A MultiAgent System for Choosing Software Patterns

Software patterns enable an efficient transfer of design experience by documenting common solutions to recurring design problems. They contain valuable knowledge that can be reused by others, in particular, by less experienced developers. Patterns have been published for system architecture and detailed design, as well as for specific application domains (e.g. agents and security). However, given the steadily growing number of patterns in the literature and online repositories, it can be hard for non-experts to select patterns appropriate to their needs, or even to be aware of the existing patterns. In this paper, we present a multi-agent system that supports developers in choosing patterns that are suitable for a given design problem. The system implements an implicit culture approach for recommending patterns to developers based on the history of decisions made by other developers regarding which patterns to use in related design problems. The recommendations are complemented with the documents from a pattern repository that can be accessed by the agents. The paper includes a set of experimental results obtained using a repository of security patterns. The results prove the viability of the proposed approach

Sustaining Social Security in an Era of Population Aging

John A. Turner offers a set of reforms for restoring solvency to Social Security that are deemed to have merit in the current political climate. These reforms relate to several vexing issues including increased life expectancy, the growing relationship between income and life expectancy, the declines in the physical demands of jobs, growing income inequality, and the pattern of poverty increasing at older ages.https://research.upjohn.org/up_press/1257/thumbnail.jp

Providing for the common defense: internal security and the Cold War, 1945-1975

While the historiography of the Red Scare has often discussed the major internal security legislation passed during the period, the legislation in question is often given short shrift and characterized as a misguided response by Congress. It is important to examine this legislation not only for what it did for the internal security of the nation, but also for what it meant symbolically. Implementation of governmental policy, including internal security policy, through legislation often also serves as a window to the beliefs and values of those crafting the legislation. By examining the internal security legislation passed during the Red Scare, we can determine some of the beliefs and values that underlay the legislation. This dissertation argues three points. First, Congressional politics and legislation during the Second Red Scare created a pattern for dealing with internal security crises both during and after the Cold War. As part of this pattern, the values and beliefs that underlay the initial internal security legislation are present in internal security legislation of the 1960s and the early 2000s. The judicial response to this legislation created necessary limits to Congressional action. Second, while the race riots of many major urban centers in the 1960s have been explained as social crises, it’s important that they be studied as internal security crises as well. Particularly within Congress, some viewed these riots as an insurgency and an insurrection and framed their responses and legislation towards combating them. Finally, while attempts have been made to create a post-Cold War policy towards combating terrorism, the initial post-September 11, 2001, attempts at anti-terror legislation (such as the USA PATRIOT Act) continued to follow much of the same pattern established for internal security crises during the Cold War

Body language, security and e-commerce

Security is becoming an increasingly more important concern both at the desktop level and at the network level. This article discusses several approaches to authenticating individuals through the use of biometric devices. While libraries might not implement such devices, they may appear in the near future of desktop computing, particularly for access to institutional computers or for access to sensitive information. Other approaches to computer security focus on protecting the contents of electronic transmissions and verification of individual users. After a brief overview of encryption technologies, the article examines public-key cryptography which is getting a lot of attention in the business world in what is called public key infrastructure. It also examines other efforts, such as IBM’s Cryptolope, the Secure Sockets Layer of Web browsers, and Digital Certificates and Signatures. Secure electronic transmissions are an important condition for conducting business on the Net. These business transactions are not limited to purchase orders, invoices, and contracts. This could become an important tool for information vendors and publishers to control access to the electronic resources they license. As license negotiators and contract administrators, librarians need to be aware of what is happening in these new technologies and the impact that will have on their operations

BlackWatch:increasing attack awareness within web applications

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the preventative side of security. Whilst prevention is an essential part of the security process, developers must also implement a level of attack awareness into their web applications. Being able to detect when an attack is occurring provides applications with the ability to execute responses against malicious users in an attempt to slow down or deter their attacks. This research seeks to improve web application security by identifying malicious behaviour from within the context of web applications using our tool BlackWatch. The tool is a Python-based application which analyses suspicious events occurring within client web applications, with the objective of identifying malicious patterns of behaviour. This approach avoids issues typically encountered with traditional web application firewalls. Based on the results from a preliminary study, BlackWatch was effective at detecting attacks from both authenticated, and unauthenticated users. Furthermore, user tests with developers indicated BlackWatch was user friendly, and was easy to integrate into existing applications. Future work seeks to develop the BlackWatch solution further for public release