132 research outputs found
Formal analysis of security models for mobile devices, virtualization platforms and domain name systems
En esta tesis investigamos la seguridad de aplicaciones de seguridad criticas, es decir aplicaciones en las cuales una falla podria producir consecuencias inaceptables. Consideramos tres areas: dispositivos moviles, plataformas de virtualizacion y sistemas de nombres de dominio. La plataforma Java Micro Edition define el Perfil para Dispositivos de Informacion Moviles (MIDP) para facilitar el desarrollo de aplicaciones para dispositivos moviles, como telefonos celulares y asistentes digitales personales. En este trabajo primero estudiamos y comparamos formalmente diversas variantes del modelo de seguridad especificado por MIDP para acceder a recursos sensibles de un dispositivo movil. Los hipervisores permiten que multiples sistemas operativos se ejecuten en un hardware compartido y ofrecen un medio para establecer mejoras de seguridad y flexibilidad de sistemas de software. En esta tesis formalizamos un modelo de hipervisor y establecemos (formalmente) que el hipervisor asegura propiedades de aislamiento entre los diferentes sistemas operativos de la plataforma, y que las solicitudes de estos sistemas son atendidas siempre. Demostramos tambien que las plataformas virtualizadas son transparentes, es decir, que un sistema operativo no puede distinguir si ejecuta solo en la plataforma o si lo hace junto con otros sistemas operativos. Las Extensiones de Seguridad para el Sistema de Nombres de Dominio (DNSSEC) constituyen un conjunto de especificaciones que proporcionan servicios de aseguramiento de autenticacion e integridad de origen de datos DNS. Finalmente, presentamos una especificaci´on minimalista de un modelo de DNSSEC que proporciona los fundamentos necesarios para formalmente establecer y verificar propiedades de seguridad relacionadas con la cadena de confianza del arbol de DNSSEC. Desarrollamos todas nuestras formalizaciones en el C´alculo de Construccion
Especificación y verificación formal de sistemas críticos : Análisis de modelos de seguridad para dispositivos móviles
Este documento presenta resultados generados principalmente en el marco de una línea de investigación que involucra a dos proyectos de investigación: "Especificación formal y verificación de sistemas críticos", SeCyT-FCEIA, UNR (ING266), Argentina; y "STEVE: Seguridad a Través de Evidencia VErificable", proyecto PDT, DINACYT, Uruguay.
Asimismo, algunas actividades de estos proyectos se enmarcaron en un proyecto de cooperación STIC-AMSUD:
"ReSeCo: Reliability and Security of Distributed Software Components". El artículo describe esencial y sucintamente los trabajos realizados, las principales publicaciones obtenidas y la formación de recursos humanos en Argentina y Uruguay.Eje: Aspectos teóricos de Ciencias de la ComputaciónRed de Universidades con Carreras en Informática (RedUNCI
M-Learning Using Mobile Learning Engine
The objective of M-Learning is to integrate the technology combined
with the education in order to enhance the effectiveness of student's traditional
learning process. In order to explore the use of mobile and handheld IT devices
as a learning tool, many factors need to be considered such as its constraint and
limitations. Therefore, intensive researches need to be done. The main purpose
of M-Learning is to create flexible learning environment for students where the
implementation of just-in-time learning is applied. Besides, it creates new
approach of learning style. The most challenging part in implementing MLearning
is in delivering the content as how users will view the materials in
mobile devices instead of the usual large screen desktops. Apart from that, the
technology of M-Learning is still new in Malaysia, therefore, a lot of risk and
challenges involved in this project. Meanwhile, the target user is students. In
this project the methodology used follows four processes which are planning,
analysis, design and implementation. Efficiency and flexibly together with
ease ofuse become the essential elements inconstructing the final system
A Certified Access Controller for JME-MIDP 2.0 enabled Mobile Devices
Mobile devices, like cell phones and PDAs, allow to store information and to establish connections with external entities. In this sort of devices it is important to guarantee confidentiality and integrity of the stored data as well as ensure service availability. The JME platform, a Java enabled technology, provides the MIDP standard that facilitates applications development and specifies a security model for the controlled access to sensitive resources of the device. This paper describes a high level formal specification of an access controller for JME-MIDP 2.0. This formal definition of the controller has been obtained as an extension of a specification, developed using the Calculus of Inductive Constructions and the proof assistant Coq, of the MIDP 2.0 security model. The paper also discusses the refinement of the specification into an executable model and describes the algorithm which has been proven to be a correct implementation of the specified access controller
Exploring the possibilities of three dimensional image manipulations on mobile devices
