Search results
1 – 10 of over 36000Joe Garcia, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger and Roberto Maldonado
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software…
Abstract
Purpose
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.
Design/methodology/approach
An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.
Findings
Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.
Practical implications
A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.
Originality/value
Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
Details
Keywords
- Software development
- Blockchain
- Cybersecurity
- Operational flight program
- Secure development environment
- Secure virtual machine
- Zero trust
- Embedded systems
- Mission-critical systems
- OFP
- DevOps
- DevSecOps
- Software support activity
- SSA
- SDE
- Permissioned blockchain
- Cryptocurrency
- Time-limited authorization for developer action
- TADA
- Code signing
- Trusted software guard
- SGX
- Trusted eXecution technology
- TXT
- Trusted platform module
- Self-hosting
- Controlled access blockchain
- CABlock
- Role-based access control
- RBAC
Victoria Skoularidou and Diomidis Spinellis
Enumerates and compares a number of security‐enabling architectures for network clients. These architectures, either proposed as methodologies or currently implemented in software…
Abstract
Enumerates and compares a number of security‐enabling architectures for network clients. These architectures, either proposed as methodologies or currently implemented in software and/or hardware, are capable of protecting the client’s software integrity and its environment. The most important methodologies include the reference monitor model, firewalls, and virtual machines. Software implementations are the Java Sandbox, and the code signing concept. Hardware that can be used includes smart cards, and the TCPA/Palladium security initiative. Describes their most important features and provide a review and comparative study based on a number of criteria. Believes that ongoing research can empower these mechanisms for protecting network clients in a more effective way.
Details
Keywords
Ediz Saykol, Halit Talha Türe, Ahmet Mert Sirvanci and Mert Turan
The purpose of this paper to classify a set of Turkish sign language (TSL) gestures by posture labeling based finite-state automata (FSA) that utilize depth values in…
Abstract
Purpose
The purpose of this paper to classify a set of Turkish sign language (TSL) gestures by posture labeling based finite-state automata (FSA) that utilize depth values in location-based features. Gesture classification/recognition is crucial not only in communicating visually impaired people but also for educational purposes. The paper also demonstrates the practical use of the techniques for TSL.
Design/methodology/approach
Gesture classification is based on the sequence of posture labels that are assigned by location-based features, which are invariant under rotation and scale. Grid-based signing space clustering scheme is proposed to guide the feature extraction step. Gestures are then recognized by FSA that process temporally ordered posture labels.
Findings
Gesture classification accuracies and posture labeling performance are compared to k-nearest neighbor to show that the technique provides a reasonable framework for recognition of TSL gestures. A challenging set of gestures is tested, however the technique is extendible, and extending the training set will increase the performance.
Practical implications
The outcomes can be utilized as a system for educational purposes especially for visually impaired children. Besides, a communication system would be designed based on this framework.
Originality/value
The posture labeling scheme, which is inspired from keyframe labeling concept of video processing, is the original part of the proposed gesture classification framework. The search space is reduced to single dimension instead of 3D signing space, which also facilitates design of recognition schemes. Grid-based clustering scheme and location-based features are also new and depth values are received from Kinect. The paper is of interest for researchers in pattern recognition and computer vision.
Details
Keywords
Jason E. Taylor and Peter G. Klein
This paper explores the nature and causes of the cartel compliance crisis that befell the National Industrial Recovery Act (NIRA) one year after its passage in 1933. We employ a…
Abstract
This paper explores the nature and causes of the cartel compliance crisis that befell the National Industrial Recovery Act (NIRA) one year after its passage in 1933. We employ a simple game-theoretic model of the NIRA's cartel enforcement mechanism to show that the compliance crisis can largely be explained by changes in expectations, rather than a change in enforcement policy. Specifically, firms initially overestimated the probability that defection would be met with sanction by the cartel's enabling body, the National Recovery Administration – including a consumer boycott resulting from loss of the patriotic Blue Eagle emblem – and complied with the industry cartel rules. As these expectations were correctly adjusted downward, cartel compliance was lost. We support this hypothesis empirically with industry-level panel data showing how output and wage rates varied according to consumer confidence in the Blue Eagle. The analysis provides insight about cartel performance more generally.
Robert S. Perinbanayagam and E. Doyle McCarthy
Purpose – People do not just interact, with each other; rather, they engage with each other using the visual and verbal instrumentations of communication at their disposal…
Abstract
Purpose – People do not just interact, with each other; rather, they engage with each other using the visual and verbal instrumentations of communication at their disposal, constructing meaningful and intelligible conversations with differing degrees of precision of intention and clarity of expression. In doing this, they employ the “fundamental features of language,” described in various semiotic and structuralist theories.
