Presentation that discuss the general security aspects and threats to social networking users. A brief overview of Social Network history amd statistics is also provided. This presentation took place at Campus Party Brasil, on January 2010.
LibreSocial - P2P Framework for Social Networks - OverviewKalman Graffi
Digital social networks promise to activate the social participants and to support them in their interactivity patterns. Private relationships evolve to friendships, professional contacts define competence networks and political opinions emerge to revolutionary trends. Social networks often act as driving force to intensify the social and global relationships.
In future, using the „Peer-to-Peer Framework for Social Networks“ everybody may host easily and out-of-the-box his personal online social network, without operating costs and without security risks. The framework offers a large set of interactive apps, which can be are freely combinable and technically limitless in their applicability.
The operating costs for such a social network are a revolutionary: no expenses arise. Whether a network for 10 users or for a global network of Millions of users, one aspect is common: due to the peer-to-peer technology used, no expenses arise. Researchers led by Dr.-Ing. Kalman Graffi at the University of Paderborn combined in the framework the advantages of decentralized peer-to-peer applications, of an app market as well as the cloud principle.
The social network is maintained in a peer-to-peer fashion through the computational power of the users’ devices, expensive servers are not needed. Still the availability, retrievability and security of the users‘ data are guaranteed. Each user keeps total control on the access control rights of his data. Similar to the main property of the cloud, the network’s capabilities grow elastically with the number of users. Further plugins can be developed easily. An app market that is included allows to provide these plugins in order to extend the capabilities and applications in the social network on the fly.
Enormous application opportunities without operating costs are the main reason to use the „P2P Framework for Social Networks“ emphasize the researchers of the corresponding project group at the University of Paderborn. The software as a prototype is already in use. Contact us for more information.
My keynote at 1st International Workshop on Social Multimedia Computing (SMC), Melbourne, Australia, 9 July 2012.
see: http://www.icme2012.org or
http://smc2012.idm.pku.edu.cn/
LibreSocial - P2P Framework for Social Networks - OverviewKalman Graffi
Digital social networks promise to activate the social participants and to support them in their interactivity patterns. Private relationships evolve to friendships, professional contacts define competence networks and political opinions emerge to revolutionary trends. Social networks often act as driving force to intensify the social and global relationships.
In future, using the „Peer-to-Peer Framework for Social Networks“ everybody may host easily and out-of-the-box his personal online social network, without operating costs and without security risks. The framework offers a large set of interactive apps, which can be are freely combinable and technically limitless in their applicability.
The operating costs for such a social network are a revolutionary: no expenses arise. Whether a network for 10 users or for a global network of Millions of users, one aspect is common: due to the peer-to-peer technology used, no expenses arise. Researchers led by Dr.-Ing. Kalman Graffi at the University of Paderborn combined in the framework the advantages of decentralized peer-to-peer applications, of an app market as well as the cloud principle.
The social network is maintained in a peer-to-peer fashion through the computational power of the users’ devices, expensive servers are not needed. Still the availability, retrievability and security of the users‘ data are guaranteed. Each user keeps total control on the access control rights of his data. Similar to the main property of the cloud, the network’s capabilities grow elastically with the number of users. Further plugins can be developed easily. An app market that is included allows to provide these plugins in order to extend the capabilities and applications in the social network on the fly.
Enormous application opportunities without operating costs are the main reason to use the „P2P Framework for Social Networks“ emphasize the researchers of the corresponding project group at the University of Paderborn. The software as a prototype is already in use. Contact us for more information.
My keynote at 1st International Workshop on Social Multimedia Computing (SMC), Melbourne, Australia, 9 July 2012.
see: http://www.icme2012.org or
http://smc2012.idm.pku.edu.cn/
People tempt to transfer their natural needs feeling and behaviors from the off line communication to the online world. One of the most important human needs is desire for security. Emotional, physical, mental, national, social, cyber: security has various levels and meanings.
Our lecture about Security on Social networks was presented to Students of Faculty of Social Science at Charles University. It covers issues connected to the cybercrime, threats and mechanism of scams, as well as privacy and security settings on Social Networks
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Kiran K.V.S.
• Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users.
• While OSNs allow users to restrict access to shared data, they currently do not provide any mechanism to enforce privacy concerns over data associated with multiple users.
• To this end, we propose an approach to enable the protection of shared data associated with multiple users in OSNs.
