26,169 research outputs found
Third Party Web Advertisements
Web is driving the evolution of the current system, allowing users to find, share and combine information more easily and delivery of web pages built for the content of websites. HTML, JavaScript and CSS no restrictions on a web page that includes elements or even delegating complete control of a fully decoupled website. These design options have contributed to a number of vulnerabilities well studied and known safety, including cross-site scripting (XSS) and cross-site request forgery (CSRF or XSRF) [1], allowing an unauthorized and unrelated "third party" web page to retrieve information or perform actions on the "website first part" that the user has interacted willingly
Delegating and Distributing Morality: Can We Inscribe Privacy Protection in a Machine?
This paper addresses the question of delegation of morality to a machine, through a consideration of whether or not non-humans can be considered to be moral. The aspect of morality under consideration here is protection of privacy. The topic is introduced through two cases where there was a failure in sharing and retaining personal data protected by UK data protection law, with tragic consequences. In some sense this can be regarded as a failure in the process of delegating morality to a computer database. In the UK, the issues that these cases raise have resulted in legislation designed to protect children which allows for the creation of a huge database for children. Paradoxically, we have the situation where we failed to use digital data in enforcing the law to protect children, yet we may now rely heavily on digital technologies to care for children. I draw on the work of Floridi, Sanders, Collins, Kusch, Latour and Akrich, a spectrum of work stretching from philosophy to sociology of technology and the “seamless web” or “actor–network” approach to studies of technology. Intentionality is considered, but not deemed necessary for meaningful moral behaviour. Floridi’s and Sanders’ concept of “distributed morality” accords with the network of agency characterized by actor–network approaches. The paper concludes that enfranchizing non-humans, in the shape of computer databases of personal data, as moral agents is not necessarily problematic but a balance of delegation of morality must be made between human and non-human actors
Take Me To Your Followers
In 1954, Dwight D. Eisenhower, then 34th President of the United States, defined leadership as ... the art of getting someone else to do something that you want done because he wants to do it, not because your position of power can compel him to do it, or your position of authority. No one disputes he was well-versed on the subject, seeing also that he had been Supreme Commander of the Allied Forces in Europe during the Second World War. In 1933, Mary Parker Follett, a management scholar far ahead of her time, had likewise underscored the role of followers: Their part is not merely to follow, they have a very active part to play and that is to keep the leader in control of a situation. Let us not think that we are either leaders or - nothing of much importance.
Alas, with the advent of The Man in the Gray Flannel Suit, insights such as these were blanked by the craze for captains of industry. Today, 30-40 years into the leadership industry, corporate shelves groan under the weight of handbooks on leadership theory and practice, all meaning to say leadership is a serious professional and personal responsibility. In spite of that, some such as Barbara Kellerman see a historical trajectory from autocracy to democracy that, with fast-paced cultural change, Baby Boomer replacement, and new information and communications technology, may soon end the leadership industry’s leader-centrism. The increasingly collective wisdom is that leadership happens in purposeful relationships in culture and context, not in individuals
A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web
Click-jacking protection on the modern Web is commonly enforced via client-side security mechanisms for framing control, like the X-Frame-Options header (XFO) and Content Security Policy (CSP). Though these client-side security mechanisms are certainly useful and successful, delegating protection to web browsers opens room for inconsistencies in the security guarantees offered to users of different browsers. In particular, inconsistencies might arise due to the lack of support for CSP and the different implementations of the underspecified XFO header. In this paper, we formally study the problem of inconsistencies in framing control policies across different browsers and we implement an automated policy analyzer based on our theory, which we use to assess the state of click-jacking protection on the Web. Our analysis shows that 10% of the (distinct) framing control policies in the wild are inconsistent and most often do not provide any level of protection to at least one browser. We thus propose recommendations for web developers and browser vendors to mitigate this issue. Finally, we design and implement a server-side proxy to retrofit security in web applications
Liquid FM: Recommending Music through Viscous Democracy
Most modern recommendation systems use the approach of collaborative
filtering: users that are believed to behave alike are used to produce
recommendations. In this work we describe an application (Liquid FM) taking a
completely different approach. Liquid FM is a music recommendation system that
makes the user responsible for the recommended items. Suggestions are the
result of a voting scheme, employing the idea of viscous democracy. Liquid FM
can also be thought of as the first testbed for this voting system. In this
paper we outline the design and architecture of the application, both from the
theoretical and from the implementation viewpoints
Rule-Based Application Development using Webdamlog
We present the WebdamLog system for managing distributed data on the Web in a
peer-to-peer manner. We demonstrate the main features of the system through an
application called Wepic for sharing pictures between attendees of the sigmod
conference. Using Wepic, the attendees will be able to share, download, rate
and annotate pictures in a highly decentralized manner. We show how WebdamLog
handles heterogeneity of the devices and services used to share data in such a
Web setting. We exhibit the simple rules that define the Wepic application and
show how to easily modify the Wepic application.Comment: SIGMOD - Special Interest Group on Management Of Data (2013
Transforming Internal Activities of Business Process Models to Services Compositions
As a service composition language, BPEL imposes as constraint that a business process model should consist only of activities for interacting with other business processes. BPEL provides limited support for implementing internal activities, i.e. activities that are performed by a single business process without involvement of other business processes. BPEL is hence not suitable to implement internal activities that include complex data manipulation. There are a number of options to make BPEL able to implement such internal activities. In this paper we analyse those options based on their feasibility, efficiency, reusability, portability and merging. The analysis indicates that delegating internal activities’ functionality to other services is the best option. We therefore present an approach for transforming internal activities to service invocations. The application of this approach on a business process model results in a service composition model that consists only of activities for interaction
- …