Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet

Shared visiting in Equator city

In this paper we describe an infrastructure and prototype system for sharing of visiting experiences across multiple media. The prototype supports synchronous co-visiting by physical and digital visitors, with digital access via either the World Wide Web or 3-dimensional graphics

Application of the internet technology and client/server paradigm for the implementation of REPI

There are many problems associated with Requirements Engineering such as defining the system scope, developing understanding among the communities involved in the system to be built, volatility of requirements etc. These problems may lead to poor requirements and therefore cancellation of the system development, or else the development of a system that is unsatisfactory, has high maintenance cost or is unacceptable. By improving Requirements Elicitation, the Requirements Engineering can be improved, leading to a better requirements specification and eventually a better product. Requirements Elicitation requires effective communication among the team members, as communication is the key factor. Easing communications between stakeholders and developers makes the process of Requirements Elicitation easier. REPI guides team members through the elicitation phase using the SEI\u27s framework. REPI forces stakeholders to explicitly describe the requirements resulting in reduced chances of misunderstood requirements, leading to better requirements specification

Outflanking and securely using the PIN/TAN-System

The PIN/TAN-system is an authentication and authorization scheme used in e-business. Like other similar schemes it is successfully attacked by criminals. After shortly classifying the various kinds of attacks we accomplish malicious code attacks on real World Wide Web transaction systems. In doing so we find that it is really easy to outflank these systems. This is even supported by the users' behavior. We give a few simple behavior rules to improve this situation. But their impact is limited. Also the providers support the attacks by having implementation flaws in their installations. Finally we show that the PIN/TAN-system is not suitable for usage in highly secure applications.Comment: 7 pages; 2 figures; IEEE style; final versio

Logistics of Mathematical Modeling-Focused Projects

This article addresses the logistics of implementing projects in an undergraduate mathematics class and is intended both for new instructors and for instructors who have had negative experiences implementing projects in the past. Project implementation is given for both lower and upper division mathematics courses with an emphasis on mathematical modeling and data collection. Projects provide tangible connections to course content which can motivate students to learn at a deeper level. Logistical pitfalls and insights are highlighted as well as descriptions of several key implementation resources. Effective assessment tools, which allowed me to smoothly adjust to student feedback, are demonstrated for a sample class. As I smoothed the transition into each project and guided students through the use of the technology, their negative feedback on projects decreased and more students noted how the projects had enhanced their understanding of the course topics. Best practices learned over the years are given along with project summaries and sample topics. These projects were implemented at a small liberal arts university, but advice is given to extend them to larger classes for broader use.Comment: 27 pages, no figures, 1 tabl

PicoGrid: A Web-Based Distributed Computing Framework for Heterogeneous Networks Using Java

We propose a framework for distributed computing applications in heterogeneous networks. The system is simple to deploy and can run on any operating systems that support the Java Virtual Machine. Using our developed system, idle computing power in an organization can be harvested for performing computing tasks. Agent computers can enter and leave the computation at any time which makes our system very flexible and easily scalable. Our system also does not affect the normal use of client machines to guarantee satisfactory user experience. System tests show that the system has comparable performance to the theoretical case and the computation time is significantly reduced by utilizing multiple computers on the network

noteEd - A web-based lecture capture system

Electronic capture and playback of lectures has long been the aim of many academic projects. Synote is an application developed under MACFoB (Multimedia Annotation and Community Folksonomy Building) project to synchronise the playback of lecture materials. However, Synote provides no functionality to capture such multimedia. This project involves the creation of a system called noteEd, which will capture a range of multimedia from lectures and make them available to Synote. This report describes the evolution of the noteEd project throughout the design and implementation of the proposed system. The performance of the system was checked in a user acceptance test with the customer, which is discussed after screenshots of our solution. Finally, the project management is presented containing a final project evaluation