Search results

Conversion to client/server systems from host‐centric systems can be accomplished with careful attention to planning and development procedures. A key component in a successful conversion is a customized definition of client/server which complements the organization’s mission. Another key component is the development of an infrastructure which includes hardware, software and people. The training of users and design personnel is crucial to successful conversion. Discusses definitions, strategies, hardware, software, and the pitfalls to be avoided.

In traditional point‐of‐sale (POS) systems, an in‐house database server processes all sales transactions it receives from local client computers. Such systems incur high costs because of operational requirements, such as professional maintenance, the sophisticated server hardware required, and scalability requirements. For small retailers that want to use POS systems but have relatively limited financial resources, these expensive operational requirements are big obstacles. Considering these issues, the purpose of this paper is to suggest a POS system that is adequate for small businesses.

Using a simulation method, the authors tested and compared the operational performance of POS systems in two different environments, i.e. the remote server‐client environment and the local server‐client environment.

One possible solution is for a group of small retailers to use a shared, remote database server, but such servers often have reliability and performance issues. To resolve these issues, the authors suggest a POS system that utilizes local data tables embedded in each client's computer. This system consists of a remote database server and a group of client POS computers with off‐line data‐handling capabilities. The results indicated that it is possible for small businesses to obtain significant benefits from an affordable POS system based on a remote client‐server model that utilizes a local data cache.

The results of this study indicated that small businesses may obtain significant benefit from the affordable POS systems based on a remote client‐server model that utilizes a local data cache.

The literature lacks studies on small businesses' accessibility to POS systems. The study fills this literature gap and shows a technological solution to provide affordable POS systems to small businesses, which have not been paid much attention by POS vendors.

The nature of information retrieval applications, the Z39.50 protocol, and its relationship to other OSI protocols are described. Through Z39.50 a client system views a remote server's database as an information resource, not merely a collection of data. Z39.50 allows a client to build queries in terms of logical information elements supported by the server. It also provides a framework for transmitting queries, managing results, and controlling resources. Sidebars describe the Z39.50 Implementors Group, the Z39.50 Maintenance Agency, and international standards for OSI library application protocols.

The aim of the research is modelling and implementation of a client application that enables parallel search and retrieval of bibliographic records from multiple servers. The client application supports simultaneous communication over Z39.50 and SRW/SRU protocols. The application design is flexible and later addition of other communication protocols for search/retrieval is envisioned and supported.

Object‐oriented approach has been used for modelling and implementation of client application. CASE tool, Sybase PowerDesigner, supporting Unified Modelling Language (UML 2.0), was used for modelling. Java programming language and Eclipse environment were used for implementation.

The result of the research is a client application that enables parallel search and retrieval of multiple Z39.50 and SRW/SRU servers. Additionally, the application supports conversion from type‐1 query language, defined by Z39.50 standard, to CQL query language required for search/retrieval from SRW/SRU servers. The application was verified by performing parallel search and retrieval from several publicly accessible Z39.50 and SRW/SRU servers.

The application supports only the use of bib‐1 attribute set for type‐1 queries created according to Z39.50 standard. Hence, only such queries can be converted to CQL notation. The use of other attribute sets is not supported.

The client application is integrated into the BISIS software system, version 4. This enables the cataloguing of bibliographic records retrieved over Z39.50 and SRW/SRU protocol.

The contribution of this work is in client application architecture that enables parallel communication with multiple servers, which can use different communication protocols, Z39.50 or SRW/SRU. Search/retrieval from servers using some other protocol is also supported. This can be achieved by adding new classes that implement protocol specification, and classes for query transformation into notation required by that new protocol, if required.

The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud-based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third-party applications revocable access to user data. OAuth has rapidly become an interim de facto standard for protecting access to web API data. Vendors have implemented OAuth before the open standard was officially published. To evaluate whether the OAuth 2.0 specification is truly ready for industry application, an entire OAuth client server environment was developed and validated against the speciation threat model. The research also included the analysis of the security features of several popular OAuth integrated websites and comparing those to the threat model. High-impacting exploits leading to account hijacking were identified with a number of major online publications. It is hypothesised that the OAuth 2.0 specification can be a secure authorisation mechanism when implemented correctly.

To analyse the security of OAuth implementations in industry a list of the 50 most popular websites in Ireland was retrieved from the statistical website Alexa (Noureddine and Bashroush, 2011). Each site was analysed to identify if it utilised OAuth. Out of the 50 sites, 21 were identified with OAuth support. Each vulnerability in the threat model was then tested against each OAuth-enabled site. To test the robustness of the OAuth framework, an entire OAuth environment was required. The proposed solution would compose of three parts: a client application, an authorisation server and a resource server. The client application needed to consume OAuth-enabled services. The authorisation server had to manage access to the resource server. The resource server had to expose data from the database based on the authorisation the user would be given from the authorisation server. It was decided that the client application would consume emails from Google’s Gmail API. The authorisation and resource server were modelled around a basic task-tracking web application. The client application would also consume task data from the developed resource server. The client application would also support Single Sign On for Google and Facebook, as well as a developed identity provider “MyTasks”. The authorisation server delegated authorisation to the client application and stored cryptography information for each access grant. The resource server validated the supplied access token via public cryptography and returned the requested data.