• We formulate an access control model to capture the essence of multiparty authorization requirements, along with a multiparty policy specification scheme and a policy enforcement mechanism.
bulk ieee projects in pondicherry,ieee projects in pondicherry,final year ieee projects in pondicherry
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
These is the slide deck I used during my talk at Software Architect about how using architecture in order to create maintainable, secure and fast mobile applications.
Building Secure Open & Distributed Social NetworksHenry Story
How to Build Open Distributed Social Networks with no central point of control. Displays an OpenSource application that can browse and edit that network. Shows how it works, how it can do simple firewall based security. It then looks at how to add fine grained security in such a network that would be equivalent to Social Networking applications such as LinkedIn or Facebook.
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
Ana Kukec, Lead Enterprise Security Consultant, Enterprise Architects, Australia
The Open Group Architecture Forum and Security Forum agree that the coverage of security in TOGAF should be updated and improved. The understanding and focus of security architecture has moved from a threat-driven approach of addressing non-normative flaws through systems and applications to a risk-driven and business outcome-focused methodology of enabling a business strategy.
Following this trend, we defined fundamental characteristics of effective security architecture. 1) Capabilities are primary assets at risk, while information systems and technology components are secondary assets at risk supporting the primary assets. 2) Security requirements include the business aspects and not only the technology aspects of confidentiality, integrity and availability. 3) IT risk management is business-opportunity-driven. It requires understanding of risk appetite across business, information systems and technology architecture to manage security risks of vulnerabilities and compliance issues, which may arise at any layer of enterprise architecture in a business-outcome-focused way. 4) Security services are aligned to business drivers, goals and objectives, and managed in a risk-driven way.
Yet, there is no single security architecture development methodology to deliver these characteristics. We believe that existing information security standards and frameworks in a combination with the TOGAF are sufficient to meet the aforementioned fundamental characteristics of effective security architecture. However the challenge is in their integration. Our Enterprise Security Architecture Framework integrates key industry standards and best practices for information security and risk management, such as COBIT 5 for Information Security, ITILv3 Security Service Management, ISO/IEC 27000 and ISO/IEC 31000 families of standards, using the TOGAF Architecture Development Method and Content Meta-model as the key integrators. It is a pragmatic security architecture framework which establishes a common language between IT, security, risk and business organisations within an enterprise and ensures effective and efficient support of long-term security needs of both business and IT, with a risk-driven enterprise as a final outcome.
We will present a case study of the implementation of the aforementioned business-outcome-focused and risk-driven Enterprise Security Architecture Framework at the University of New South Wales.
Key takeaways:
-- Overview of a risk-driven and business-outcome-focused security architecture methodology seamlessly integrated with the TOGAF
-> Security strategic planning
-> Enterprise-wide compliance, internal (policies and standards) and external (laws and regulations
-> Business-opportunity driven management of security risk of threats, vulnerabilities and compliance issues across business, information systems and technology architecture
HD version: http://1drv.ms/1eR5OQf
This is my publication on how the integration of the TOGAF Enterprise Architecture framework, the SABSA Enterprise Security Architecture framework, and Information Governance discipline add up to a robust and successful Information Security Management Program.
Palestra no evento Advocacia 4.0 (OAB RJ) - Como se proteger na internet: cuidados com a segurança no exercício da advocacia
Os ciber criminosos estão aproveitando a epidemia do novo Coronavírus para espalhar mais golpes pela Internet. Nesse bate-papo vamos falar sobre os principais golpes e fraudes online que estão acontecendo atualmente, muitos dos quais aproveitando o tema da pandemia e nossa fragilidade durante o isolamento social. Esperamos ajudar todas e todos a se proteger desses golpes, identificar notícias falsas e ajudar os parentes no grupo da família.
Fatos, mitos e palpites do cenário de segurança pós-pandemiaAnchises Moraes
Palestra apresentada no evento Security Summit Vitoria 2021, em 10/07/2021.
A pandemia do novo Coronavírus trouxe grande impacto para a vida de todos e para os negócios. O mesmo se passou com a ciber segurança, graças principalmente a mudança repentina do ambiente de trabalho para o home office, além dos ataques direcionados que surgiram nesse período, explorando temas e preocupações relacionados ao combate a pandemia.
Com a possibilidade de controle da pandemia de COVID, a sociedade vive na expectativa de retorno a normalidade. Mas como seria esse “novo normal” do ponto de vista da segurança cibernética? Vamos consultar nossa bola de cristal e os livros de história para juntar percepções e perspectivas de um cenário pós-pandêmico.
Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical assessment of the 2019 Capital One data breach, illustrating the technical modus operandi of the attack and identify related compliance requirements based on the NIST Cybersecurity Framework. Attendees will learn the unexpected impact of corporate culture on overall cyber security posture.
This talk was presented at RSA Conference 2021 (Session RMG-T15) on May 18, 2021.
Original paper available for download at SSRN: Novaes Neto, Nelson and Madnick, Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (28/04/2020). https://ssrn.com/abstract=3570138
People tempt to transfer their natural needs feeling and behaviors from the off line communication to the online world. One of the most important human needs is desire for security. Emotional, physical, mental, national, social, cyber: security has various levels and meanings.
Our lecture about Security on Social networks was presented to Students of Faculty of Social Science at Charles University. It covers issues connected to the cybercrime, threats and mechanism of scams, as well as privacy and security settings on Social Networks
Multiparty Access Control For Online Social Networks : Model and Mechanisms.Kiran K.V.S.
• Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users.
• While OSNs allow users to restrict access to shared data, they currently do not provide any mechanism to enforce privacy concerns over data associated with multiple users.
• To this end, we propose an approach to enable the protection of shared data associated with multiple users in OSNs.
• We formulate an access control model to capture the essence of multiparty authorization requirements, along with a multiparty policy specification scheme and a policy enforcement mechanism.
bulk ieee projects in pondicherry,ieee projects in pondicherry,final year ieee projects in pondicherry
Nexgen Technology Address:
Nexgen Technology
No :66,4th cross,Venkata nagar,
Near SBI ATM,
Puducherry.
Email Id: praveen@nexgenproject.com.
www.nexgenproject.com
Mobile: 9751442511,9791938249
Telephone: 0413-2211159.
NEXGEN TECHNOLOGY as an efficient Software Training Center located at Pondicherry with IT Training on IEEE Projects in Android,IEEE IT B.Tech Student Projects, Android Projects Training with Placements Pondicherry, IEEE projects in pondicherry, final IEEE Projects in Pondicherry , MCA, BTech, BCA Projects in Pondicherry, Bulk IEEE PROJECTS IN Pondicherry.So far we have reached almost all engineering colleges located in Pondicherry and around 90km
These is the slide deck I used during my talk at Software Architect about how using architecture in order to create maintainable, secure and fast mobile applications.
Building Secure Open & Distributed Social NetworksHenry Story
How to Build Open Distributed Social Networks with no central point of control. Displays an OpenSource application that can browse and edit that network. Shows how it works, how it can do simple firewall based security. It then looks at how to add fine grained security in such a network that would be equivalent to Social Networking applications such as LinkedIn or Facebook.
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
Ana Kukec, Lead Enterprise Security Consultant, Enterprise Architects, Australia
The Open Group Architecture Forum and Security Forum agree that the coverage of security in TOGAF should be updated and improved. The understanding and focus of security architecture has moved from a threat-driven approach of addressing non-normative flaws through systems and applications to a risk-driven and business outcome-focused methodology of enabling a business strategy.
Following this trend, we defined fundamental characteristics of effective security architecture. 1) Capabilities are primary assets at risk, while information systems and technology components are secondary assets at risk supporting the primary assets. 2) Security requirements include the business aspects and not only the technology aspects of confidentiality, integrity and availability. 3) IT risk management is business-opportunity-driven. It requires understanding of risk appetite across business, information systems and technology architecture to manage security risks of vulnerabilities and compliance issues, which may arise at any layer of enterprise architecture in a business-outcome-focused way. 4) Security services are aligned to business drivers, goals and objectives, and managed in a risk-driven way.
Yet, there is no single security architecture development methodology to deliver these characteristics. We believe that existing information security standards and frameworks in a combination with the TOGAF are sufficient to meet the aforementioned fundamental characteristics of effective security architecture. However the challenge is in their integration. Our Enterprise Security Architecture Framework integrates key industry standards and best practices for information security and risk management, such as COBIT 5 for Information Security, ITILv3 Security Service Management, ISO/IEC 27000 and ISO/IEC 31000 families of standards, using the TOGAF Architecture Development Method and Content Meta-model as the key integrators. It is a pragmatic security architecture framework which establishes a common language between IT, security, risk and business organisations within an enterprise and ensures effective and efficient support of long-term security needs of both business and IT, with a risk-driven enterprise as a final outcome.
