“One Size Can Fit All” – On the Mass Production of Legal Transplants

Law reformers like the World Bank sometimes suggest that optimal legal rules and institutions can be recognized and then be recommended for law reform in every country in the world. Comparative lawyers have long been skeptical of such views. They point out that both laws and social problems are context-specific. What works in one context may fail in another. Instead of “one size fits all,” they suggest tailormade solutions. I challenge this view. Drawing on a comparison with IKEA’s global marketing strategy, I suggest that “one size fits all” can sometimes be not only a successful law reform strategy, but also not as objectionable as critics make it to be. First, whereas, “one size fits all” is deficient a functionalist position, it proves to be surprisingly successful as a formalist conception. Second, critics of legal transplants often insists on what can be called “best law” approach, whereas in law reform, what we sometimes need is law that is just” good enough” law. “Third, legal transplants no longer happen in isolation but rather on a global scale, so that context-specific rules are no longer necessarily local. This is not a plea for formal law, for commodification of laws, and for “one size fits all”. But it is a plea to overcome the romanticism and elitism that may lurk behind the seemingly benign suggestion that law reform must always be tailored to the specific societal context

Content-Based Access Control

In conventional database, the most popular access control model specifies policies explicitly for each role of every user against each data object manually. Nowadays, in large-scale content-centric data sharing, conventional approaches could be impractical due to exponential explosion of the data growth and the sensitivity of data objects. What's more, conventional database access control policy will not be functional when the semantic content of data is expected to play a role in access decisions. Users are often over-privileged, and ex post facto auditing is enforced to detect misuse of the privileges. Unfortunately, it is usually difficult to reverse the damage, as (large amount of) data has been disclosed already. In this dissertation, we first introduce Content-Based Access Control (CBAC), an innovative access control model for content-centric information sharing. As a complement to conventional access control models, the CBAC model makes access control decisions based on the content similarity between user credentials and data content automatically. In CBAC, each user is allowed by a metarule to access "a subset" of the designated data objects of a content-centric database, while the boundary of the subset is dynamically determined by the textual content of data objects. We then present an enforcement mechanism for CBAC that exploits Oracles Virtual Private Database (VPD) to implement a row-wise access control and to prevent data objects from being abused by unnecessary access admission. To further improve the performance of the proposed approach, we introduce a content-based blocking mechanism to improve the efficiency of CBAC enforcement to further reveal a more relevant part of the data objects comparing with only using the user credentials and data content. We also utilized several tagging mechanisms for more accurate textual content matching for short text snippets (e.g. short VarChar attributes) to extract topics other than pure word occurrences to represent the content of data. In the tagging mechanism, the similarity of content is calculated not purely dependent on the word occurrences but the semantic topics underneath the text content. Experimental results show that CBAC makes accurate access control decisions with a small overhead

Contribución del E-Learning al desempeño académico en la educación superior años 2016 al 2020

La presente investigación tuvo como objetivo general determinar como el e-learning contribuye el desempeño académico en la educación superior. Se utilizó la metodología de revisión sistemática, mediante el método Cochrane, la población estuvo compuesta por los criterios de búsqueda (e-learning, desempeño académico y la relación de estas variables) así como los repositorios indexados entre los que destacaron Science Direct, Scielo, ResearchGate, Redalyc, Google académico, Alicia Concytec entre otros. Los resultados de la revisión nos permiten concluir: se encontró 10 investigaciones Correlacional es (29%), 6 Cuasi Experimental es (18%), 14 Descriptivo simple (41%), 3 Revisión Sistemática (9%) y 1 Pre experimental (3%). Todas ellas han permitido hacer una revisión del estado actual de conocimiento de las variables y su relación, así como verificar empíricamente a través de los diseños metodológicos ya descritos que hay una muy significativa relación entre el e-learning y el rendimiento académico. Sobre la cualidad de las variables y naturaleza holística, 13% fueron artículos de tipo cualitativos. Por lo que se logró demostrar la contribución del e-learning al desempeño académico en la educación superior desde criterios cualitativos y cuantitativos

