Web engineering security: essential elements

Security is an elusive target in today’s high-speed and extremely complex, Web enabled, information rich business environment. This paper presents the idea that there are essential, basic organizational elements that need to be identified, defined and addressed before examining security aspects of a Web Engineering Development process. These elements are derived from empirical evidence based on a Web survey and supporting literature. This paper makes two contributions. The first contribution is the identification of the Web Engineering specific elements that need to be acknowledged and resolved prior to the assessment of a Web Engineering process from a security perspective. The second contribution is that these elements can be used to help guide Security Improvement Initiatives in Web Engineering

Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

Intelligent Agents for Disaster Management

ALADDIN [1] is a multi-disciplinary project that is developing novel techniques, architectures, and mechanisms for multi-agent systems in uncertain and dynamic environments. The application focus of the project is disaster management. Research within a number of themes is being pursued and this is considering different aspects of the interaction between autonomous agents and the decentralised system architectures that support those interactions. The aim of the research is to contribute to building more robust multi-agent systems for future applications in disaster management and other similar domains

Deep Drone Racing: From Simulation to Reality with Domain Randomization

Dynamically changing environments, unreliable state estimation, and operation under severe resource constraints are fundamental challenges that limit the deployment of small autonomous drones. We address these challenges in the context of autonomous, vision-based drone racing in dynamic environments. A racing drone must traverse a track with possibly moving gates at high speed. We enable this functionality by combining the performance of a state-of-the-art planning and control system with the perceptual awareness of a convolutional neural network (CNN). The resulting modular system is both platform- and domain-independent: it is trained in simulation and deployed on a physical quadrotor without any fine-tuning. The abundance of simulated data, generated via domain randomization, makes our system robust to changes of illumination and gate appearance. To the best of our knowledge, our approach is the first to demonstrate zero-shot sim-to-real transfer on the task of agile drone flight. We extensively test the precision and robustness of our system, both in simulation and on a physical platform, and show significant improvements over the state of the art.Comment: Accepted as a Regular Paper to the IEEE Transactions on Robotics Journal. arXiv admin note: substantial text overlap with arXiv:1806.0854

Human-agent collectives

We live in a world where a host of computer systems, distributed throughout our physical and information environments, are increasingly implicated in our everyday actions. Computer technologies impact all aspects of our lives and our relationship with the digital has fundamentally altered as computers have moved out of the workplace and away from the desktop. Networked computers, tablets, phones and personal devices are now commonplace, as are an increasingly diverse set of digital devices built into the world around us. Data and information is generated at unprecedented speeds and volumes from an increasingly diverse range of sources. It is then combined in unforeseen ways, limited only by human imagination. People’s activities and collaborations are becoming ever more dependent upon and intertwined with this ubiquitous information substrate. As these trends continue apace, it is becoming apparent that many endeavours involve the symbiotic interleaving of humans and computers. Moreover, the emergence of these close-knit partnerships is inducing profound change. Rather than issuing instructions to passive machines that wait until they are asked before doing anything, we will work in tandem with highly inter-connected computational components that act autonomously and intelligently (aka agents). As a consequence, greater attention needs to be given to the balance of control between people and machines. In many situations, humans will be in charge and agents will predominantly act in a supporting role. In other cases, however, the agents will be in control and humans will play the supporting role. We term this emerging class of systems human-agent collectives (HACs) to reflect the close partnership and the flexible social interactions between the humans and the computers. As well as exhibiting increased autonomy, such systems will be inherently open and social. This means the participants will need to continually and flexibly establish and manage a range of social relationships. Thus, depending on the task at hand, different constellations of people, resources, and information will need to come together, operate in a coordinated fashion, and then disband. The openness and presence of many distinct stakeholders means participation will be motivated by a broad range of incentives rather than diktat. This article outlines the key research challenges involved in developing a comprehensive understanding of HACs. To illuminate this agenda, a nascent application in the domain of disaster response is presented

A review of lean and agile management in humanitarian supply chains: analysing the pre-disaster and post-disaster phases and future directions

Disasters have quadrupled over the last two decades leading to unprecedented loss of life. The objective of disaster-focussed humanitarian supply chains (HSCs) is to ensure saving maximum lives with limited resources; despite severe uncertainties. Therefore, significant research has investigated lean and agile in HSCs; to effectively source and speedily deploy resources, with minimum wastage; in each disaster life-cycle phase. However, the literature and research findings are currently highly disjointed regarding how lean and agile principles may be aligned with different HSC activities in the disaster management lifecycle; and do not provide a collective understanding for practitioners and researchers. This paper reviews and organises the literature on HSCs in relation to lean and agile paradigms, focussing on the pre-disaster (mitigation and preparedness) and post-disaster (response and recovery) phases. Findings reveal, all phases benefit from both lean and agile, with agile benefitting the response phase most. The phases are inter-dependent and identifying optimum decoupling points for lean and agile principles are crucial. Majority research has focussed on individual or a couple of phases. Therefore, authors recommend research on integrating the functions of the different phases by employing lean and agile principles, to generate rapid response, economies of scale and cost minimisation

Managing for local resilience: towards a strategic approach

The term resilience is increasingly being used to capture the challenges involved in managing in ‘hard times’. This article aims to provide one of the first empirical studies of the term’s application to local authority interventions around emergency planning and climate change: two areas in which resilience has been particularly emphasised in local policy making. Drawing upon research undertaken in the north east of England, the article considers how local managers have understood and applied the term, the extent to which it has been developed as a coherent policy agenda, and its strategic significance. In reframing the debate on resilience in terms of discourses of ‘recovery’ and ‘transformation’, the article examines how, in addition to informing policy realities on the ground, resilience is also a normative, politically laden term, within which conservative narratives of uncertainty, vulnerability and anxiety compete with a more radical focus on hope, adaptation and transformation. The study reveals concerns over the term’s longevity, tensions between the different interpretations of resilience, and the lack of a coherent strategic framework within which the different discourses on resilience could be considered and reconciled. However, the article also captures the growing importance of a resilience narrative that is seen to add value in a period of austerity, integrate key features of climate change adaptation and emergency planning, and act as a ‘strategic lynchpin’ in relation to other policy areas, such as economic resilience