Gravity theory in SAP-geometry

The aim of the present paper is to construct a field theory in the context of absolute parallelism (Teleparallel) geometry under the assumption that the canonical connection is semi-symmetric. The field equations are formulated using a suitable Lagrangian first proposed by Mikhail and Wanas. The mathematical and physical consequences arising from the obtained field equations are investigated.Comment: 14 pages, References added and a reference updated, minor correction

The contingent factors that affect the use of performance measurement systems in the Egyptian medium and large sized manufacturing companies

EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Investigating the Impact of Supply Chain Practices on the Financial Performance of Active Firms in Egyptian stock Market

Managing supply chain is one of the big tasksfor enterprises with sustaining the competitive advantages that reflected intheir bottom-line financial figures. Therefore, this research aims at exploringthe impact of supply chain practices i.e. supply chain integration, complexitymanagement, aligning strategy and supply chain, IT with process improvement,and operational innovation on the financial performance i.e. Return onAssets (ROA) and Return of Equity (ROE) of different manufacturing companies inthe Egyptian market. Qualitative and quantitative approaches have been followedto use theories and literature to cover the supply chain concepts and practicesin order to test it empirically. In addition, research data was collected from98 managers who are representing 14 manufacturing companies, which areregistered in the market of Egypt Stock Exchange from the year 2005 to 2010. Inaddition, secondary data on financial performance of the participated companieswere obtained from their websites and/or other publications. Research findingsindicate a strong relationship between supply chain practices and bottom-lineprofits of an organization. In addition, the supply chain managers decrease theuse of large fixed assets such as plants, warehouses and transportationvehicles in the supply chain. Results yield useful insights to both academics,and corporate practitioners about the importance of synthesizing supply chainwith financial performance

Blindfold: Keeping Private Keys in PKIs and CDNs out of Sight

Public key infrastructure (PKI) is a certificate-based technology that helps in authenticating systems identities. HTTPS/TLS relies mainly on PKI to minimize fraud over the Internet. Nowadays, websites utilize CDNs to improve user experience, performance, and resilience against cyber attacks. However, combining HTTPS/TLS with CDNs has raised new security challenges. In any PKI system, keeping private keys private is of utmost importance. However, it has become the norm for CDN-powered websites to violate that fundamental assumption. Several solutions have been proposed to make HTTPS CDN-friendly. However, protection of private keys from the very instance of generation; and how they can be made secure against exposure by malicious (CDN) administrators and malware remain unexplored. We utilize trusted execution environments to protect private keys by never exposing them to human operators or untrusted software. We design Blindfold to protect private keys in HTTPS/TLS infrastructures, including CAs, website on-premise servers, and CDNs. We implemented a prototype to assess Blindfold's performance and performed several experiments on both the micro and macro levels. We found that Blindfold slightly outperforms SoftHSM in key generation by 1% while lagging by 0.01% for certificate issuance operations

An Observer-Based Key Agreement Scheme for Remotely Controlled Mobile Robots

Remotely controlled mobile robots are important examples of Cyber-Physical Systems (CPSs). Recently, these robots are being deployed in many safety critical applications. Therefore, ensuring their cyber-security is of paramount importance. Different control schemes that have been proposed to secure such systems against sophisticated cyber-attacks require the exchange of secret messages between their smart actuators and the remote controller. Thus, these schemes require pre-shared secret keys, or an established Public Key Infrastructure (PKI) that allows for key agreement. Such cryptographic approaches might not always be suitable for the deployment environments of such remotely mobile robots. To address this problem, in this paper, we consider a control theoretic approach for establishing a secret key between the remotely controlled robot and the networked controller without resorting to traditional cryptographic techniques. Our key agreement scheme leverages a nonlinear unknown input observer and an error correction code mechanism to allow the robot to securely agree on a secret key with its remote controller. To validate the proposed scheme, we implement it using a Khepera-IV differential drive robot and evaluate its efficiency and the additional control cost acquired by it. Our experimental results confirm the effectiveness of the proposed key establishment scheme.Comment: This preprint has been submitted to the 2023 IFAC World Congres

Linear Connections and Curvature Tensors in the Geometry of Parallelizable Manifolds

In this paper we discuss curvature tensors in the context of Absolute Parallelism geometry. Different curvature tensors are expressed in a compact form in terms of the torsion tensor of the canonical connection. Using the Bianchi identities some other identities are derived from the expressions obtained. These identities, in turn, are used to reveal some of the properties satisfied by an intriguing fourth order tensor which we refer to as Wanas tensor. A further condition on the canonical connection is imposed, assuming it is semi-symmetric. The formulae thus obtained, together with other formulae (Ricci tensors and scalar curvatures of the different connections admitted by the space) are calculated under this additional assumption. Considering a specific form of the semi-symmetric connection causes all nonvanishing curvature tensors to coincide, up to a constant, with the Wanas tensor. Physical aspects of some of the geometric objects considered are mentioned.Comment: 16 pages LaTeX file, Changed title, Changed content, Added references, Physical features stresse

Cryptanalysis of a quadratic knapsack cryptosystem

Wang and Hu [B. Wang and Y. Hu, Quadratic compact knapsack public-key cryptosystem, Comput. Math. Appl. 59 (1) (2010) 194–206] proposed a knapsack-type public-key cryptosystem by introducing an easy quadratic compact knapsack problem and then using the Chinese remainder theorem to disguise the easy knapsack instant. In this paper, we present a heuristic stereotyped message attack that allows the cryptanalyst to recover the plaintext message when partial information about the original message is known. In particular, as shown by our experiments, for the proposed system parameter n = 100 which corresponds to a block length of 400 bits, exposing 60% of the plaintext allows the cryptanalyst to recover the remaining 160 bits of the essage with a success probability of about 90% in about 2 hours

Measuring the Leakage and Exploitability of Authentication Secrets in Super-apps: The WeChat Case

We conduct a large-scale measurement of developers' insecure practices leading to mini-app to super-app authentication bypass, among which hard-coding developer secrets for such authentication is a major contributor. We also analyze the exploitability and security consequences of developer secret leakage in mini-apps by examining individual super-app server-side APIs. We develop an analysis framework for measuring such secret leakage, and primarily analyze 110,993 WeChat mini-apps, and 10,000 Baidu mini-apps (two of the most prominent super-app platforms), along with a few more datasets to test the evolution of developer practices and platform security enforcement over time. We found a large number of WeChat mini-apps (36,425, 32.8%) and a few Baidu mini-apps (112) leak their developer secrets, which can cause severe security and privacy problems for the users and developers of mini-apps. A network attacker who does not even have an account on the super-app platform, can effectively take down a mini-app, send malicious and phishing links to users, and access sensitive information of the mini-app developer and its users. We responsibly disclosed our findings and also put forward potential directions that could be considered to alleviate/eliminate the root causes of developers hard-coding the app secrets in the mini-app's front-end code.Comment: Accepted at RAID 2023: Symposium on Research in Attacks, Intrusions and Defense