With the introduction of more powerful mobile microprocessors and colour screen technology, complex image manipulations on various mobile devices such as mobile phones and handheld devices have become a reality. As a consequence of these improvements, there has been an increasing demand by users for interactive computer games which produce complex graphics by utilizing these advanced hardware technologies. Three dimensional (3D) graphics have been used to produce realistic interactive imaging for computer games during recent years. Java, through its mobile device programming platform, provides the framework for such complex image manipulations in computer games deployed on Java compatible mobile devices. However, the lack of a standard 3D application-programming interface (API), supported by mobile phone manufactures, has resulted in the need for program developers to use custom APis to create 3D programs such as the WGE (Wireless Graphics Engine) API produced by TTPcom. There is some evidence that the use of custom APis to develop 3D graphic images may result in poor compatibility and performance across different mobile platforms and devices This study initially examines the proposed Sun Microsystems specification for the Java 2 Micro Edition (J2ME) Mobile 3D API for the development of 3D graphics programming of mobile devices. These specifications have been designed to create an Industry standard Mobile 3D API. In addition, this study investigates the current specification for the Java 2 Micro Edition (CDDC1.0.3), to ascertain to what extent the development of 3D gaming on mobile devices is effected by the deficiencies in the current specification. These deficiencies include a Jack of support of for a floating point data type and the specification\u27s reliance on fixed-point number calculations for developing 3D graphics. An assessment will be made to determine how these deficiencies influence the performance, stability of 3D algorithms deployed on different mobile device platforms. Investigations carried out on 3D graphics algorithm implementations on Java 2 Standard Edition (J2SE) platform suggests that the implementations rely on float data type and that the CLDC 1.0.3 configuration layer does not support the float data type. Experiments were conducted to determine whether fixed-point number methods can be used effectively to conduct precision calculations. These calculations are required to implement the 3D algorithms for the J2ME platform. In order to assess this, a simulation study was conducted on a number of emulators released by Nokia, Motorola and Siemens mobile phone manufactures. In addition, the algorithms were tested on a Java compatible Nokia 6610 mobile phone to ascertain if findings from emulator studies could be replicated on phones. The emulator study findings suggest that 3D algorithm implementations using fixed-point methods are compatible on Java compatible mobile handsets released by Nokia, Motorola and Siemens. Further more, it was shown that the fixed-point methods are suitable for implementing simple 3D algorithms (Rotation, Scaling and Translation). However, it was found that these methods were not suitable for extreme precision calculations such as Cartesian curve generations
Development of an Ontology-based Framework and Tool for Employer Information Requirements (OntEIR)
The identification of proper requirements is a key factor for a successful construction project. Many attempts in the form of frameworks, models, and tools have been put forward to assist in identifying those requirements. In projects using Building Information Modelling (BIM), the Employer Information Requirements (EIR) is a fundamental ingredient in achieving a successful BIM project.As of April 2016, Building Information Modelling (BIM) was mandated for all UK government projects, as part of the Government Construction Strategy. This means that all central Government departments must only tender with suppliers that demonstrate their capability on working with the Level-2 BIM.One of the fundamental ingredients of achieving the BIM Level-2 is the provision of full and clear Employer Information Requirements (EIR). As defined by PAS 1192-2, EIR is a “pre- tender document that sets out the information to be delivered and the standards and processes to be adopted by the suppler as part of the project delivery process”. it also notes that “EIR should be incorporated into tender documentation to enable suppliers to produce an initial BIM Execution Plan (BEP)”.Effective definition of EIRs can contribute to better productivity; within the budget and time limit set and improve the quality of the built facility. Also, EIR contribute to the information clients get at the end of the project, which will enable the effective management and operation of the asset at less cost, in an industry, where typically 60% of the cost go towards maintenance and operation.The aim of this research is to develop a better approach, for producing a full and complete set of EIRs, which ensures that the clients information needs for the final model delivered by BIM be clearly defined from the very beginning of the BIM process. It also manages the collaboration between the different stakeholders of the project, which allows them to communicate and deliver to the client’s requirements. In other words, an EIR that manages the whole BIM process and the information delivered throughout its lifecycle, and the standards to be adopted by the suppliers as an essential ingredient for the success of a BIM project. For the research to be able to achieve the aims set and the formulated objectives, firstly a detailed and critical review on related work and issues was conducted. Then the initial design of the OntEIR Framework, which introduced the new categorisation system of the information requirements and the elicitation of requirements from high-level needs using ontology was presented. A research prototype of an online tool was developed as a proof-of- concept to implement and operationalise the research framework.The evaluation of the framework and prototype tool via interviews and questionnaires was conducted with both industry experts and inexperienced stakeholders. The findings indicateivthat the adoption of the framework and tool, in addition to the new categorisation system, could contribute towards effective and efficient development of EIRs that provide a better understanding of the information requirements as requested by BIM, and support the production of a complete BIM Execution Plan (BEP) and a Master Information Delivery Plan (MIDP)
Point of Care Healthcare Quality Control for Patients Using Mobile Devices