Development of a secure multi-factor authentication algorithm for mobile money applications

A Thesis Submitted in Fulfillment of the Requirements for the Degree of Doctor of Philosophy in Information and Communication Science and Engineering of the Nelson Mandela African Institution of Science and TechnologyWith the evolution of industry 4.0, financial technologies have become paramount and mobile money as one of the financial technologies has immensely contributed to improving financial inclusion among the unbanked population. Several mobile money schemes were developed but, they suffered severe authentication security challenges since they implemented two-factor authentication. This study focused on developing a secure multi-factor authentication (MFA) algorithm for mobile money applications. It uses personal identification numbers, one-time passwords, biometric fingerprints, and quick response codes to authenticate and authorize mobile money subscribers. Secure hash algorithm-256, Rivest-Shamir-Adleman encryption, and Fernet encryption were used to secure the authentication factors, confidential financial information and data before transmission to the remote databases. A literature review, survey, evolutionary prototyping model, and heuristic evaluation and usability testing methods were used to identify authentication issues, develop prototypes of native genuine mobile money (G-MoMo) applications, and identify usability issues with the interface designs and ascertain their usability, respectively. The results of the review grouped the threat models into attacks against privacy, authentication, confidentiality, integrity, and availability. The survey identified authentication attacks, identity theft, phishing attacks, and PIN sharing as the key mobile money systems’ security issues. The researcher designed a secure MFA algorithm for mobile money applications and developed three native G-MoMo applications to implement the designed algorithm to prove the feasibility of the algorithm and that it provided robust security. The algorithm was resilient to non-repudiation, ensured strong authentication security, data confidentiality, integrity, privacy, and user anonymity, was highly effective against several attacks but had high communication overhead and computational costs. Nevertheless, the heuristic evaluation results showed that the G-MoMo applications’ interface designs lacked forward navigation buttons, uniformity in the applications’ menu titles, search fields, actions needed for recovery, and help and documentation. Similarly, the usability testing revealed that they were easy to learn, effective, efficient, memorable, with few errors, subscriber satisfaction, easy to use, aesthetic, easy to integrate, and understandable. Implementing a secure mobile money authentication and authorisation by combining multiple factors which are securely stored helps mobile money subscribers and other stakeholders to have trust in the developed native G-MoMo applications

Inherently flexible software

Software evolution is an important and expensive consequence of software. As Lehman's First Law of Program Evolution states, software must be changed to satisfy new user requirements or become progressively less useful to the stakeholders of the software. Software evolution is difficult for a multitude of different reasons, most notably because of an inherent lack of evolveability of software, design decisions and existing requirements which are difficult to change and conflicts between new requirements and existing assumptions and requirements. Software engineering has traditionally focussed on improvements in software development techniques, with little conscious regard for their effects on software evolution. The thesis emphasises design for change, a philosophy that stems from ideas in preventive maintenance and places the ease of software evolution more at the centre of the design of software systems than it is at present. The approach involves exploring issues of evolveability, such as adaptability, flexibility and extensibility with respect to existing software languages, models and architectures. A software model, SEvEn, is proposed which improves on the evolveability of these existing software models by improving on their adaptability, flexibility and extensibility, and provides a way to determine the ripple effects of changes by providing a reflective model of a software system. The main conclusion is that, whilst software evolveability can be improved, complete adaptability, flexibility and extensibility of a software system is not possible, hi addition, ripple effects can't be completely eradicated because assumptions will always persist in a software system and new requirements may conflict with existing requirements. However, the proposed reflective model of software (which consists of a set of software entities, or abstractions, with the characteristic of increased evolveability) provides trace-ability of ripple effects because it explicitly models the dependencies that exist between software entities, determines how software entities can change, ascertains the adaptability of software entities to changes in other software entities on which they depend and determines how changes to software entities affect those software entities that depend on them