VXA: A Virtual Architecture for Durable Compressed Archives

Data compression algorithms change frequently, and obsolete decoders do not always run on new hardware and operating systems, threatening the long-term usability of content archived using those algorithms. Re-encoding content into new formats is cumbersome, and highly undesirable when lossy compression is involved. Processor architectures, in contrast, have remained comparatively stable over recent decades. VXA, an archival storage system designed around this observation, archives executable decoders along with the encoded content it stores. VXA decoders run in a specialized virtual machine that implements an OS-independent execution environment based on the standard x86 architecture. The VXA virtual machine strictly limits access to host system services, making decoders safe to run even if an archive contains malicious code. VXA's adoption of a "native" processor architecture instead of type-safe language technology allows reuse of existing "hand-optimized" decoders in C and assembly language, and permits decoders access to performance-enhancing architecture features such as vector processing instructions. The performance cost of VXA's virtualization is typically less than 15% compared with the same decoders running natively. The storage cost of archived decoders, typically 30-130KB each, can be amortized across many archived files sharing the same compression method.Comment: 14 pages, 7 figures, 2 table

Securing Real-Time Internet-of-Things

Modern embedded and cyber-physical systems are ubiquitous. A large number of critical cyber-physical systems have real-time requirements (e.g., avionics, automobiles, power grids, manufacturing systems, industrial control systems, etc.). Recent developments and new functionality requires real-time embedded devices to be connected to the Internet. This gives rise to the real-time Internet-of-things (RT-IoT) that promises a better user experience through stronger connectivity and efficient use of next-generation embedded devices. However RT- IoT are also increasingly becoming targets for cyber-attacks which is exacerbated by this increased connectivity. This paper gives an introduction to RT-IoT systems, an outlook of current approaches and possible research challenges towards secure RT- IoT frameworks

SOFIA : software and control flow integrity architecture

Microprocessors used in safety-critical systems are extremely sensitive to software vulnerabilities, as their failure can lead to injury, damage to equipment, or environmental catastrophe. This paper proposes a hardware-based security architecture for microprocessors used in safety-critical systems. The proposed architecture provides protection against code injection and code reuse attacks. It has mechanisms to protect software integrity, perform control flow integrity, prevent execution of tampered code, and enforce copyright protection. We are the first to propose a mechanism to enforce control flow integrity at the finest possible granularity. The proposed architectural features were added to the LEON3 open source soft microprocessor, and were evaluated on an FPGA running a software benchmark. The results show that the hardware area is 28.2% larger and the clock is 84.6% slower, while the software benchmark has a cycle overhead of 13.7% and a total execution time overhead of 110% when compared to an unmodified processor

Securing the Elderly: A Developmental Approach to Hypermedia-Based Online Information Security for Senior Novice Computer Users

Whilst security threats to the general public continue to evolve, elderly computer users with limited skill and knowledge are left playing catch-up in an ever-widening gap in fundamental cyber-related comprehension. As a definable cohort, the elderly generally lack awareness of current security threats, and remain under-educated in terms of applying appropriate controls and safeguards to their computers and networking devices. This paper identifies that web-based computer security information sources do not adequately provide helpful information to senior citizen end-users in terms of both design and content

Changing the way we learn: towards agile learning and co-operation

This paper addresses the need for learning and competence development in industrial organizations. The people that enter professional organizations today are part of a gamer generation that have some or much experience with on-line games. Therefore they are more open to e-learning and in general more open to access anything on-line. At the same time industrial organizations experience a pressure on their ability to train employees faster due to the increase in complexity. We argue that games are not yet mature enough to support this training challenge as stand alone efforts. But games can support the training and competence development in a synchronized setup with other means

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy

Multimedia: Different Processes

The topic includes four main themes: (1) The Collaborative Work in Cloud Storage Services: The collaborative work is seen as a force for the individual and community. It, in the field of education, expresses the interaction among students of individual differences who work within collaborative aims and skills to achieve a specific aim. In addition, cloud storage predicts a tremendous change in the way information is stored and applications are run. That is, instead of storing information and running programs on PCs, everything will be hosted in a cloud that can be accessed anywhere and processed by addition or deletion collaboratively. (2) Computer- supported collaborative learning environment (CSCL): Collaborative learning is an umbrella term for a variety of educational approaches involving joint intellectual effort by students, or students and teachers together. It is based on the idea that learning is naturally a social act in which the participants talk among themselves. A group of students engaged in collaborative learning works together to achieve shared goals. (3) Mobile learning: Mobile learning is a term that has been used widely in different places all over the world. it has been encouraged to be used in higher education institutions because of a set of factors such as the availability of mobile phones, their ability to motivate students, and the freedom and privacy they provide to share information. Mobile learning is defined as E-learning that uses mobile devices or learning connected to a mobile device, Laouris & Eteokleous. (4) Open-Source Learning Management Systems: The integration of many Educational technologies in education have been widely promoted for their potential to enrich, enhance and extend student-learning experiences. Hence, pioneer educational establishments all over the world try to benefit of these technologies as much as possible to convey knowledge resources to both of the learner and teacher in least time, effort and cost. One of these educational technology tools which has been prominent in the field of education and technology integration is Learning Management Systems known as LMS

The seamless integration of Web3D technologies with university curricula to engage the changing student cohort

The increasing tendency of many university students to study at least some courses at a distance limits their opportunities for the interactions fundamental to learning. Online learning can assist but relies heavily on text, which is limiting for some students. The popularity of computer games, especially among the younger students, and the emergence of networked games and game-like virtual worlds offers opportunities for enhanced interaction in educational applications. For virtual worlds to be widely adopted in higher education it is desirable to have approaches to design and development that are responsive to needs and limited in their resource requirements. Ideally it should be possible for academics without technical expertise to adapt virtual worlds to support their teaching needs. This project identified Web3D, a technology that is based on the X3D standards and which presents 3D virtual worlds within common web browsers, as an approach worth exploring for educational application. The broad goals of the project were to produce exemplars of Web3D for educational use, together with development tools and associated resources to support non-technical academic adopters, and to promote an Australian community of practice to support broader adoption of Web3D in education. During the first year of the project exemplar applications were developed and tested. The Web3D technology was found to be still in a relatively early stage of development in which the application of standards did not ensure reliable operation in different environments. Moreover, ab initio development of virtual worlds and associated tools proved to be more demanding of resources than anticipated and was judged unlikely in the near future to result in systems that non-technical academics could use with confidence. In the second year the emphasis moved to assisting academics to plan and implement teaching in existing virtual worlds that provided relatively easy to use tools for customizing an environment. A project officer worked with participating academics to support the teaching of significant elements of courses within Second LifeTM. This approach was more successful in producing examples of good practice that could be shared with and emulated by other academics. Trials were also conducted with ExitRealityTM, a new Australian technology that presents virtual worlds in a web browser. Critical factors in the success of the project included providing secure access to networked computers with the necessary capability; negotiating the complexity of working across education, design of virtual worlds, and technical requirements; and supporting participants with professional development in the technology and appropriate pedagogy for the new environments. Major challenges encountered included working with experimental technologies that are evolving rapidly and deploying new networked applications on secure university networks. The project has prepared the way for future expansion in the use of virtual worlds for teaching at USQ and has contributed to the emergence of a national network of tertiary educators interested in the educational applications of virtual worlds

Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness