15,314 research outputs found
Orthography and Identity in Cameroon
The tone languages of sub-Saharan Africa
raise challenging questions for the design
of new writing systems. Marking too much or too little tone can have
grave consequences for the usability of an orthography.
Orthography development, past and present, rests on a
raft of sociolinguistic issues having little to do with the
technical phonological concerns that usually preoccupy orthographers.
Some of these issues
are familiar from the spelling reforms which have taken place
in European languages. However, many of the issues faced in
sub-Saharan Africa are
different, being concerned with the creation of new writing systems
in a multi-ethnic context: residual colonial influences, the
construction of new nation-states, detribalization versus
culture preservation and language reclamation, and so on.
Language development projects which crucially rely on creating
or revising orthographies may founder if they do not attend to
the various layers of identity that are indexed by orthography:
whether colonial, national, ethnic, local or individual identity.
In this study, I review the history and politics
of orthography in Cameroon, with a focus on tone marking.
The paper concludes by calling present-day orthographers to
a deeper and broader understanding of orthographic issues
Time Protection: the Missing OS Abstraction
Timing channels enable data leakage that threatens the security of computer
systems, from cloud platforms to smartphones and browsers executing untrusted
third-party code. Preventing unauthorised information flow is a core duty of
the operating system, however, present OSes are unable to prevent timing
channels. We argue that OSes must provide time protection in addition to the
established memory protection. We examine the requirements of time protection,
present a design and its implementation in the seL4 microkernel, and evaluate
its efficacy as well as performance overhead on Arm and x86 processors
Concurrency Annotations and Reusability
Widespread acceptance of concurrent object-oriented programming in the field
can only be expected if smooth integration with sequential programming is
achieved. This means that a common language base has to be used, where the
concurrent syntax differs as little as possible from the sequential one but is
associated with a "natural" concurrent semantics that makes library support
for concurrency superfluous. In addition, not only should sequential classes
be reusable in a concurrent context, but concurrent classes should also be
reusable in a sequential context. It is suggested that concurrency annotations
be inserted into otherwise sequential code. They are ignored by a sequential
compiler, but a compiler for the extended concurrent language will recognize
them and generate the appropriate concurrent code. The concurrent version of
the language supports active and concurrent objects and favours a declarative
approach to synchronization and locking which solves typical concurrency
problems in an easier and more readable way than previous approaches.
Concurrency annotations are introduced using Eiffel as the sequential base
Context-Aware and Secure Workflow Systems
Businesses do evolve. Their evolution necessitates the re-engineering of their existing "business processes”, with the objectives of reducing costs, delivering services on time, and enhancing their profitability in a competitive market. This is generally true and particularly in domains such as manufacturing, pharmaceuticals and education). The central objective of workflow technologies is to separate business policies (which normally are encoded in business logics) from the underlying business applications. Such a separation is desirable as it improves the evolution of business processes and, more often than not, facilitates the re-engineering at the organisation level without the need to detail knowledge or analyses of the application themselves. Workflow systems are currently used by many organisations with a wide range of interests and specialisations in many domains. These include, but not limited to, office automation, finance and banking sector, health-care, art, telecommunications, manufacturing and education. We take the view that a workflow is a set of "activities”, each performs a piece of functionality within a given "context” and may be constrained by some security requirements. These activities are coordinated to collectively achieve a required business objective. The specification of such coordination is presented as a set of "execution constraints” which include parallelisation (concurrency/distribution), serialisation, restriction, alternation, compensation and so on. Activities within workflows could be carried out by humans, various software based application programs, or processing entities according to the organisational rules, such as meeting deadlines or performance improvement. Workflow execution can involve a large number of different participants, services and devices which may cross the boundaries of various organisations and accessing variety of data.
This raises the importance of
_ context variations and context-awareness and
_ security (e.g. access control and privacy).
The specification of precise rules, which prevent unauthorised participants from executing sensitive tasks and also to prevent tasks from accessing unauthorised services or (commercially) sensitive information, are crucially important. For example, medical scenarios will require that:
_ only authorised doctors are permitted to perform certain tasks,
_ a patient medical records are not allowed to be accessed by anyone without
the patient consent and
_ that only specific machines are used to perform given tasks at a given time.
If a workflow execution cannot guarantee these requirements, then the flow will
be rejected. Furthermore, features/characteristics of security requirement are both
temporal- and/or event-related. However, most of the existing models are of a
static nature – for example, it is hard, if not impossible, to express security requirements which are:
_ time-dependent (e.g. A customer is allowed to be overdrawn by 100 pounds
only up-to the first week of every month.
