SCHOOL TEACHERS’ VIEWS TOWARDS THE EFFECTS OF A CRISIS ON CONFLICTS: THE CASE OF THE COVID-19 PANDEMIC

The investigation of conflicts and their management in primary school units emerges as extremely important, given that the educational process must be conducted within a positive working environment. This paper examines the phenomenon of conflict in primary schools at a time of crisis, the COVID-19 pandemic. This is for the reason that the above period is likely to have reshaped the relationships of cooperation and, by extension, the number, intensity and impact of the inevitable conflicts in social organizations such as schools. According to the research results, the school conflicts were found to concern existing issues prior to the pandemic and to a lesser extent reflected problems that arose as a result of health protection measures against the new coronavirus, the extensive use of ICT, distance teaching and the new conditions of organization and operation to which schools had to adapt. Also, they contributed decisively to the tackling of issues that emerged regarding the operation of the school as a consequence of the new health and social conditions. This finding demonstrates to school management that the crisis of the COVID-19 pandemic, just like any other crisis, in fact, takes on both negative and positive qualities.  Article visualizations

Κβαντικά Συστήματα με Συνδέσμους

Εθνικό Μετσόβιο Πολυτεχνείο--Μεταπτυχιακή Εργασία. Διεπιστημονικό-Διατμηματικό Πρόγραμμα Μεταπτυχιακών Σπουδών (Δ.Π.Μ.Σ.) “Φυσική και Τεχνολογικές Εφαρμογές

Beyond the Hype: On Using Blockchains in Trust Management for Authentication

Trust Management (TM) systems for authentication are vital to the security of online interactions, which are ubiquitous in our everyday lives. Various systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage trust in this setting. In recent years, blockchain technology has been introduced as a panacea to our security problems, including that of authentication, without sufficient reasoning, as to its merits.In this work, we investigate the merits of using open distributed ledgers (ODLs), such as the one implemented by blockchain technology, for securing TM systems for authentication. We formally model such systems, and explore how blockchain can help mitigate attacks against them. After formal argumentation, we conclude that in the context of Trust Management for authentication, blockchain technology, and ODLs in general, can offer considerable advantages compared to previous approaches. Our analysis is, to the best of our knowledge, the first to formally model and argue about the security of TM systems for authentication, based on blockchain technology. To achieve this result, we first provide an abstract model for TM systems for authentication. Then, we show how this model can be conceptually encoded in a blockchain, by expressing it as a series of state transitions. As a next step, we examine five prevalent attacks on TM systems, and provide evidence that blockchain-based solutions can be beneficial to the security of such systems, by mitigating, or completely negating such attacks.Comment: A version of this paper was published in IEEE Trustcom. http://ieeexplore.ieee.org/document/8029486

TRIDEnT: Building Decentralized Incentives for Collaborative Security

Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the defenders is critical. By correlating real-time detection information (alerts) from multiple sources (collaborative intrusion detection), defenders can detect attacks and take the appropriate defensive measures in time. However, although the technical tools to facilitate collaboration exist, real-world adoption of such collaborative security mechanisms is still underwhelming. This is largely due to a lack of trust and participation incentives for companies and organizations. This paper proposes TRIDEnT, a novel collaborative platform that aims to enable and incentivize parties to exchange network alert data, thus increasing their overall detection capabilities. TRIDEnT allows parties that may be in a competitive relationship, to selectively advertise, sell and acquire security alerts in the form of (near) real-time peer-to-peer streams. To validate the basic principles behind TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is of independent interest, and show that collaboration is bound to take place infinitely often. Furthermore, to demonstrate the feasibility of our approach, we instantiate our design in a decentralized manner using Ethereum smart contracts and provide a fully functional prototype.Comment: 28 page