We will present a case study of the implementation of the aforementioned business-outcome-focused and risk-driven Enterprise Security Architecture Framework at the University of New South Wales.
Key takeaways:
-- Overview of a risk-driven and business-outcome-focused security architecture methodology seamlessly integrated with the TOGAF
-> Security strategic planning
-> Enterprise-wide compliance, internal (policies and standards) and external (laws and regulations
-> Business-opportunity driven management of security risk of threats, vulnerabilities and compliance issues across business, information systems and technology architecture
HD version: http://1drv.ms/1eR5OQf
This is my publication on how the integration of the TOGAF Enterprise Architecture framework, the SABSA Enterprise Security Architecture framework, and Information Governance discipline add up to a robust and successful Information Security Management Program.
Palestra no evento Advocacia 4.0 (OAB RJ) - Como se proteger na internet: cuidados com a segurança no exercício da advocacia
Os ciber criminosos estão aproveitando a epidemia do novo Coronavírus para espalhar mais golpes pela Internet. Nesse bate-papo vamos falar sobre os principais golpes e fraudes online que estão acontecendo atualmente, muitos dos quais aproveitando o tema da pandemia e nossa fragilidade durante o isolamento social. Esperamos ajudar todas e todos a se proteger desses golpes, identificar notícias falsas e ajudar os parentes no grupo da família.
Fatos, mitos e palpites do cenário de segurança pós-pandemiaAnchises Moraes
Palestra apresentada no evento Security Summit Vitoria 2021, em 10/07/2021.
A pandemia do novo Coronavírus trouxe grande impacto para a vida de todos e para os negócios. O mesmo se passou com a ciber segurança, graças principalmente a mudança repentina do ambiente de trabalho para o home office, além dos ataques direcionados que surgiram nesse período, explorando temas e preocupações relacionados ao combate a pandemia.
Com a possibilidade de controle da pandemia de COVID, a sociedade vive na expectativa de retorno a normalidade. Mas como seria esse “novo normal” do ponto de vista da segurança cibernética? Vamos consultar nossa bola de cristal e os livros de história para juntar percepções e perspectivas de um cenário pós-pandêmico.
Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical assessment of the 2019 Capital One data breach, illustrating the technical modus operandi of the attack and identify related compliance requirements based on the NIST Cybersecurity Framework. Attendees will learn the unexpected impact of corporate culture on overall cyber security posture.
This talk was presented at RSA Conference 2021 (Session RMG-T15) on May 18, 2021.
Original paper available for download at SSRN: Novaes Neto, Nelson and Madnick, Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (28/04/2020). https://ssrn.com/abstract=3570138
Vamos caçar bugs?!
O Bug Bounty na estratégia de DevSecOps
Mesmo as melhores práticas de qualidade, segurança e DevSecOps conseguem garantir que um código estará livre de bugs. Por isso, empresas investem em capacitação, tecnologia e serviços para apoiar na validação de segurança durante o ciclo de desenvolvimento de software. Nesta palestra vamos discutir, do ponto de vista das empresas, a importância dos programas de recompensas por bugs (Bug Bounty) e seu papel dentro da estratégia de DevSecOps. Vamos conhecer as vantagens e desafios de implementar um programa de Bug Bounty nas empresas.
Palestra apresentada em 10/06/2021 no TDC Connections.
Ciber crime e desafios de segurança durante uma pandemia e home officeAnchises Moraes
Os ciber criminosos estão aproveitando a epidemia de Coronavírus para espalhar mais golpes pela internet, o que preocupa as empresas em um momento em que seus funcionários estão em regime de trabalho remoto. Vamos conversar sobre as principais ameaças de fraude e phishing, incluindo as fake news que pipocam no grupo da família, e como as empresas tem que se esforçar para proteger seus funcionários.
Palestra realizada em 16/05/2020 na Vale Security Conference
Com a pandemia de Coronavírus e seu impacto aos negócios, temos que repensar a estratégia de cyber cultura e conscientização nas empresas. Vamos discutir o novo cenário e idéias de como manter nosso time coeso e seguro em tempos difíceis.
Palestra apresentada em 15/04/2020 no Roadsec@home
Hunting Bugs - Running a Bug Bounty Program
Slide deck put together for https://c0r0n4con.com/ (April/2020)
Abstract
Security best practices can't guarantee that a system or app is 100% free of bugs, so we have to detect bugs and vulnerabilities before the bad guys were able to explore them. Join us to hear the experience (takeaways and challenges) running a Bug Bounty program in a financial institution, bringing together the hacker community, AppSec and CSIRT teams.
