AsterixDB: A Scalable, Open Source BDMS

AsterixDB is a new, full-function BDMS (Big Data Management System) with a feature set that distinguishes it from other platforms in today's open source Big Data ecosystem. Its features make it well-suited to applications like web data warehousing, social data storage and analysis, and other use cases related to Big Data. AsterixDB has a flexible NoSQL style data model; a query language that supports a wide range of queries; a scalable runtime; partitioned, LSM-based data storage and indexing (including B+-tree, R-tree, and text indexes); support for external as well as natively stored data; a rich set of built-in types; support for fuzzy, spatial, and temporal types and queries; a built-in notion of data feeds for ingestion of data; and transaction support akin to that of a NoSQL store. Development of AsterixDB began in 2009 and led to a mid-2013 initial open source release. This paper is the first complete description of the resulting open source AsterixDB system. Covered herein are the system's data model, its query language, and its software architecture. Also included are a summary of the current status of the project and a first glimpse into how AsterixDB performs when compared to alternative technologies, including a parallel relational DBMS, a popular NoSQL store, and a popular Hadoop-based SQL data analytics platform, for things that both technologies can do. Also included is a brief description of some initial trials that the system has undergone and the lessons learned (and plans laid) based on those early "customer" engagements

Practical assessment of Biba integrity for TCG-enabled platforms

Checking the integrity of an application is necessary to determine if the latter will behave as expected. The method defined by the Trusted Computing Group consists in evaluating the fingerprints of the platform hardware and software components required for the proper functioning of the application to be assessed. However, this only ensures that a process was working correctly at load-time but not for its whole life-cycle. Policy-Reduced Integrity Measurement Architecture (PRIMA) addresses this problem by enforcing a security policy that denies information flows from potentially malicious processes to an application target of the evaluation and its dependencies (requirement introduced by CW-Lite, an evolution of the Biba integrity model). Given the difficulty of deploying PRIMA (as platform administrators have to tune their security policies to satisfy the CW-Lite requirements) we propose in this paper Enhanced IMA, an extended version of the Integrity Measurement Architecture (IMA) that, unlike PRIMA, works almost out of the box and just reports information flows instead of enforcing them. In addition, we introduce a model to evaluate the information reported by Enhanced IMA with existing technique

The Development and Validation of the Emporium Model Motivation Scale (EMMS)

The purpose of this research study was to begin the development and validation of a new survey instrument; the Emporium Model Motivation Scale (EMMS). The instrument is designed to be used as part of a more holistic evaluation of non-traditional student-centered mathematics courses or programs redesigned using the Emporium Model (E-Model). EdResearch suggested that the design of the E-Model environment was better suited to help students become more autonomy-natured (Williams, 2016). The present research was rooted in Self-determination Theory (SDT), which asserted that all individuals had a natural desire to strive for autonomy, competence, and relatedness in their social environments (Ryan & Deci, 2000; 2017). The research study consisted of a random sample of n = 463 respondents from both a U.S. community college and 4-year public university. Results of an Exploratory Factor Analysis (EFA) produced four parsimonious factor solutions that showed potential to be valid, highly reliable with (ω ≥ .89) and replicable across other samples or populations. The factors were analyzed using Polychoric correlations, with Unweighted Least Squares (ULS) extraction and Promax rotation. Correlational analysis, MANOVA, ANOVA, and Standard Multiple Regression were performed with accurate and reliable standardized factor score estimates. Overall results revealed statistically significant differences between the two institutions of higher learning across levels of the EMMS factors. Further analyses revealed that age was a statistically significant predictor of the EMMS factors and that older respondents were more autonomous and receptive of the E-Model design for course instruction

Comprehensive and Practical Policy Compliance in Data Retrieval Systems

Data retrieval systems such as online search engines and online social networks process many data items coming from different sources, each subject to its own data use policy. Ensuring compliance with these policies in a large and fast-evolving system presents a significant technical challenge since bugs, misconfigurations, or operator errors can cause (accidental) policy violations. To prevent such violations, researchers and practitioners develop policy compliance systems. Existing policy compliance systems, however, are either not comprehensive or not practical. To be comprehensive, a compliance system must be able to enforce users' policies regarding their personal privacy preferences, the service provider's own policies regarding data use such as auditing and personalization, and regulatory policies such as data retention and censorship. To be practical, a compliance system needs to meet stringent requirements: (1) runtime overhead must be low; (2) existing applications must run with few modifications; and (3) bugs, misconfigurations, or actions by unprivileged operators must not cause policy violations. In this thesis, we present the design and implementation of two comprehensive and practical compliance systems: Thoth and Shai. Thoth relies on pure runtime monitoring: it tracks data flows by intercepting processes' I/O, and then it checks the associated policies to allow only policy-compliant flows at runtime. Shai, on the other hand, combines offline analysis and light-weight runtime monitoring: it pushes as many policy checks as possible to an offline (flow) analysis by predicting the policies that data-handling processes will be subject to at runtime, and then it compiles those policies into a set of fine-grained I/O capabilities that can be enforced directly by the underlying operating system

