IKHarvester - Informal eLearning with semantic web harvesting

Only recently, researchers and practitioners alike have begun to fully understand the potential of eLearning and have concentrated on new tools and technologies for creating, capturing and distributing knowledge. In order to support and extend those solutions we propose the idea of incorporating the informal knowledge into Learning Management Systems. Contributing to the body of research, problems of existing eLearning technologies are documented highlighting areas of definite improvement. Finally, semantic Web harvesting technology as a solution is explored in the form of the knowledge acquisition tool called IKHarvester

An evaluation of the ‘open source internet research tool’: a user-centred and participatory design approach with UK law enforcement

As part of their routine investigations, law enforcement conducts open source research; that is, investigating and researching using publicly available information online. Historically, the notion of collecting open sources of information is as ingrained as the concept of intelligence itself. However, utilising open source research in UK law enforcement is a relatively new concept not generally, or practically, considered until after the civil unrest seen in the UK’s major cities in the summer of 2011. While open source research focuses on the understanding of bein‘publicly available’, there are legal, ethical and procedural issues that law enforcement must consider. This asks the following mainresearch question: What constraints do law enforcement face when conducting open source research? From a legal perspective, law enforcement officials must ensure their actions are necessary and proportionate, more so where an individual’s privacy is concerned under human rights legislation and data protection laws such as the General Data Protection Regulation. Privacy issues appear, though, when considering the boom and usage of social media, where lines can be easily blurred as to what is public and private. Guidance from Association of Chief Police Officers (ACPO) and, now, the National Police Chief’s Council (NPCC) tends to be non-committal in tone, but nods towards obtaining legal authorisation under the Regulation of Investigatory Powers Act (RIPA) 2000 when conducting what may be ‘directed surveillance’. RIPA, however, pre-dates the modern era of social media by several years, so its applicability as the de-facto piece of legislation for conducting higher levels of open source research is called into question. 22 semi-structured interviews with law enforcement officials were conducted and discovered a grey area surrounding legal authorities when conducting open source research. From a technical and procedural aspect of conducting open source research, officers used a variety of software tools that would vary both in price and quality, with no standard toolset. This was evidenced from 20 questionnaire responses from 12 police forces within the UK. In an attempt to bring about standardisation, the College of Policing’s Research, Identifying and Tracing the Electronic Suspect (RITES) course recommended several capturing and productivity tools. Trainers on the RITES course, however, soon discovered the cognitive overload this had on the cohort, who would often spend more time learning to use the tools than learn about open source research techniques. The problem highlighted above prompted the creation of Open Source Internet Research Tool (OSIRT); an all-in-one browser for conducting open source research. OSIRT’s creation followed the user-centred design (UCD) method, with two phases of development using the software engineering methodologies ‘throwaway prototyping’, for the prototype version, and ‘incremental and iterative development’ for the release version. OSIRT has since been integrated into the RITES course, which trains over 100 officers a year, and provides a feedback outlet for OSIRT. System Usability Scale questionnaires administered on RITES courses have shown OSIRT to be usable, with feedback being positive. Beyond the RITES course, surveys, interviews and observations also show OSIRT makes an impact on everyday policing and has reduced the burden officers faced when conducting opens source research. OSIRT’s impact now reaches beyond the UK and sees usage across the globe. OSIRT contributes to law enforcement output in countries such as the USA, Canada, Australia and even Israel, demonstrating OSIRT’s usefulness and necessity are not only applicable to UK law enforcement. This thesis makes several contributions both academically and from a practical perspective to law enforcement. The main contributions are: • Discussion and analysis of the constraints law enforcement within the UK face when conducting open source research from a legal, ethical and procedural perspective. • Discussion, analysis and reflective discourse surrounding the development of a software tool for law enforcement and the challenges faced in what is a unique development. • An approach to collaborating with those who are in ‘closed’ environments, such as law enforcement, to create bespoke software. Additionally, this approach offers a method of measuring the value and usefulness of OSIRT with UK law enforcement. • The creation and integration of OSIRT in to law enforcement and law enforcement training packages