New Approaches to Software Security Metrics and Measurements

Meaningful metrics and methods for measuring software security would greatly improve the security of software ecosystems. Such means would make security an observable attribute, helping users make informed choices and allowing vendors to ‘charge’ for it—thus, providing strong incentives for more security investment. This dissertation presents three empirical measurement studies introducing new approaches to measuring aspects of software security, focusing on Free/Libre and Open Source Software (FLOSS). First, to revisit the fundamental question of whether software is maturing over time, we study the vulnerability rate of packages in stable releases of the Debian GNU/Linux software distribution. Measuring the vulnerability rate through the lens of Debian stable: (a) provides a natural time frame to test for maturing behavior, (b) reduces noise and bias in the data (only CVEs with a Debian Security Advisory), and (c) provides a best-case assessment of maturity (as the Debian release cycle is rather conservative). Overall, our results do not support the hypothesis that software in Debian is maturing over time, suggesting that vulnerability finding-and-fixing does not scale and more effort should be invested in significantly reducing the introduction rate of vulnerabilities, e.g. via ‘security by design’ approaches like memory-safe programming languages. Second, to gain insights beyond the number of reported vulnerabilities, we study how long vulnerabilities remain in the code of popular FLOSS projects (i.e. their lifetimes). We provide the first, to the best of our knowledge, method for automatically estimating the mean lifetime of a set of vulnerabilities based on information in vulnerability-fixing commits. Using this method, we study the lifetimes of ~6 000 CVEs in 11 popular FLOSS projects. Among a number of findings, we identify two quantities of particular interest for software security metrics: (a) the spread between mean vulnerability lifetime and mean code age at the time of fix, and (b) the rate of change of the aforementioned spread. Third, to gain insights into the important human aspect of the vulnerability finding process, we study the characteristics of vulnerability reporters for 4 popular FLOSS projects. We provide the first, to the best of our knowledge, method to create a large dataset of vulnerability reporters (>2 000 reporters for >4 500 CVEs) by combining information from a number of publicly available online sources. We proceed to analyze the dataset and identify a number of quantities that, suitably combined, can provide indications regarding the health of a project’s vulnerability finding ecosystem. Overall, we showed that measurement studies carefully designed to target crucial aspects of the software security ecosystem can provide valuable insights and indications regarding the ‘quality of security’ of software. However, the road to good security metrics is still long. New approaches covering other important aspects of the process are needed, while the approaches introduced in this dissertation should be further developed and improved

Behavioral Factors Affecting the Acclimatization of Newly-Appointed Teachers in Primary Schools: An Empirical Investigation

Despite findings in the literature on its significance, the acclimatization of teachers into school units is not well organized. Hence, many newly appointed teachers fell as a “foreign body” into school, they do not interact with the other members of staff and they are not actively engaged in school life. This study aims to explore the factors involved in social behavior (collegial relations) among members of the educational community. These factors may affect the acclimatization/reception of teachers who, regardless of their teaching experience, are called to teach for the first time in a new school environment. According to the findings, it is essential the attitudes of teaching staff, in matters of cooperation, to be transformed and a collegial climate in schools to be established. To this end, fostering empathy among teachers through educational activities and enhancing opportunities for cooperation and teamwork inside and outside the classroom would be of significant contribution

M-STAR: A Modular, Evidence-based Software Trustworthiness Framework

Despite years of intensive research in the field of software vulnerabilities discovery, exploits are becoming ever more common. Consequently, it is more necessary than ever to choose software configurations that minimize systems' exposure surface to these threats. In order to support users in assessing the security risks induced by their software configurations and in making informed decisions, we introduce M-STAR, a Modular Software Trustworthiness ARchitecture and framework for probabilistically assessing the trustworthiness of software systems, based on evidence, such as their vulnerability history and source code properties. Integral to M-STAR is a software trustworthiness model, consistent with the concept of computational trust. Computational trust models are rooted in Bayesian probability and Dempster-Shafer Belief theory, offering mathematical soundness and expressiveness to our framework. To evaluate our framework, we instantiate M-STAR for Debian Linux packages, and investigate real-world deployment scenarios. In our experiments with real-world data, M-STAR could assess the relative trustworthiness of complete software configurations with an error of less than 10%. Due to its modular design, our proposed framework is agile, as it can incorporate future advances in the field of code analysis and vulnerability prediction. Our results point out that M-STAR can be a valuable tool for system administrators, regular users and developers, helping them assess and manage risks associated with their software configurations.Comment: 18 pages, 13 figure

Using System Dynamics to Improve the Marine Manpower of the Passenger Industry in Management Decisions

The Greek merchant fleet maintains a considerable proportion of the world shipping industry, being the largest one in the European Union. However, it needs competitive human resources management to achieve an efficient productivity. Nowadays, there is a quantitative and qualitative shortage of sea-going personnel, particularly in the highest ranks of the crew hierarchy. The picture becomes more dramatic since there are a very small number of new entries into the marine sector and the existing sea-manpower gradually abandons the seafaring profession. In this paper we attempt to define the variables which affect the quantity and quality of seafarers, then to present the elements that define the current trends of seafaring profession and finally to propose a system dynamics methodology for retaining the existing and qualified numbers of seamen, particularly in the passenger market

MCMix: Anonymous Messaging via Secure Multiparty Computation

We present ‘MCMix’, an anonymous messaging system that completely hides communication metadata and can scale in the order of hundreds of thousands of users. Our approach is to isolate two suitable functionalities, called dialing and conversation, that when used in succession realize anonymous messaging. With this as a starting point, we apply secure multiparty computation (``MC\u27\u27 or MPC) and proceed to realize them. We present an implementation using a prevalent MPC system (Sharemind) that is competitive in terms of latency with previous messaging systems that only offer much weaker privacy guarantees. Our solution can be instantiated in a variety of different ways with different MPC implementations, overall illustrating how MPC is a viable and competitive alternative to mix-nets and DC-nets for anonymous communication