Understanding Information Privacy Assimilation in IT Organizations using Multi-site Case Studies

We develop a framework for understanding the mechanisms of information privacy assimilation in information technology (IT) organizations. Following neo-institutional theory, we develop a broad conceptual model and further build a detailed theory based on a multi-site, multi-case study of 18 organizations. We treat information privacy as a distinct dimension separate from information security. As in the case of information security, senior management support emerged as a mediator between the external influences of coercive, mimetic, and normative forces and information privacy assimilation. Privacy capability emerged as a distinct construct that had a moderating effect on the influence of coercive and normative forces on privacy assimilation. Similarly, cultural acceptability also moderated the effect of external forces on privacy assimilation. We produce a theoretical model that future research can empirically test. The findings would enable senior managers identify and respond to institutional pressures by focusing on appropriate factors in the organizations

Corporate Governance Practices in Developing Countries: The Case of Libya

Corporate governance is currently on the agenda of many countries, and is receiving considerable attention in the business world as well as in the area of academic research, which is an indication of its importance for business development and for society as a whole. A large body of the currently available knowledge addresses this phenomenon from the perspective of the developed economies. Although the knowledge base about corporate governance in developing countries appears to be limited, it is growing. The main aim of this study is to investigate current corporate governance practices, perceptions and obstacles within Libya following the introduction of the Libyan Corporate Governance Code (LCGC). To achieve this aim, the study investigates: first, the nature and extent of applying current corporate governance; secondly, the perceptions of listed companies' staff (senior managers and employees in financial positions) and Libyan financial experts (academics and auditors) regarding the introduction of the LCGC; thirdly, the current obstacles facing the application of LCGC; and, finally, the views of the Libyan regulators and officials in relation to the obstacles identified and how they may be reduced. In order to accomplish the research objectives, a mixed research methodology was adopted: This involved using two types of research methods for collecting data: semistructured interviews and a questionnaire survey divided into three sequential stages: firstly, interviews were conducted with board members of the companies surveyed; secondly, a questionnaire was distributed to selected staff of the companies surveyed and Libyan financial experts; thirdly, further interviews were conducted with Libyan regulators and officials. The findings of the study revealed that corporate governance in Libya is in its early stages of development and is characterised by a weak legal environment, lack of knowledge about corporate governance, poor leadership, lack of training among directors and weak investment awareness among investors. Therefore, the influence of social, cultural and economic factors is evident. The results also suggest that urgent action is needed in order to facilitate the implementation of a good corporate governance system in Libya

Maia and Mandos: Tools for Integrity Protection on Arbitrary Files

We present the results of our dissertation research, which focuses on practical means of protecting system data integrity. In particular, we present Maia, a language for describing integrity constraints on arbitrary file types, and Mandos, a Linux Security Module which uses verify-on-close to enforce mandatory integrity guarantees. We also provide details of a Maia-based verifier generator, demonstrate that Maia and Mandos introduce minimal delay in performing their tasks, and include a selection of sample Maia specifications

A framework for determining the adoption of new services in the South African mobile telecommunications market