Two sites out of the 21 were found to be susceptible to some form of attack, meaning that 10.5 per cent were vulnerable. In total, 18 per cent of the world’s 50 most popular sites were in the list of 21 OAuth-enabled sites. The OAuth 2.0 specification is still very much in its infancy, but when implemented correctly, it can provide a relatively secure and interoperable authentication delegation mechanism. The IETF are currently addressing issues and expansions in their working drafts. Once a strict level of conformity is achieved between vendors and vulnerabilities are mitigated, it is likely that the framework will change the way we access data on the web and other devices.

OAuth is flexible, in that it offers extensions to support varying situations and existing technologies. A disadvantage of this flexibility is that new extensions typically bring new security exploits. Members of the IETF OAuth Working Group are constantly refining the draft specifications and are identifying new threats to the expanding functionality. OAuth provides a flexible authentication mechanism to protect and delegate access to APIs. It solves the password re-use across multiple accounts problem and stops the user from having to disclose their credentials to third parties. Filtering access to information by scope and giving the user the option to revoke access at any point gives the user control of their data. OAuth does raise security concerns, such as defying phishing education, but there are always going to be security issues with any authentication technology. Although several high impacting vulnerabilities were identified in industry, the developed solution proves the predicted hypothesis that a secure OAuth environment can be built when implemented correctly. Developers must conform to the defined specification and are responsible for validating their implementation against the given threat model. OAuth is an evolving authorisation framework. It is still in its infancy, and much work needs to be done in the specification to achieve stricter validation and vendor conformity. Vendor implementations need to become better aligned in order to provider a rich and truly interoperable authorisation mechanism. Once these issues are resolved, OAuth will be on track for becoming the definitive authentication standard on the web.

Spatial messaging is a direct extension to text and other multi‐media messaging services that have become highly popular with the current pervasiveness of mobile communication. It offers benefits especially to mobile computing, providing localized and therefore potentially more appropriate delivery of nearly arbitrary content. Location is one of the most interesting attributes that can be added to messages in current applications, including gaming, social networking, or advertising services. However, location is also highly critical in terms of privacy. If a spatial messaging platform could collect the location traces of all its users, detailed profiling would be possible – and, considering commercial value of such profiles, likely. The purpose of this paper is to present Air‐Writing, an approach to spatial messaging that fully preserves user privacy while offering global scalability, different client interface options, and flexibility in terms of application areas.

The authors contribute both an architecture and a specific implementation of an attribute‐based messaging platform with special support for spatial messaging and rich clients for J2ME, Google Android, and Apple iPhone. The centralized client/server approach utilizes groups for anonymous message retrieval and client caching and filtering, as well as randomized queries for obscuring traces.

Two user studies with 26 users show that the overall concept is easily understandable and that it seems useful to end‐users. An analysis of real‐world and simulated location traces shows that user privacy can be ensured, but with a trade‐off between privacy protection and consumed network resources.

Air‐Writing, both as an architectural concept and as a specific implementation, are immediately applicable to practical, globally scalable, private group messaging systems. A publicly available messaging platform is already online as beta version at http://airwriting.com Originality/value – Air‐Writing addresses three concerns: flexibility concerning arbitrary messaging applications, user privacy, and global scalability of the associated web service. To the best of the authors' knowledge, previous approaches focus on at most two of these issues, while the authors' approach allows all three requirements to be fulfilled.

Aims to provide the reasons why libraries might consider using a thin client architecture for library public workstations.

A summary of the main features of thin clients.

This article provides an overview of terminal services: what it is, how it works, and its benefits.

This paper is useful for information management professionals who seek greater understanding of thin client architecture implementations in libraries.

The purpose of this paper is to propose the use of priority‐based incentives for collaborative hiding of confidential information in dynamic environments, such as self‐organized networks, peer‐to‐peer systems, pervasive and grid computing applications.

The paper documents the necessity of ISSON (Incentives for Secret‐sharing in Self‐Organised Networks); it provides functional and technical details on the proposed architecture; and, it assesses its feasibility in mobile ad‐hoc networks through real experiments. The paper elaborates on the availability of the hidden information through an analytical framework.

Through the real experiments, ISSON was found to be efficient in terms of communication and processing costs. Additionally, it avoids collusions for unauthorized revealing of the hidden information, and ensures the unlinkability and availability of the secret when it is divided and stored to peers.

The proposed, incentive‐based, privacy enforcement architecture is novel and applies to distributed, dynamic, and self‐configured computing environments.

While most automation suppliers are willing to follow the technology trend and build products in order to stay current with market demand, the truly innovative and entrepreneurial company is setting expectations and providing forward‐thinking solutions for its customers. Blindly shifting all development resources into a client/server solution without fully understanding the longevity and future implications of the technology will ultimately lead to accelerated obsolescence, a short‐term customer base, and, finally, failure to forge long‐term partnerships with customers. Having almost 20 years of experience providing long‐term solutions and strong partnerships with its customers, the author believes that Innovative Interfaces has been able to look beyond the current technology and anticipate the needs of the future. A current example of the foresight and evolutionary approach to the introduction of new technology is demonstrated through Innovative's client/server architecture. To ensure that every INNOPAC customer has a system that can continue to grow and remain current into the next century, Innovative has introduced INNOPAC Millennium and is redefining client/server expectations.

client/server(C/S) systems have revolutionized the systems development approach. Among the drivers of the C/S systems is the lower price/performance ratio compared to the mainframe‐based transaction processing systems. Data mining is a process of identifying patterns in corporate transactional and operational databases (also called data warehouses). As most Fortune 500 companies are moving quickly towards the client server systems, it is increasingly becoming important that a data mining approaches should be adapted for C/S systems. In the current paper, we describe different data mining approaches that are used in the C/S systems.