Outline
We have been heard a lot about Bug Bounty (BB) programs and how security researchers has been making a lot of money by reporting bugs. Too much has been said from the researchers’ perspective, and too little from the companies running a BB program. An evolution of the endless Responsible Disclosure discussions and Vulnerability Report Programs, Bug Bounty programs have become a new trend in the information security industry, providing a valid communication channel for external entities to report the existence of bugs and vulnerabilities in a company’s platform and services. In this talk we will discuss the experience of a Brazilian Bank on implementing a bug bounty program as part of its application security strategy. From the point of view of an organization running a bug bounty program, we will present the challenges and benefits (expected and unexpected ones). BB program also brings the researcher community closer to the industry, representing a relevant initiative to strengthen relationship with the information security community. Running a BB program also demands strong commitment on having the issues fixed and also improves the information security visibility across the organization. Since a vulnerability can represent severe losses, detection and response are critical for the business. In order to have a proper response time for reported vulnerabilities , the CSIRT and AppSec teams play a key role in the BB program, by leading the remediation efforts whenever necessary.
As Fintechs estão revolucionando o mercado financeiro em todo o mundo, trazendo inovação para um mercado que é conhecido por muitos como um ambiente arcaico, aonde ainda reinam os Mainframes. A pressão por inovação, se não for bem controlada, pode trazer novos riscos de segurança para os clientes. Nessa palestra vamos falar sobre as novas tendências de inovação no mercado financeiro, as novas tecnologias e seus riscos associados.
Palestra proferida no evento Inovae na FMU, em maio/2019
5 passos para a Lei Geral de Proteção de Dados (LGPD) - CryptoRave 2019Anchises Moraes
Vamos apresentar 5 dicas básicas para as empresas se adequarem a Lei Geral de Proteção de Dados (LGPD).
Com a entrada em vigor da Lei Geral de Proteção de Dados (LGPD), as empresas devem adequar seus serviços e processos para incorporar os novos controles sobre a coleta, manipulação, guarda, compartilhamento e destruição de dados. Nessa apresentação, vamos discutir como começar a se adequar a nova legislação em 5 passos básicos e objetivos. A nossa privacidade agradece.
Palestra realizada na CryptoRave 2019, em 04/Maio/2019.
"Indo além do Pentest" / Palestra apresentada na CPBR12 (Fev/2019)
Muito se fala hoje em dia do Pentest, que já se tornou uma prática comum quando as empresas precisam testar a segurança de um site ou aplicação. A quantidade frequente de ataques bem sucedidos, resultando em fraudes e vazamentos de dados, mostram entretando que as empresas estão falhando em manter a segurança de seus sites, aplicações e bases de dados. Embora o "pentest" seja uma técnica muito comum de testar a segurança de um site, hoje temos a disposição um conjunto de ações que podem e devem ser adotadas de forma complementar para testar e corrigir aplicações desde a sua concepção até a produção. Vamos conversar um pouco sobre as diferenças e vantagens de adotar práticas de testes de segurança, scan de vulnerabilidades, pentest, políticas de vulnerability disclosure e programas de bug bounty.
A quantidade frequente de ataques bem sucedidos, fraudes e vazamentos de dados mostram que as empresas estão falhando em manter a segurança de seus sites, aplicações e bases de dados. Embora o "pentest" seja uma técnica muito comum de testar a segurança de um site, hoje temos a disposição um conjunto de ações que podem ser adotadas de forma complementar para testar e corrigir aplicações desde a sua concepção até a produção. amo conversar um pouco sobre as diferenças e vantagens de adotar práticas de testes de segurança, scan, pentest, vulnerability disclosure e bug bounty.
Palestra realizada o Meetup OWASP São Paulo, 30/11/2018
IoT Fofoqueiro
Nossos dispositivos IoT não sabem guardar um segredo!
Nesta palestra vamos rever vários casos recentes sobre dispositivos de Internet das Coisas que, deliberadamente ou não, revelavam dados pessoais de seus usuários.
A Internet das Coisas (do inglês Internet of Things, ou IoT) está cada vez mais presente em nosso dia-a-dia em dispositivos pessoais, computação vestível, automação residencial, carros inteligentes e muito mais. Conforme eles se proliferam, crescem tambem os casos de exposição de dados pessoais. Nessa apresentação vamos rever alguns casos interessantes de dispositivos IoT que não tinham os devidos cuidados com privacidade.