Abstract in English, Afrikaans and ZuluThe aim of this study was to determine the key factors which explain the adoption of mobile data services in South Africa and incorporate them into an explanatory framework that can be used to indicate whether a new mobile data service that is introduced into the South African Mobile Market will be successful. Additionally, it shows that the current usage of mobile data services in South Africa supports the framework. The research used a design based on a mixed methods methodology. The research was conducted using a literature survey and two research phases. The literature survey was an extensive review of communication technology adoption frameworks and all the possible factors of adoption. This literature survey was also used to develop the discussion document which was used as the guidelines for the Phase 1 interviews. The interviews were with experts in the telecommunications market in South Africa and were used to determine the key drivers of adoption and possible moderating factors of mobile data services. From those interviews a preliminary model was proposed. Phase 2 was a market survey which tested the framework and moderating factors in different metropolitan areas as well as examined the current usage of mobile data services. The statistical analysis used in determining the framework incorporated Descriptive Statistics, Factor Analysis, using Principal Axis Factoring, and Structural Equation Modelling. The framework, which was based on the Technology Acceptance Model, introduced two new constructs. The first new construct was the Mobile Service Providers Marketing Tactics and the second was Social Pressure and Aspirational Value. The two constructs combined can be used to explain why mobile service providers with low cost strategies are not successful. Demographic factors such as Age were found to influence the adoption as well as Socio-economic factors such as Income. Personal factors such as Technical Knowledge, Ability and Skills and Attitude towards Technology were also found to influence adoption. Geographical location was found to be the most important moderating factor. The current mobile data usage supported the framework. The results of data usage highlighted the fact that nearly 50% of the study’s participants spent over 4 hours per day interacting with their mobile devices and that the participants from Gauteng spent more than 2½ times on mobile services than those in the other metropolitan municipalities of Cape Town and eThekwiniDie doel van hierdie studie was om die sleutelfaktore te bepaal wat die aanneming van selfoondatadienste in Suid-Afrika verklaar, en hulle te verenig in ʼn raamwerk waarmee aangetoon kan word of ʼn nuwe selfoondatadiens die Suid-Afrikaanse selfoondatamark suksesvol sal betree. Afgesien hiervan dui hierdie studie aan dat die huidige gebruik van selfoondatadienste in Suid-Afrika die geldigheid van die voorgestelde raamwerk bevestig. ʼn Mengsel van metodes is in die navorsing toegepas. Die navorsing het uit ʼn literatuuroorsig en twee navorsingsfases bestaan. Die literatuuroorsig het ʼn deurtastende oorsig van die raamwerke vir die aanneming van kommunikasietegnologie en alle moontlike faktore daarvoor behels. Uit die literatuuroorsig is die besprekingsdokument saamgestel wat as riglyn gedien het vir die onderhoude in fase 1 van die navorsing. Onderhoude is met kundiges uit die Suid-Afrikaanse telekommunikasiebedryf gevoer om die belangrikste dryfvere vir aanneming en moontlike remfaktore ten opsigte van selfoondatadienste te bepaal. ʼn Voorlopige model is op grond van die onderhoude aangebied. Fase 2 het ʼn markopname behels waarin die raamwerk en remfaktore in verskeie metropolitaanse gebiede getoets en die huidige gebruik van selfoondatadienste ondersoek is. Die statistiese analise waarop die raamwerk berus, het bestaan uit beskrywende statistiek, faktorontleding met behulp van hoofasfaktorering, en struktuurvergelykingsmodellering. Twee nuwe konstrukte het uit die raamwerk wat op die tegnologieaanvaardingsmodel gegrond was, gespruit. Die eerste was selfoondiensverskaffers se bemarkingstrategieë en die tweede sosiale druk en aspirerende waarde. Saam verklaar die twee konstrukte waarom selfoondiensverskaffers wat laekostestrategieë volg, misluk. Daar is bevind dat demografiese faktore soos ouderdom, en sosiaal-ekonomiese faktore soos inkomste, aanneming beïnvloed. Volgens die bevindings word aanneming eweneens bepaal deur persoonlike faktore soos tegniese kennis, vermoë en vaardighede asook houding jeens tegnologie. Daar is bevind dat geografiese ligging die belangrikste remfaktor is. Die huidige selfoondatagebruik bevestig die geldigheid van die raamwerk. Die uitslag van datagebruik