The advances made in the domain of mobile telecommunications over the last decade offer great potential for developments in many areas. One such area that can benefit from mobile communications is telemedicine, which is the provision of medical assistance, in one form or another, to patients who are geographically separated from the healthcare provider. When a person is ill, individual attention from medical professionals is of the utmost importance until they have returned to full health. However, people who suffer with long term and chronic illnesses may need life long care and often must manage their condition at home. Many chronically ill patients manage their condition themselves and perform ‘self-testing’ with Point of Care Test (POCT) equipment as part of this condition management. When a specimen sample is analysed at home with a POCT device, a result is available to the patient almost immediately, but the result cannot be proven to be plausible for the patient unless it is validated by the hospital systems. In addition to this the hospital is unaware of the patients condition and progress between hospital visits. This research addresses some of the issues and problems that fact patients who use POCT equipment to ‘self-manage’ their condition at home. Using mobile phone technologies and the Java platform, three alternative methods for providing patients with a service of POCT result validation and storage was designed. The implementation and test of these systems, proves that a mobile phone solution to the issues associated with patient self-testing is possible and can greatly contribute to the quality of patient care
Seguridad informática en la Universidad de la República
Este artículo presenta al Grupo de Seguridad Informática de la Facultad de Ingeniería de la Universidad de la República (Uruguay), creado en 2006. Se describen los trabajos de investigación del grupo y los resultados generados, proveyendo referencias a sus artículos publicados. Se incluye asimismo una breve descripción de la actividad de formación curricular universitaria a cargo del equipo
DEVELOPMENT AND USABILITY EVALUATION OF PLATFORM INDEPENDENT MOBILE LEARNING APPLICATION (M-LA)
In today’s digital age, wireless technology and widespread use of handheld devices are going under a continuous advancement to provide information anywhere and at anytime. Furthermore, these technologies are being utilized in the field of education and called mobile learning (M-Learning). Hence, M-learning means using of mobile devices and wireless computing as a learning instrument and communication technology respectively. The limitations of M-learning include either hardware or software of mobile devices, content creation, and no standards for mobile learning system (M-LS), wireless technology, and security. The main objectives of this research are to study and design model for M-learning approach; to develop platform independent M-learning application (M-LA) for Fundamentals of Programming course; to design M-LS platform classification, and to evaluate the effectiveness and usability of the application. In addition, under the development of this application the following aspects are considered: learning theories, M-learning development principles, and some of the aforementioned M-learning limitations. To achieve the above mentioned objectives, ADDIE (Analysis, Design, Development, Implementation, and Evaluation) life cycle is adapted which is one type of instructional design model (IDM). The application has been developed using Java 2 Micro Edition (J2ME), and Extensible Markup Language (XML). It contains several sections, but the main modules are Lecture Materials, and Quiz. Quasi Experiment Design and usability attributes was used to evaluate the effectiveness and usability of the application respectively using Universiti Teknologi PETRONAS foundation students. Finally, the data was analyzed using quantitative and qualitative method. The quantitative data was analyzed using coefficient variance and independent t-Test, and Cronbach alpha used to measure the internal reliability of the data. Overall results show that M-LA is efficient to improve learners’ performance, makes learning enjoyable, support continuous learning and learning time is reduced, and fulfilled the usability needs
Recommended from our members
Semi-automated mobile television interactive application generation based on XHTML and Java ME
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University, 11/02/2011.Mobile Digital TV (MDTV), the hybrid of Digital Television (DTV) and mobile devices (such as mobile phones), has introduced a new way for people to watch DTV and has brought new opportunities for development in the DTV industry. Nowadays, the development of the next generation MDTV service has progressed in terms of both hardware layers and software, with interactive services/applications becoming one of the future MDTV service trends. However, current MDTV interactive services still lack in terms of attracting the consumers and the service creation and implementation process relies too much on commercial solutions, resulting in most parts of the process being proprietary. In addition, this has increased the technical demands for developers as well as has increased substantially the cost of producing and maintaining MDTV services. In light of the aforementioned situation, the Thesis has contributed to this field, by proposing an innovative MDTV service creation and consumption system based on XHTML and Java ME. On the head-end it introduces a semi-automatic creation mechanism to facilitate a less technical and more efficient interactive service creation process. This enables designers and creative individuals to be actively involved in the MDTV service creation process and to develop interactive-rich MDTV service. On the client-end it employs an open-source software environment as the interactive service MDTV consumption platform, rendering the MDTV service implementation process as less proprietary as possible. Furthermore, the Thesis offers a discussion on the different MDTV interactive application models currently used and based on the proposed software, a novel MDTV service presentation method is further introduced and adopted instead of the Rich Media and ECMAScript based methods. Finally, a series of qualitative testing procedures have been implemented with regards to conducting an essential evaluation on the operability of the proposed software system
- …