2,509 research outputs found
Spectrum auctions: designing markets to benefit the public, industry and the economy
Access to the radio spectrum is vital for modern digital communication. It is an essential component for smartphone capabilities, the Cloud, the Internet of Things, autonomous vehicles, and multiple other new technologies. Governments use spectrum auctions to decide which companies should use what parts of the radio spectrum. Successful auctions can fuel rapid innovation in products and services, unlock substantial economic benefits, build comparative advantage across all regions, and create billions of dollars of government revenues. Poor auction strategies can leave bandwidth unsold and delay innovation, sell national assets to firms too cheaply, or create uncompetitive markets with high mobile prices and patchy coverage that stifles economic growth. Corporate bidders regularly complain that auctions raise their costs, while government critics argue that insufficient revenues are raised. The cross-national record shows many examples of both highly successful auctions and miserable failures. Drawing on experience from the UK and other countries, senior regulator Geoffrey Myers explains how to optimise the regulatory design of auctions, from initial planning to final implementation. Spectrum Auctions offers unrivalled expertise for regulators and economists engaged in practical auction design or company executives planning bidding strategies. For applied economists, teachers, and advanced students this book provides unrivalled insights in market design and public management. Providing clear analytical frameworks, case studies of auctions, and stage-by-stage advice, it is essential reading for anyone interested in designing public-interested and successful spectrum auctions
Development of an Event Management Web Application For Students: A Focus on Back-end
Managing schedules can be challenging for students, with different calendars on various platforms leading to confusion and missed events. To address this problem, this thesis presents the development of an event management website designed to help students stay organized and motivated. With a focus on the application's back-end, this thesis explores the technology stack used to build the website and the implementation details of each chosen technology. By providing a detailed case study of the website development process, this thesis serves as a helpful resource for future developers looking to build their web applications
A BIM - GIS Integrated Information Model Using Semantic Web and RDF Graph Databases
In recent years, 3D virtual indoor and outdoor urban modelling has become an essential geospatial information framework for civil and engineering applications such as emergency response, evacuation planning, and facility management. Building multi-sourced and multi-scale 3D urban models are in high demand among architects, engineers, and construction professionals to achieve these tasks and provide relevant information to decision support systems. Spatial modelling technologies such as Building Information Modelling (BIM) and Geographical Information Systems (GIS) are frequently used to meet such high demands. However, sharing data and information between these two domains is still challenging. At the same time, the semantic or syntactic strategies for inter-communication between BIM and GIS do not fully provide rich semantic and geometric information exchange of BIM into GIS or vice-versa. This research study proposes a novel approach for integrating BIM and GIS using semantic web technologies and Resources Description Framework (RDF) graph databases. The suggested solution's originality and novelty come from combining the advantages of integrating BIM and GIS models into a semantically unified data model using a semantic framework and ontology engineering approaches. The new model will be named Integrated Geospatial Information Model (IGIM). It is constructed through three stages. The first stage requires BIMRDF and GISRDF graphs generation from BIM and GIS datasets. Then graph integration from BIM and GIS semantic models creates IGIMRDF. Lastly, the information from IGIMRDF unified graph is filtered using a graph query language and graph data analytics tools. The linkage between BIMRDF and GISRDF is completed through SPARQL endpoints defined by queries using elements and entity classes with similar or complementary information from properties, relationships, and geometries from an ontology-matching process during model construction. The resulting model (or sub-model) can be managed in a graph database system and used in the backend as a data-tier serving web services feeding a front-tier domain-oriented application. A case study was designed, developed, and tested using the semantic integrated information model for validating the newly proposed solution, architecture, and performance
Deep Learning meets Blockchain for Automated and Secure Access Control
Access control is a critical component of computer security, governing access
to system resources. However, designing policies and roles in traditional
access control can be challenging and difficult to maintain in dynamic and
complex systems, which is particularly problematic for organizations with
numerous resources. Furthermore, traditional methods suffer from issues such as
third-party involvement, inefficiency, and privacy gaps, making transparent and
dynamic access control an ongoing research problem. Moreover detecting
malicious activities and identifying users who are not behaving appropriately
can present notable difficulties. To address these challenges, we propose
DLACB, a Deep Learning Based Access Control Using Blockchain, as a solution to
decentralized access control. DLACB uses blockchain to provide transparency,
traceability, and reliability in various domains such as medicine, finance, and
government while taking advantage of deep learning to not rely on predefined
policies and eventually automate access control. With the integration of
blockchain and deep learning for access control, DLACB can provide a general
framework applicable to various domains, enabling transparent and reliable
logging of all transactions. As all data is recorded on the blockchain, we have
the capability to identify malicious activities. We store a list of malicious
activities in the storage system and employ a verification algorithm to
cross-reference it with the blockchain. We conduct measurements and comparisons
of the smart contract processing time for the deployed access control system in
contrast to traditional access control methods, determining the time overhead
involved. The processing time of DLBAC demonstrates remarkable stability when
exposed to increased request volumes.Comment: arXiv admin note: text overlap with arXiv:2303.1475
From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application?
Large Language Models (LLMs) have found widespread applications in various
domains, including web applications, where they facilitate human interaction
via chatbots with natural language interfaces. Internally, aided by an
LLM-integration middleware such as Langchain, user prompts are translated into
SQL queries used by the LLM to provide meaningful responses to users. However,
unsanitized user prompts can lead to SQL injection attacks, potentially
compromising the security of the database. Despite the growing interest in
prompt injection vulnerabilities targeting LLMs, the specific risks of
generating SQL injection attacks through prompt injections have not been
extensively studied. In this paper, we present a comprehensive examination of
prompt-to-SQL (PSQL) injections targeting web applications based on the
Langchain framework. Using Langchain as our case study, we characterize
PSQL injections, exploring their variants and impact on application
security through multiple concrete examples. Furthermore, we evaluate 7
state-of-the-art LLMs, demonstrating the pervasiveness of PSQL attacks
across language models. Our findings indicate that LLM-integrated applications
based on Langchain are highly susceptible to PSQL injection attacks,
warranting the adoption of robust defenses. To counter these attacks, we
propose four effective defense techniques that can be integrated as extensions
to the Langchain framework. We validate the defenses through an experimental
evaluation with a real-world use case application.Comment: 12 pages, 3 figures, 3 tables, 5 listing
- …