Methodology – Here, we synthesize and integrate the key aspects of these language theories in an attempt to apply them to everyday conversations. The language features in question are routinely put into play by human agents to convey attitudes, emotions, opinions, and information and to achieve an engagement with the other.
Findings – Human relations, expansive in their range and intricate in their forms, demand complex instrumentations with which to conduct them. These instrumentations are essential features of the linguistic socialization of human agents, integral to both memory and habits of speech.
Details
Keywords
Leo Lo, Jason Coleman and Danielle Theiss
– The purpose of this paper is to gain insight into patrons' preferences for quick response code (QR code) design as well as data about their potential benefits.
Abstract
Purpose
The purpose of this paper is to gain insight into patrons' preferences for quick response code (QR code) design as well as data about their potential benefits.
Design/methodology/approach
A survey was used to learn whether patrons find it easy to use a QR code, to gather patrons' opinions about several possible library uses for QR codes, and to solicit additional ideas for using QR codes in libraries. A small-scale pilot project was implemented to learn whether the Libraries' patrons would make use of QR codes. To augment the data gained from the first two studies, five focus groups were facilitated.
Findings
The authors found that patrons generally find QR codes easy to use and would welcome a variety of library services on their mobile devices.
Research limitations/implications
Further studies on a variety of mobile devices would be a useful way to gain more insight into how libraries can take advantage of mobile communication to provide services to patrons.
Originality/value
This paper would appeal to academic libraries considering implementing QR codes projects as there are only a very limited number of studies on library users' preferences of QR codes.
Details
Keywords
Maria Ivanova-Gongne and Stefan Lång
This paper aims to investigate a company’s corporate social responsibility (CSR) communications in a business network with regard to the flow of critical events related to CSR.
Abstract
Purpose
This paper aims to investigate a company’s corporate social responsibility (CSR) communications in a business network with regard to the flow of critical events related to CSR.
Design/methodology/approach
The paper focuses on the drama that unfolded at a Nordic-based multinational corporation, Stora Enso, after a critical event related to CSR and the specific signs and codes applied by the company to justify its actions. To achieve the aims, the authors conducted a dramaturgical and semiotic analysis of the company’s corporate communications in connection with various actions prior to or following the major critical event.
Findings
The findings consist of a five-act drama that unfolded around certain CSR communication activities at the company. The authors followed the company’s shift in communication strategy as they were compelled to adopt a more responsive and involved approach. The results also show the roles of the various business network actors in shaping CSR communications.
Practical implications
This case has practical uses for providing the framework to create effective messages at different stages of the communication process related to a major CSR event.
Originality/value
The originality of the study lies in its application of a dramaturgical and semiotic approach to the analysis of CSR communication. It also contributes to the scarce literature on CSR communication within business networks.
Details
Keywords
This paper aims to examine how client requirements undergo representational and transformational shifts and changes in the design process and explore the consequence of such…
Abstract
Purpose
This paper aims to examine how client requirements undergo representational and transformational shifts and changes in the design process and explore the consequence of such changes.
Design/methodology/approach
A series of design resources relating to hospital departmental configurations are examined and analysed using a social semiotic framework. The findings are supplemented by practitioner opinion.
Findings
Construction project requirements are represented and transformed through semiotic resource use; such representations deliver specific meanings, make new meanings and affect project relationships. Requirement representations may be understood as socially motivated meaning-making resources.
Research limitations/implications
The paper focuses on one set of project requirements: hospital departmental configurations from a National Health Service hospital construction project in the UK.
Practical implications
The use of semiotic resources in briefing work fundamentally affects the briefing and design discourse between client and design teams; their significance should be noted and acknowledged as important.
Social implications
The findings of the paper indicate that briefing and design work may be understood as a social semiotic practice.
Originality/value
This original paper builds upon scholarly work in the area of construction project communications. Its fine-grained analysis of briefing communications around representations of specific requirements is novel and valuable.
Details
Keywords
Distress signalling according to generally accepted methods and codes has always been the main reason for human survival in sea disasters. Examines the origin of this type of…
Abstract
Distress signalling according to generally accepted methods and codes has always been the main reason for human survival in sea disasters. Examines the origin of this type of communication and its connection to natural senses and channels together with the alphabets, codes and special distress signals used at sea. Reviews the evolution and transformation of the old channels through the introduction of electronic communication, and the opening of some entirely new channels. Compares the different distress channels and makes some proposals concerning new distress signals.
Details