ANDES: an approach to embed search services on the Web browser

This article addresses search tasks, which are the most frequent type of tasks users do nowadays on the Web. We suggest that the customization of search services would improve the user’s searching experience, and it also might make search tasks more effective and efficient. We analyze user tasks for performing searches and types of search services. Then, we distinguish between primary search tasks (related to the initial user goal) and ancillary search tasks (those that are performed to find additional information necessary to understand how to achieve a primary search task). We also explain different types of search services, including global search services (which has an extensive search scope, possibly the whole Web) and in-site search services (which has a narrow scope of search focused on a specific Web site or data set). We also discuss features embedded into Web browsers to support search tasks and how Web browsers can support extensions allowing users to integrate customized search services. We propose an approach called ANDES that allows users to integrate into the Web browser new search services that are created by customizing search services offered by existing Web sites. By means of Web augmentation techniques, we demonstrate how users can customize the browser to trigger search services to any Web site and integrate the Web page results. We report on two evaluations showing that end-users can specify and use search services following our approach and that the proposed interaction is more convenient in contrast to traditional mechanisms. Beyond the tool used to demonstrate the feasibility of the ANDES approach, this paper aims to discuss new strategies for end-user programming that allow users to customize search services over the Web

Functionality-based application confinement: A parameterised and hierarchical approach to policy abstraction for rule-based application-oriented access controls

Access controls are traditionally designed to protect resources from users, and consequently make access decisions based on the identity of the user, treating all processes as if they are acting on behalf of the user that runs them. However, this user-oriented approach is insufficient at protecting against contemporary threats, where security compromises are often due to applications running malicious code, either due to software vulnerabilities or malware. Application-oriented access controls can mitigate this threat by managing the authority of individual applications. Rule-based application-oriented access controls can restrict applications to only allow access to the specific finely-grained resources required for them to carry out their tasks, and thus can significantly limit the damage that can be caused by malicious code. Unfortunately existing application-oriented access controls have policy complexity and usability problems that have limited their use. This thesis proposes a new access control model, known as functionality-based application confinement (FBAC). The FBAC model has a number of unique features designed to overcome problems with previous approaches. Policy abstractions, known as functionalities, are used to assign authority to applications based on the features they provide. Functionalities authorise elaborate sets of finely grained privileges based on high-level security goals, and adapt to the needs of specific applications through parameterisation. FBAC is hierarchical, which enables it to provide layers of abstraction and encapsulation in policy. It also simultaneously enforces the security goals of both users and administrators by providing discretionary and mandatory controls. An LSM-based (Linux security module) prototype implementation, known as FBAC-LSM, was developed as a proof-of-concept and was used to evaluate the new model and associated techniques. The policy requirements of over one hundred applications were analysed, and policy abstractions and application policies were developed. Analysis showed that the FBAC model is capable of representing the privilege needs of applications. The model is also well suited to automaiii tion techniques that can in many cases create complete application policies a priori, that is, without first running the applications. This is an improvement over previous approaches that typically rely on learning modes to generate policies. A usability study was conducted, which showed that compared to two widely-deployed alternatives (SELinux and AppArmor), FBAC-LSM had significantly higher perceived usability and resulted in significantly more protective policies. Qualitative analysis was performed and gave further insight into the issues surrounding the usability of application-oriented access controls, and confirmed the success of the FBAC model

CHARMS: A Charter Management System. Automating the Integration of Electronic Institutions and Humans

The execution of process models is usually presented through a graphical user interface, especially when users¿ input is required. Existing mechanisms, such as Electronic Institutions (EIs), provide means to easily specify and automatically execute process models. However, every time the specification is modified, the graphical user interface (GUI) needed during the execution stage should be manually modified accordingly. This paper proposes a system that helps maintain such GUIs in an efficient and automated manner. We present and test Charms, a system built on top of EIs that allows the automatic creation and update of GUIs based on the provided process model specification. © 2012 Copyright Taylor and Francis Group, LLC.This work has been supported by: the LiquidPublications project (project.LiquidPub.org), funded by the Seventh Framework Programme for Research of the European Commission under fet-open grant number 213360; the Agreement Technologies project (www.agreement-technologies.org), funded by consolider csd 2007-0022, ingenio 2010; and the cbit project on community-building information technology, funded by the Spanish Ministry of Science and Innovation under grant number TIN2010-16306.Peer Reviewe

Personalizing the web: A tool for empowering end-users to customize the web through browser-side modification

167 p.Web applications delegate to the browser the final rendering of their pages. Thispermits browser-based transcoding (a.k.a. Web Augmentation) that can be ultimately singularized for eachbrowser installation. This creates an opportunity for Web consumers to customize their Web experiences.This vision requires provisioning adequate tooling that makes Web Augmentation affordable to laymen.We consider this a special class of End-User Development, integrating Web Augmentation paradigms.The dominant paradigm in End-User Development is scripting languages through visual languages.This thesis advocates for a Google Chrome browser extension for Web Augmentation. This is carried outthrough WebMakeup, a visual DSL programming tool for end-users to customize their own websites.WebMakeup removes, moves and adds web nodes from different web pages in order to avoid tabswitching, scrolling, the number of clicks and cutting and pasting. Moreover, Web Augmentationextensions has difficulties in finding web elements after a website updating. As a consequence, browserextensions give up working and users might stop using these extensions. This is why two differentlocators have been implemented with the aim of improving web locator robustness

