59,815 research outputs found
Yelling Fire and Hacking: Why the First Amendment Does Not Permit Distributing DVD Decryption Technology?
One of the consequences of the black-hole "no-hair" theorem in general relativity (GR) is that gravitational radiation (quasi-normal modes) from a perturbed Kerr black hole is uniquely determined by its mass and spin. Thus, the spectrum of quasi-normal mode frequencies have to be all consistent with the same value of the mass and spin. Similarly, the gravitational radiation from a coalescing binary black hole system is uniquely determined by a small number of parameters (masses and spins of the black holes and orbital parameters). Thus, consistency between different spherical harmonic modes of the radiation is a powerful test that the observed system is a binary black hole predicted by GR. We formulate such a test, develop a Bayesian implementation, demonstrate its performance on simulated data and investigate the possibility of performing such a test using previous and upcoming gravitational wave observations
Determination and evaluation of web accessibility
The Web is the most pervasive collaborative
technology in widespread use today; however,
access to the web and its many applications cannot
be taken for granted. Web accessibility encompasses
a variety of concerns ranging from societal,
political, and economic to individual, physical, and
intellectual through to the purely technical. Thus,
there are many perspectives from which web
accessibility can be understood and evaluated. In
order to discuss these concerns and to gain a better
understanding of web accessibility, an accessibility
framework is proposed using as its base a layered
evaluation framework from Computer Supported
Co-operative Work research and the ISO standard,
ISO/IEC 9126 on software quality. The former is
employed in recognition of the collaborative nature
of the web and its importance in facilitating
communication. The latter is employed to refine and
extend the technical issues and to highlight the need
for considering accessibility from the viewpoint of
the web developer and maintainer as well as the web
user. A technically inaccessible web is unlikely to be
evolved over time. A final goal of the accessibility
framework is to provide web developers and
maintainers with a practical basis for considering
web accessibility through the development of a set of
accessibility factors associated with each identified
layer
Defending Against Firmware Cyber Attacks on Safety-Critical Systems
In the past, it was not possible to update the underlying software in many industrial control devices. Engineering
teams had to ārip and replaceā obsolete components. However, the ability to make firmware updates has provided
significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and
bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are
identified in existing devices; they can be distributed by physical media but are increasingly downloaded over
Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications,
which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections
explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the
code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where
the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack
on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions,
including firmware hashing, must be augmented by organizational measures to secure the supply chain within
individual plants, across companies and throughout safety-related industries
Privacy Issues of the W3C Geolocation API
The W3C's Geolocation API may rapidly standardize the transmission of
location information on the Web, but, in dealing with such sensitive
information, it also raises serious privacy concerns. We analyze the manner and
extent to which the current W3C Geolocation API provides mechanisms to support
privacy. We propose a privacy framework for the consideration of location
information and use it to evaluate the W3C Geolocation API, both the
specification and its use in the wild, and recommend some modifications to the
API as a result of our analysis
Machine-Readable Privacy Certificates for Services
Privacy-aware processing of personal data on the web of services requires
managing a number of issues arising both from the technical and the legal
domain. Several approaches have been proposed to matching privacy requirements
(on the clients side) and privacy guarantees (on the service provider side).
Still, the assurance of effective data protection (when possible) relies on
substantial human effort and exposes organizations to significant
(non-)compliance risks. In this paper we put forward the idea that a privacy
certification scheme producing and managing machine-readable artifacts in the
form of privacy certificates can play an important role towards the solution of
this problem. Digital privacy certificates represent the reasons why a privacy
property holds for a service and describe the privacy measures supporting it.
Also, privacy certificates can be used to automatically select services whose
certificates match the client policies (privacy requirements).
Our proposal relies on an evolution of the conceptual model developed in the
Assert4Soa project and on a certificate format specifically tailored to
represent privacy properties. To validate our approach, we present a worked-out
instance showing how privacy property Retention-based unlinkability can be
certified for a banking financial service.Comment: 20 pages, 6 figure
Governing Networks and Rule-Making in Cyberspace
The global network environment defies traditional regulatory theories and policymaking practices. At present, policymakers and private sector organizations are searching for appropriate regulatory strategies to encourage and channel the global information infrastructure (āGIIā). Most attempts to define new rules for the development of the GII rely on disintegrating concepts of territory and sector, while ignoring the new network and technological borders that transcend national boundaries. The GII creates new models and sources for rules. Policy leadership requires a fresh approach to the governance of global networks. Instead of foundering on old concepts, the GII requires a new paradigm for governance that recognizes the complexity of networks, builds constructive relationships among the various participants (including governments, systems operators, information providers, and citizens), and promotes incentives for the attainment of various public policy objectives in the private sector
- ā¦