Palestra apresentada em 04/05/2018 na CryptoRave #CR2018
Palestra "Como se tornar um Jedi na área de Segurança" apresentada no RoadSec São Paulo 2017:
Você sempre sonhou em entrar na área de segurança, em ser um hacker famoso, ryco, ter as empresas disputando a sua contratação, e ser um sex-simbol?
Venha conhecer algumas dicas de como ter sucesso profissional e se tornar um mestre Jedi, dominando a cyber força que existe dentro de você.
Diversos mercados underground alimentam o crime cibernético em todo o mundo. Nesta apresentação vamos discutir como o crime cibernético se organiza, como funciona a Deep Web Dark Web e como os ciber criminosos se comunicam intensamente para permitir a constante evolução das fraudes cibernéticas.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Security Aspects of Social Networks at Campus Party 2010
1. Security Aspects
of Social Networks
Anchises M. G. De Paula
Security Intelligence Analyst
iDefense, VeriSign
February 25, 2010
2. Agenda
Motivation
History
Future of Social
Networking
Current Problems
Security aspects of
Social Networking
Source: XKCD - http://xkcd.com
3. Why Social Networks?
Country Population (in millions)
Global and cultural
phenomenon 1600
1400
1200
Facebook: 400 million 1000
800
users 600
400
3th largest “country” in 200
0
the world
A
il
a
a
ok
sia
az
in
di
US
bo
In
Ch
ne
Br
ce
do
Fa
In
New attack vector for Source: Facebook, CIA
phishers, fraudsters
and sexual predators
4. Why Social Networks?
New organization:
“egocentric” approach
Digital Identities
Profiles
Fakesters
Source: Google
5. Why Security?
“It’s the great irony of
the Information
Age that the very
technologies that
empower us to
create and to build
also empower
those who would
disrupt and
destroy”
(Barack Obama)
Source: Whitehouse
7. Demographics
Dominant social network vary greatly between different geographic
regions
Majority of the online connections between real-life friends
Source: oxyweb
8. Future of Social Networking
Virtual Currency
Mobile Social
Networking
Sensor Networks
Social TV Source: Wired
12. Current Problems
Offense, Hate and Discrimination
Child Safety and Sexual Crimes
Defamation
Stalking
Cyber bullying
Sexting
13. Security aspects of Social
Networking
Current Security Threats
Identity/Password Theft
Fake profiles
Targeted attacks
14. Security aspects of Social
Networking
Current Security Threats
Malicious Code, Viruses
and Worms
Spam, Phishing and
Financial Fraud
Malicious Programs Targeting Social Networking Sites
15. Security aspects of Social
Networking
Current Security Threats
URL Shortening
Hide malicious sites
Source: tweetmeme
16. Security aspects of Social
Networking
Social Networks
under Attack
Exploit of Social
Network Gadgets
Security vulnerabilities
Cross-site scripting
(XSS)
SQL injection
DDoS
Worms
Koobface
17. Security aspects of Social
Networking
Malicious Actors
Individuals
Spammers and
phishers
Fraudsters and cyber
criminals
Hacktivists and
terrorist groups
Sexual predators
18. Security aspects of Social
Networking
Malicious Actors
Terrorism Using Social
Networks and Online
Communities
19. Security aspects of Social
Networking
Malicious Actors
Hacking communities
Recruitment
Information exchange
Marketplace
Hacker for hire
20. References
Data Privacy Day:
http://dataprivacyday2010.org
Social Media Security:
http://socialmediasecurity.com
http://twitter.com/SocialMediaSec
SocialNetworkingWatch:
http://www.socialnetworkingwatch.com
Security and Privacy in Social Networks Bibliography:
http://www.cl.cam.ac.uk/~jcb82/sns_bib/main.html
iDefense: www.idefense.com
21. Thank you :)
Anchises M. G. De Paula
http://anchisesbr.blogspot.com
Twitter: @anchisesbr
22. Non-commercial Share Alike (by-nc-sa)
This work is licensed under the Creative Commons
Attribution-NonCommercial-ShareAlike 2.5 License.
To view a copy of this license, visit
http://creativecommons.org/licenses/by-nc-sa/2.5/ or send
a letter to Creative Commons, 543 Howard Street, 5th
Floor, San Francisco, California, 94105, USA