nuclotron of the Laboratory of High Energies (LHE), Joint Institute for Nuclear Research (JINR) at Dubna with a 118-Sn target have been studied using catcher foils. The experimental data were analyzed using the mathematical formalism of the standard two-step vector model. The results for 12-C ions are compared with those for deuterons and protons. Three different Los Alamos versions of the Quark-Gluon String Model (LAQGSM) were used for comparison with our experimental data.Comment: 10 pages, 6 figures, submitted to Nucl. Phys.