benadruk die feit dat byna 50% van die deelnemers aan die studie langer as vier uur per dag met hulle selfone doenig is, en dat deelnemers in Gauteng twee en half keer meer as deelnemers in die metropolitaanse munisipaliteite van Kaapstad en eThekwini aan selfoondienste bestee.Inhloso yalolu cwaningo bekuwukuthola izinto ezibalulekile ezichaza ukwamukelwa kwezinsiza zamadatha amaselula eNingizimu Afrika nokuzifaka ohlakeni oluchazayo olungasetshenziswa ukukhombisa ukuthi ngabe insiza entsha yedatha ethulwe emakethe yamaselula eNingizimu Afrika izophumelela. Ngaphezu kwalokho, kukhombisa ukuthi ukusetshenziswa kwamanje kwezinsiza zedatha yamaselula eNingizimu Afrika kuyalusekela uhlaka. Ucwaningo lusebenzise umklamu osuselwe ezindleleni zokwenza ezixubile. Ucwaningo lwenziwe kusetshenziswa ucwaningo lwezincwadi kanye nezigaba ezimbili zocwaningo. Ucwaningo lwezincwadi belungukubuyekezwa okubanzi kokwamukela kwenzinhlaka zobuchwepheshe kwezokuxhumana kanye nazo zonke izici ezingenzeka ukuthi zamukelwe. Lolu cwaningo lwezincwadi lusetshenzisiwe futhi ukuthuthukisa umqulu wezingxoxo osetshenziswe njengezinkombandlela zokuxoxisana nabantu besigaba 1. Izingxoxo ebezinazo bezingochwepheshe emakethe yezokuxhumana eNingizimu Afrika futhi zasetshenziselwa ukuthola izidingongqangi zokwamukelwa kanye nezici zokulingisanisa kwezinsiza zamadatha amaselula. Kulezo zingxoxo, kuphakanyiswe isifaniselo sokuqala. Isigaba 2 bekungukucwaningo lwezimakethe oluhlola uhlaka kanye nezici zokulinganisa ezindaweni ezahlukahlukene zedolobha kanye nokuhlola ukusetshenziswa kwamanje kwezinsiza zedatha yamaselula. Ukuhlaziywa kwezibalo okusetshenzisiwe ekunqumeni uhlaka lufake izibalo ezichazayo, ukuhlaziya izakhi, kusetshenziswa izisekelo eziyinhloko zokuphamba, kanye nesifaniselo sokulinganisa esihlelekile. Uhlaka, olwalususelwa kusifaniselo sokwamukela ubuchwepheshe, lwethule izakhiwo ezimbili ezintsha. Isakhiwo esisha sokuqala kwakungamacebo wokukhangisa wabahlinzeki bezinsiza zamaselula futhi owesibili kwakuyingcindezi yomphakathi nenani lesifiso. Lezi zakhiwo zombili ezihlanganisiwe zingasetshenziswa ukuchaza ukuthi kungani abahlinzeki bezinsizakalo zamaselula abanamasu ezindleko eziphansi bengaphumeleli. Izici ezithinta abantu ezinjengobudala zitholakele ukuthonya ukwamukelwa kanye nezici zezomnotho nezenhlalo ezifana nomholo. Izici ezithinta umuntu ngqo ezifana nolwazi lwezobuchwepheshe, ukwazi ukwenza kanye namakhono, nesimo sengqondo maqondana nezobuchwepheshe zatholakala zithonya ukwamukelwa. Indawo yendawo yatholakala njengesici sokulinganisa esibaluleke kakhulu. Ukusetshenziswa kwedatha yeselula yamanje kusekele uhlaka. Imiphumela yokusetshenziswa kwedatha igcizelele iqiniso lokuthi bacishe babe ngama-50% ababambe iqhaza kulolu cwaningo bachithe isikhathi esingaphezu kwamahora amane ngosuku bexhumana nemishini yabo yamaselula nokuthi ababambiqhaza abavela eGauteng bachithe izikhathi ezingaphezu kwezingu-2½ kuzinsiza zamaselula kunalabo bakwamanye amadolobha amakhulu aseKapa naseThekwini.Business ManagementD.B.L

Cyber defensive capacity and capability::A perspective from the financial sector of a small state

This thesis explores ways in which the financial sectors of small states are able todefend themselves against ever-growing cyber threats, as well as ways these states can improve their cyber defense capability in order to withstand current andfuture attacks. To date, the context of small states in general is understudied. This study presents the challenges faced by financial sectors in small states with regard to withstanding cyberattacks. This study applies a mixed method approach through the use of various surveys, brainstorming sessions with financial sector focus groups, interviews with critical infrastructure stakeholders, a literature review, a comparative analysis of secondary data and a theoretical narrative review. The findings suggest that, for the Aruban financial sector, compliance is important, as with minimal drivers, precautionary behavior is significant. Countermeasures of formal, informal, and technical controls need to be in place. This study indicates the view that defending a small state such as Aruba is challenging, yet enough economic indicators indicate it not being outside the realm of possibility. On a theoretical level, this thesis proposes a conceptual “whole-of-cyber” model inspired by military science and the VSM (Viable Systems Model). The concept of fighting power components and governance S4 function form cyber defensive capacity’s shield and capability. The “whole-of-cyber” approach may be a good way to compensate for the lack of resources of small states. Collaboration may be an only out, as the fastest-growing need will be for advanced IT skillsets