This paper investigates whether security headers are enforced to mitigate cyber-attacks in web-based systems in cyberspace. The security headers examined include X-Content-Type-Options, X-Frame-Options, Strict-Transpo...This paper investigates whether security headers are enforced to mitigate cyber-attacks in web-based systems in cyberspace. The security headers examined include X-Content-Type-Options, X-Frame-Options, Strict-Transport-Security, Referrer-Policy, Content-Security-Policy, and Permissions-Policy. The study employed a controlled experiment using a security header analysis tool. The web-based applications (websites) were analyzed to determine whether security headers have been correctly implemented. The experiment was iterated for 100 universities in Africa which are ranked high. The purposive sampling technique was employed to understand the status quo of the security headers implementations. The results revealed that 70% of the web-based applications in Africa have not enforced security headers in web-based applications. The study proposes a secure system architecture design for addressing web-based applications’ misconfiguration and insecure design. It presents security techniques for securing web-based applications through hardening security headers using automated threat modelling techniques. Furthermore, it recommends adopting the security headers in web-based applications using the proposed secure system architecture design.展开更多
Currently, the ICT put at our disposal is increasingly more powerful tools that can help increase citizen participation, transparency, and legitimacy in decision-making. We understand that these participation tools ca...Currently, the ICT put at our disposal is increasingly more powerful tools that can help increase citizen participation, transparency, and legitimacy in decision-making. We understand that these participation tools can break down into a set of tasks. In this dissertation, we review some of these tasks and how we can integrate them into a series of processes in public higher education institutions. By establishing the tasks, we can set up an online architecture for electronic participation and support for decision-making within the university community. One of the consolidated database architectures we have used for this study is MyUniversity-URJC. This proposal is achievable by utilizing the Universities’ technological infrastructure and, mainly, the digital culture of its users.展开更多
The three levels optimizing strategy is put forward for the networked manufacturing resources optimizing configuration, namely, the optimizing of a logical manufacturing process, the optimizing of simulation-based int...The three levels optimizing strategy is put forward for the networked manufacturing resources optimizing configuration, namely, the optimizing of a logical manufacturing process, the optimizing of simulation-based integration of process planning and scheduling, and the optimizing of networked production scheduling. Then, the web services-based architecture of networked manufacturing resources optimizing configuration is brought forward. Finally, the key algorithm of the networked manufacturing resources optimizing configuration is discussed, namely, the two phases manufacturing partners selection method, which including the group technology-based manufacturing resources pre-configuration and the genetic algorithm-based executable manufacturing process optimizing.展开更多
Cloud monitoring is of a source of big data that are constantly produced from traces of infrastructures,platforms, and applications. Analysis of monitoring data delivers insights of the system's workload and usage pa...Cloud monitoring is of a source of big data that are constantly produced from traces of infrastructures,platforms, and applications. Analysis of monitoring data delivers insights of the system's workload and usage pattern and ensures workloads are operating at optimum levels. The analysis process involves data query and extraction, data analysis, and result visualization. Since the volume of monitoring data is big, these operations require a scalable and reliable architecture to extract, aggregate, and analyze data in an arbitrary range of granularity. Ultimately, the results of analysis become the knowledge of the system and should be shared and communicated. This paper presents our cloud service architecture that explores a search cluster for data indexing and query. We develop REST APIs that the data can be accessed by different analysis modules. This architecture enables extensions to integrate with software frameworks of both batch processing(such as Hadoop) and stream processing(such as Spark) of big data. The analysis results are structured in Semantic Media Wiki pages in the context of the monitoring data source and the analysis process. This cloud architecture is empirically assessed to evaluate its responsiveness when processing a large set of data records under node failures.展开更多
文摘This paper investigates whether security headers are enforced to mitigate cyber-attacks in web-based systems in cyberspace. The security headers examined include X-Content-Type-Options, X-Frame-Options, Strict-Transport-Security, Referrer-Policy, Content-Security-Policy, and Permissions-Policy. The study employed a controlled experiment using a security header analysis tool. The web-based applications (websites) were analyzed to determine whether security headers have been correctly implemented. The experiment was iterated for 100 universities in Africa which are ranked high. The purposive sampling technique was employed to understand the status quo of the security headers implementations. The results revealed that 70% of the web-based applications in Africa have not enforced security headers in web-based applications. The study proposes a secure system architecture design for addressing web-based applications’ misconfiguration and insecure design. It presents security techniques for securing web-based applications through hardening security headers using automated threat modelling techniques. Furthermore, it recommends adopting the security headers in web-based applications using the proposed secure system architecture design.
文摘Currently, the ICT put at our disposal is increasingly more powerful tools that can help increase citizen participation, transparency, and legitimacy in decision-making. We understand that these participation tools can break down into a set of tasks. In this dissertation, we review some of these tasks and how we can integrate them into a series of processes in public higher education institutions. By establishing the tasks, we can set up an online architecture for electronic participation and support for decision-making within the university community. One of the consolidated database architectures we have used for this study is MyUniversity-URJC. This proposal is achievable by utilizing the Universities’ technological infrastructure and, mainly, the digital culture of its users.
基金This paper is supported by National High-Tech R&D Program for CIMS, China (Grant No. 2003AA411110) theNational Research Foundation for Doctoral Program of Higher Education, China (Grant No. 20040699025).
文摘The three levels optimizing strategy is put forward for the networked manufacturing resources optimizing configuration, namely, the optimizing of a logical manufacturing process, the optimizing of simulation-based integration of process planning and scheduling, and the optimizing of networked production scheduling. Then, the web services-based architecture of networked manufacturing resources optimizing configuration is brought forward. Finally, the key algorithm of the networked manufacturing resources optimizing configuration is discussed, namely, the two phases manufacturing partners selection method, which including the group technology-based manufacturing resources pre-configuration and the genetic algorithm-based executable manufacturing process optimizing.
基金supported by the Discovery grant No.RGPIN 2014-05254 from Natural Science&Engineering Research Council(NSERC),Canada
文摘Cloud monitoring is of a source of big data that are constantly produced from traces of infrastructures,platforms, and applications. Analysis of monitoring data delivers insights of the system's workload and usage pattern and ensures workloads are operating at optimum levels. The analysis process involves data query and extraction, data analysis, and result visualization. Since the volume of monitoring data is big, these operations require a scalable and reliable architecture to extract, aggregate, and analyze data in an arbitrary range of granularity. Ultimately, the results of analysis become the knowledge of the system and should be shared and communicated. This paper presents our cloud service architecture that explores a search cluster for data indexing and query. We develop REST APIs that the data can be accessed by different analysis modules. This architecture enables extensions to integrate with software frameworks of both batch processing(such as Hadoop) and stream processing(such as Spark) of big data. The analysis results are structured in Semantic Media Wiki pages in the context of the monitoring data source and the analysis process. This cloud architecture is empirically assessed to evaluate its responsiveness when processing a large set of data records under node failures.
