Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
Delivering software for the Cloud represents a challenge for both micro teams and Small Medium Enterprises (SMEs), in part due to the rapid release methods adopted and the numerous ways in which software defects can be detected. We study field defect detection rates in a framework where these rates are used to refocus in-house test resources. Using an enterprise dataset, we address the question of...
In this paper we present a case study of applying fitness dimensions in API design assessment. We argue that API assessment is company specific and should take into consideration various stakeholders in the API ecosystem. We identified new fitness dimensions and introduced the notion of design considerations for fitness dimensions such as priorities, tradeoffs, and technical versus cognitive classification.
A software defect that exposes a software system to a cyber security attack is known as a software vulnerability. A software security exploit is an engineered software solution that successfully exploits the vulnerability. Exploits are used to break into computer systems, but exploits are currently used also for security testing, security analytics, intrusion detection, consultation, and other legitimate...
Crowd testing has gained a great attention in recent years, for its cost-effectiveness, impartiality, diversity, and high device and configuration coverage. Still, a number of challenges hamper its full success, such as lack of standards, limited information on critical features coverage, duplicate defect management, inappropriate reword mechanisms. Our intuition is that combining crowd testing with...
Direct-to-consumer (DTC) genetic services refer to genetic tests sold directly to consumers via the Internet, television, and other marketing venues without involving healthcare providers such as physicians, genetic counselors, and other healthcare professionals. Companies such as 23andMe and Navigenics offer genetic tests using genome-wide technology direct to consumers over the Internet. Genetic...
Companies that provide web applications need to perform frequent regression testing because companies often encounter various security attacks and frequent feature update demands from users. Typically, such applications require regression testing processes that require minimal test effort because they have already been deployed and used in the field. In our previous work, we presented an efficient...
Web applications change and are upgraded frequently due to security attacks, feature updates, or user preference changes. These fixes often involve small patches or revisions, but still, testers need to perform regression testing on their products to ensure that the changes have not introduced new faults. Applying regression testing to the entire product, however, can be very expensive, and often,...
Vulnerability Assessment (VAS) is a process to search for any potential loopholes contain in a system that lead to compromise it. It is important to do VAS on the system to make sure that it will be safely release and not offer any illegitimate access that can affect availability, confidentiality and integrity of the system[1][12]. VAS can be done by out sourcing it to a third party or do it yourself...
A large number of non performing assets in financial institutions is an important reason for causation and deterioration of financial crisis. Asset securitization is considered the effective way to deal with NPA. The key issue of restricting securitization is the selection of NPA. Firstly this paper introduced definition and market players of asset securitization. Secondly, it put forward the principles...
It has caused a wider concern that what kind of influence has had on the performance of the company after the Non-tradable share reform. This paper takes 50 small and medium-sized board listed Companies companies as samples that had non-tradable share reformed in 2005, test the range of 5 years before and after the non-tradable share reform, and inspect the company's stock performance impact before...
This paper presents the development and commercialisation of a computerised, non-invasive psychological profiling system (named `Silent Talker'), for the analysis of nonverbal behaviour. Nonverbal signals hold rich information about mental, behavioural and/or physical states the detection of which would be beneficial in a wide variety of commercial domains, particularly deception detection and security...
Books and articles frequently exhort developers to build secure software by designing security in. A few large companies (most notably Microsoft) have completely reengineered their development process to include a focus on security. However, for all except the largest vendors, software security (or software assurance) is a relatively recent phenomenon, and one with an uncertain payoff. In this paper,...
Many emergent security threats which did not exist in the traditional telephony network are introduced in SIP VoIP services. To provide high-level security assurance to SIP VoIP services, an inter-domain authentication mechanism is defined in RFC 4474. However, this mechanism introduces another vulnerability: a timing attack which can be used for effectively revealing the calling history of a group...
In a real world, it is often in a group setting that sensitive information has to be stored in databases of a server. Although personal information does not need to be stored in a server, the secret information shared by group members is likely to be stored there. The shared sensitive information requires more security and privacy protection. To our best knowledge, there is no paper which deals with...
Technical analysis is aimed at devising trading rules capable of exploiting short-term fluctuations on the financial markets. The application of genetic programming (GP) as a means to automatically generate such trading rules on the stock markets has been studied. Computational results, based on historical pricing and transaction volume data, are reported for the thirty component stocks of the Dow...
Too often projects deliver software of which the quality is difficult to predict. Sometimes the project completion is delayed due to the continuous change of requirements while the software is still being built. The quality level must align with the company needs. It is extremely important that the planned benefits of an IT system are reached. When the benefits are not achieved it will cause much...
As the software industry continues to mature, software companies are realizing that they must dedicate more resources to quality assurance (QA) processes. But even though security testing as part of an overall QA process for products shipped to customers is starting to gain acceptance in the software industry as a necessity, the majority of software vendors pay little to no attention to the security...
Mean time-to-compromise is a comparative security metric that applies lessons learned from physical security. To address this need in the SCADA world specifically and the corporate IT security world more generally, we propose a mean time-to-compromise (MTTC) interval as an estimate of the time it will take for an attacker with a specific skill level to successfully impact a target system. We also...
In this paper we discuss the use cases for monitoring of Web services for compliance with policies and service level agreements. In particular, the quality of service associated with Web service interactions and its monitoring rely on the proper use by both parties of related Web service protocols. This monitoring is best served by an event-centric model and an extensible scripting language, such...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.