Engineering Submission Portal

One of the requirements for all engineering students at Santa Clara University is to complete a senior design project. The senior design project is a year-long group project (with team sizes of typically 2-4 people) in which students work with faculty advisors to develop a product, idea, or applied research in the field of their study. This work is structured through the senior design class in which students receive information about the due dates and formats of their deliverables. Currently, senior design projects are submitted on printed paper. This method is unreliable as papers may become lost or unorganized resulting in a delayed review process. Printing multiple copies of reports is also not environmentally friendly and it can be overly complicated for interdisciplinary groups with multiple advisors. As an alternative, we propose using an online web portal to handle the senior design submission process. By using a service that is tailor-made for senior design, the website will ensure that the senior design submission process is smooth, easy, and reliable for everyone

TOWARDS REDESIGNING WEB BROWSERS WITH SECURITY PRINCIPLES

Ph.DDOCTOR OF PHILOSOPH

Airport mobile internet an innovation

This paper studies the adoption of mobile Internet by airports. Using a new theoretical model, the study tests whether early adopters of mobile Internet for airports can be considered real innovators. Seventy-five international airports from four different geographical areas and of three different sizes are analyzed. The paper complements the analysis with an additional innovation adoption, the PC-Website, and two dimensions are analyzed: the time of adoption and the degree of maturation. Our findings show that there are four real innovator airports: London Heathrow, London Stansted, Amsterdam Schiphol and Copenhagen. Airport innovation is found to be related to geographical location and commercial revenue rather than to airport size. The four real innovator airports iPhone apps are used as case studies to identity best practices for the delivery of airport mobile services

Dark patterns et manipulation des éditeurs de sites web par les fournisseurs de solution de gestion de consentement

International audienceWeb technologies and services widely rely on data collection via tracking users on websites. In the EU, the collection of such data requires user consent thanks to the ePrivacy Directive (ePD), and the General Data Protection Regulation (GDPR). To comply with these regulations and integrate consent collection into their websites, website publishers often rely on third-party contractors, called Consent Management Providers (CMPs), that provide consent pop-ups as a service. Since the GDPR came in force in May 2018, the presence of CMPs continuously increased. In our work, we systematically study the installation and configuration process of consent pop-ups and their potential effects on the decision making of the website publishers. We make an in-depth analysis of the configuration process from ten services provided by five popular CMP companies and identify common unethical design choices employed. By analysing CMP services on an empty experimental website, we identify manipulation of website publishers towards subscription to the CMPs paid plans and then determine that default consent pop-ups often violate the law. We also show that configuration options may lead to non-compliance, while tracking scanners offered by CMPs manipulate publishers. Our findings demonstrate the importance of CMPs and design space offered to website publishers, and we raise concerns around the privileged position of CMPs and their strategies influencing website publishers.Les technologies et services web reposent largement sur la collecte de données via le suivi des utilisateurs sur les sites web. Dans l'UE, la collecte de ces données nécessite le consentement de l'utilisateur grâce à la directive ePrivacy (ePD), et au Règlement Général sur la Protection des Données (RGPD). Pour se conformer à ces réglementations et intégrer la collecte du consentement sur leurs sites, les éditeurs font souvent appel à des prestataires tiers, appelés fournisseurs de gestion du consentement (Consent Management Providers, ou CMP), qui fournissent des pop-ups de consentement en tant que service. Depuis l'entrée en vigueur du RGPD en mai 2018, la présence de ces CMP a continuellement augmenté. Dans notre travail, nous systématisons l'étude du processus d'installation et de configuration de ces pop-ups de consentement et de leurs effets potentiels sur la prise de décision des éditeurs de sites web. Nous effectuons une analyse approfondie du processus de configuration à partir de dix services fournis par cinq fournisseurs de solutions de gestion de consentement populaires, et nous identifions les choix de conception non éthiques communément employés. En analysant les services de CMP sur un site expérimental vide, nous mettons en évidence la manipulation des éditeurs de sites web en faveur de l'abonnement aux offres payantes des CMP, et nous remarquons que les pop-ups de consentement par défaut enfreignent souvent la loi. Nous montrons également que les options de configuration peuvent conduire à la non-conformité, tandis que les scanners de suivi proposés par les CMP manipulent les éditeurs. Nos résultats démontrent l'importance des CMP et de l'espace de conception offert aux éditeurs de sites web, et nous nous interrogeons quant à la position privilégiée des CMP et à leurs stratégies d'influence sur les éditeurs de sites web