_ event-dependent (e.g. A bank account can only be manipulated by its owner unless there is a change in the law or after six months of his/her death).
Currently, there is no commonly accepted model for secure and context-aware workflows or even a common agreement on which features a workflow security model should support. We have developed a novel approach to design, analyse and validate workflows. The approach has the following components:
= A modelling/design language (known as CS-Flow).
The language has the following features:
– support concurrency;
– context and context awareness are first-class citizens;
– supports mobility as activities can move from one context to another;
– has the ability to express timing constrains: delay, deadlines, priority and schedulability;
– allows the expressibility of security policies (e.g. access control and privacy) without the need for extra linguistic complexities; and
– enjoy sound formal semantics that allows us to animate designs and compare various designs.
= An approach known as communication-closed layer is developed, that allows us to serialise a highly distributed workflow to produce a semantically equivalent quasi-sequential flow which is easier to understand and analyse. Such re-structuring, gives us a mechanism to design fault-tolerant workflows as layers are atomic activities and various existing forward and backward error recovery techniques can be deployed.
= Provide a reduction semantics to CS-Flow that allows us to build a tool support to animate a specifications and designs. This has been evaluated on a Health care scenario, namely the Context Aware Ward (CAW) system. Health care provides huge amounts of business workflows, which will benefit from workflow adaptation and support through pervasive computing systems. The evaluation takes two complementary strands:
– provide CS-Flow’s models and specifications and
– formal verification of time-critical component of a workflow
SEeD for Change: The Systemic Event Design Project Applied to Terra Madre Salone del Gusto for the Development of Food Communities
In the contemporary era, food plays a key role in balancing environmental, social, and economic balances, not only due to its primary identity as a resource that nourishes living beings and the planet but also through the processes triggered by stakeholders who act at the internal local food systems. In the latter, an orientation towards sustainability is increasingly urgently required, capable of achieving a widespread creation of shared value. In this scenario, the International Slow Food Association operates, which also, through the Terra Madre Salone del Gusto initiative, coordinates communities and events located throughout the world on the theme of “good, clean and fair” food. This article aims to analyze, through the lens of the systemic approach, the interesting and multifaceted impacts of this event, as an opportunity to disseminate and contagion of ideas, attitudes, and behaviors around the themes of sustainability and biodiversity, but also as a moment of consolidation and creation of relationships between and within local food systems and local communities. The research project presented, entitled “SEeD for Change”, was coordinated by the University of Gastronomic Sciences of Pollenzo with the University of Turin and helped to focus on the actors, relationships and contexts that actually and virtually hosted the event: places in which through a common and shared language, change has been generated
Model Checking a C++ Software Framework, a Case Study
This paper presents a case study on applying two model checkers, SPIN and
DIVINE, to verify key properties of a C++ software framework, known as ADAPRO,
originally developed at CERN. SPIN was used for verifying properties on the
design level. DIVINE was used for verifying simple test applications that
interacted with the implementation. Both model checkers were found to have
their own respective sets of pros and cons, but the overall experience was
positive. Because both model checkers were used in a complementary manner, they
provided valuable new insights into the framework, which would arguably have
been hard to gain by traditional testing and analysis tools only. Translating
the C++ source code into the modeling language of the SPIN model checker helped
to find flaws in the original design. With DIVINE, defects were found in parts
of the code base that had already been subject to hundreds of hours of unit
tests, integration tests, and acceptance tests. Most importantly, model
checking was found to be easy to integrate into the workflow of the software
project and bring added value, not only as verification, but also validation
methodology. Therefore, using model checking for developing library-level code
seems realistic and worth the effort.Comment: In Proceedings of the 27th ACM Joint European Software Engineering
Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE
'19), August 26-30, 2019, Tallinn, Estonia. ACM, New York, NY, USA, 11 page
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study
Passwords are still a mainstay of various security systems, as well as the
cause of many usability issues. For end-users, many of these issues have been
studied extensively, highlighting problems and informing design decisions for
better policies and motivating research into alternatives. However, end-users
are not the only ones who have usability problems with passwords! Developers
who are tasked with writing the code by which passwords are stored must do so
securely. Yet history has shown that this complex task often fails due to human
error with catastrophic results. While an end-user who selects a bad password
can have dire consequences, the consequences of a developer who forgets to hash
and salt a password database can lead to far larger problems. In this paper we
present a first qualitative usability study with 20 computer science students
to discover how developers deal with password storage and to inform research
into aiding developers in the creation of secure password systems
- …