A Pragmatic Approach to DHT Adoption

Despite the peer-to-peer community's obvious wish to have its systems adopted, specific mechanisms to facilitate incremental adoption have not yet received the same level of attention as the many other practical concerns associated with these systems. This paper argues that ease of adoption should be elevated to a first-class concern and accordingly presents HOLD, a front-end to existing DHTs that is optimized for incremental adoption. Specifically, HOLD is backwards-compatible: it leverages DNS to provide a key-based routing service to existing Internet hosts without requiring them to install any software. This paper also presents applications that could benefit from HOLD as well as the trade-offs that accompany HOLD. Early implementation experience suggests that HOLD is practical

The Use of Hosted Enterprise Applications by SMEs: A User Perspective

This paper seeks to deepen our understanding of the engagement of small to medium-sized enterprises (SMEs) in hosted enterprise applications (high complexity e-business applications) in the UK by investigating the relevance of organisational and technical factors through conducting interviews with SME users of hosted applications. The emergence and development of the application service provider (ASP) sector has attracted much interest and highly optimistic forecasts for revenues. Of particular interest in this paper is the emergence of service offerings targeted specifically at SMEs. The paper starts by considering information technology (IT) adoption by SMEs in general before reviewing the provision of hosted enterprise applications in the US and UK. The empirical data collected from SME users of hosted enterprise applications is then analysed in order to produce the key findings and conclusions. From an SME user perspective the key findings to emerge from the study include: i) confirmation that ICT infrastructure was no longer a barrier to adoption, ii) the pragmatic approach taken to security issues, iii) the use of both multiple information systems (hosted and resident) and service providers, iv) the attractiveness of the rental cost model and v) the intention to continue or extend their use of hosted applications within the enterprise. The early promise of the ASP sector appears not to have been generally realised for SMEs in the UK. This study explores the experience of early adopters of this new IT related innovation and identifies some significant business gains experienced by SME users. It also highlights the opportunity for gaining competitive advantage by using hosted enterprise applications to reduce costs. There are very few empirical studies of hosted applications which take a deliberately SME user perspective and this paper make an important contribution in this emerging field

Defending Against Firmware Cyber Attacks on Safety-Critical Systems

In the past, it was not possible to update the underlying software in many industrial control devices. Engineering teams had to ‘rip and replace’ obsolete components. However, the ability to make firmware updates has provided significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are identified in existing devices; they can be distributed by physical media but are increasingly downloaded over Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications, which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions, including firmware hashing, must be augmented by organizational measures to secure the supply chain within individual plants, across companies and throughout safety-related industries

Impact assessment for vulnerabilities in open-source software libraries

Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS potentially affects the application. Upon the disclosure of every new vulnerability, the application vendor has to decide whether it is exploitable in his particular usage context, hence, whether users require an urgent application patch containing a non-vulnerable version of the OSS. Current decision making is mostly based on high-level vulnerability descriptions and expert knowledge, thus, effort intense and error prone. This paper proposes a pragmatic approach to facilitate the impact assessment, describes a proof-of-concept for Java, and examines one example vulnerability as case study. The approach is independent from specific kinds of vulnerabilities or programming languages and can deliver immediate results

Collaborative method to maintain business process models updated

Business process models are often forgotten after their creation and its representation is not usually updated. This appears to be negative as processes evolve over time. This paper discusses the issue of business process models maintenance through the definition of a collaborative method that creates interaction contexts enabling business actors to discuss about business processes, sharing business knowledge. The collaboration method extends the discussion about existing process representations to all stakeholders promoting their update. This collaborative method contributes to improve business process models, allowing updates based in change proposals and discussions, using a groupware tool that was developed. Four case studies were developed in real organizational environment. We came to the conclusion that the defined method and the developed tool can help organizations to maintain a business process model updated based on the inputs and consequent discussions taken by the organizational actors who participate in the processes.info:eu-repo/semantics/publishedVersio

Ethics of e-voting: an essay on requirements and values in Internet elections

In this paper, we investigate ethical issues involved in the development and implementation of Internet voting technology. From a phenomenological perspective, we describe how voting via the Internet mediates the relation between people and democracy. In this relation, trust plays a major role. The dynamics of trust in the relation between people and their world forms the basis for our analysis of the ethical issues involved. First, we consider established principles of voting, confirming the identity of our democracy, which function as expectations in current experiments with online voting in the Netherlands. We investigate whether and how Internet voting can meet these expectations and thereby earn trust, based on the experiments in the Netherlands. We identify major challenges, and provide a basis for ethical and political discussion on these issues, especially the changed relation between public and private. If we decide that we want to vote via the Internet, more practical matters come into play in the implementation of the technology. The choices involved here are discussed in relation to the mediating role of concrete voting technologies in the relation between citizen and state

The new Nowhere Land? : a research and practice agenda for the “Always on Culture"

Purpose: Rapid developments in the field of information communication technology (ICT) mean that e-working has become increasingly common and prolonged – the “always-onculture” potential to enhance work-life balance via increased flexibility in terms of time and location, as well as posing the risk of being ‘always on’ has been identified with potentially serious implications for the health and performance of employees. We identify a research agenda and review current organizational practice. Approach: We discuss current technological developments as well as prevalent research frameworks and terminology in the domain of work-life balance and beyond to evaluate their fitness for purpose. We also report findings from a survey of 374 employees working within UK businesses about current organisational practice. Findings: Over half of the organisations sampled do not have clear guidance regarding worklife balance and supporting employees with regards to ICT enabled working. Key challenges are the sheer volume of email traffic, lack of training and infrastructure and an absence of appropriate support. Practical implications: Organisations need to develop clear policies regarding the psychosocial aspects of technology use and provide evidence-based guidance to managers and employees. Social implications: Managers and individuals require support to engage with technology in a healthy and sustainable way

Information technology as boundary object for transformational learning

Collaborative work is considered as a way to improve productivity and value generation in construction. However, recent research demonstrates that socio-cognitive factors related to fragmentation of specialized knowledge may hinder team performance. New methods based on theories of practice are emerging in Computer Supported Collaborative Work and organisational learning to break these knowledge boundaries, facilitating knowledge sharing and the generation of new knowledge through transformational learning. According to these theories, objects used in professional practice play a key role in mediating interactions. Rules and methods related to these practices are also embedded in these objects. Therefore changing collaborative patterns demand reconfiguring objects that are at the boundary between specialized practices, namely boundary objects. This research is unique in presenting an IT strategy in which technology is used as a boundary object to facilitate transformational learning in collaborative design work