Computer Standards & Interfaces最新文献

The Submodular Cover ($\mathrm{SC}$) problem has attracted the attention of researchers because of its wide variety of applications in many domains. Previous studies on this problem have focused on solving it under the assumption of a non-noise environment or using the greedy algorithm to solve it under noise. However, in some applications, the data is often large-scale and brings a noisy version, so the existing solutions are ineffective or not applicable to large and noisy data. Motivated by this phenomenon, we study the Submodular Cover under Noises ($\mathrm{SCN}$) problem and propose two efficient streaming algorithms, which provide a solution with theoretical bounds under two common noise models, multiplicative and additive noises. The experimental results indicate that our proposed algorithms not only provide the solution with a high objective function value but also outperform the state-of-the-art algorithm in terms of both the number of queries and the running time.

The educational use of serious games has increased in recent years and their pedagogical benefits have been widely documented, especially for teaching specialized knowledge on Software Engineering at undergraduate level. The results achieved by several studies in this area show that it has been possible to increase the student interest and motivation in learning complex topics that tend to be difficult to understand when knowledge is imparted through traditional lectures, as is the case with software process standards. In this regard, the ISO/IEC/IEEE 15939:2017 standard describes a software measurement process, one of the main topics that must be addressed in any curriculum for undergraduate degree programs in Software Engineering. However, despite their relevance in industry, many students are leaving university without basic software measurement skills. With the aim of identifying serious games for teaching the software measurement process at undergraduate level, a Systematic Literature Review was conducted in order to collect, classify and analyze information which enabled the authors of this study to propose a serious game that improves the understanding and education on the ISO/IEC/IEEE 15939:2017 standard. The results from an empirical evaluation involving Computer Science undergraduates provided evidence that positive learning experiences occurred when playing the created serious game.

Agile is now a mainstream approach used by developer teams at software organizations. However, many of these organizations still employ traditional governance methods, negatively impacting agile team performance, quality and morale. To address this issue, we applied the Design Science Research Framework to develop Agile governance guidelines by harmonizing CMMI V2.0 and SAFe 5.0. Specifically, we matched CMMI V2.0 governance practices to SAFe 5.0 roles, practices and artefacts. The resulting guidelines were validated, first by means of a survey and then through interviews with process improvement practitioners and agile experts who worked on a fictitious case study. The survey participants, especially those more familiar with SAFe practices, stated that the proposed harmonization was meaningful. Agile experts participating in the case study confirmed that the proposed guidelines were practical and comprehensive, as well as consistent and complete. Pending further empirical validation, these guidelines constitute a crucial step towards Agile governance.

Blockchain is a relatively recent technology that provides immutability, traceability and transparency of information, thus building trust in the digital society. Blockchain networks generate a large amount of logs which capture and describe data flowing through the network in the form of transactions, blocks and events. Monitoring these blockchain data from the off-chain world is needed to detect anomalies with the aim of mitigating the risks that may arise as a result of using blockchain technology. However, the real-time monitoring of these logs by off-chain systems has become a challenge from the beginning of 2018 when the blockchain networks reached a high number of daily transactions. In this paper, we propose a portable, maintainable and easily configurable architecture integrating blockchain and complex event processing technologies that allows for both the real-time monitoring of logs generated in Ethereum Virtual Machine (EVM)-compatible blockchain networks and the automatic detection of anomalies in these networks by matching event patterns. This architecture was tested by using vast amounts of blockchain data already publicly registered in Ethereum and Polygon networks. The results demonstrate that the proposed architecture is able to automatically detect anomalies which occur in different blockchain networks, making analytics of blockchain data possible by off-chain systems.

Secret handshake schemes allow members from the same organization to authenticate each other anonymously. After its proposal, various schemes have been introduced to achieve advanced privacy protection. Regrettably, all the schemes based on number theoretic assumptions are insecure under quantum computers, and the known post-quantum designs are impractical because of the overhead cost ($>$ 10 MB). To fill the gap, we present the first isogeny-based secret handshake scheme (i.e., $\mathrm{ISH}$) with a friendly communication cost (67 KB). In particular, we apply the CSI-FiSh signature scheme to generate group keys and credentials. For each zero-knowledge transcript in the credential, we generate a signature for handshake via the Fiat–Shamir paradigm, while it fails anonymous authentication. To fix the issue, we modify the Fiat–Shamir-type signature by embedding the CSIDH ephemeral private key into the challenge space. After verifying the modified signatures, two users recover the right ephemeral private key if they are in the same group, then they can negotiate a session key and authenticate each other. Our scheme is proved secure under the Group Action Inverse Problems (GAIP) in the random oracle model, and deniability, as an attractive property, also holds for $\mathrm{ISH}$, enabling user’s ability to deny their interactions in the finished handshakes. Via choosing appropriate parameters, the communication cost surpasses all the existing post-quantum secret handshakes.

APIs are increasingly becoming new business assets for organizations and consequently, API functionality and its pricing should be precisely defined for customers. Pricing is typically composed by different plans that specify a range of limitations, e.g., a Free plan allows 100 monthly requests while a Gold plan has 10 000 requests per month. In this context, the OpenAPI Specification (OAS) has emerged to model the functional part of an API, becoming a de facto industry standard and boosting a rich ecosystem of vendor-neutral tools to assist API providers and consumers. In contrast, there is no proposal for modeling API pricings (i.e., their plans and limitations) and this lack hinders the creation of tools that can leverage this information. To deal with this gap, this paper presents a pricing modeling framework that includes: (a) Pricing4APIs model, a comprehensive and rigorous model of API pricings, along SLA4OAI, a serialization that extends OAS; (b) an operation to validate the description of API pricings, with a toolset (sla4oai-analyzer) that has been developed to automate this operation. Additionally, we analyzed 268 real-world APIs to assess the expressiveness of our proposal and created a representative dataset of 54 pricing models to validate our framework.

Test-first development (TFD) is a software development approach involving automated tests before writing the actual code. TFD offers many benefits, such as improving code quality, reducing debugging time, and enabling easier refactoring. However, TFD also poses challenges and limitations, requiring more effort and time to write and maintain test cases, especially for large and complex projects. Refactoring for testability is improving the internal structure of source code to make it easier to test. Refactoring for testability can reduce the cost and complexity of software testing and speed up the test-first life cycle. However, measuring testability is a vital step before refactoring for testability, as it provides a baseline for evaluating the current state of the software and identifying the areas that need improvement. This paper proposes a mathematical model for calculating class testability based on test effectiveness and effort and a machine-learning regression model that predicts testability using source code metrics. It also introduces a testability-driven development (TsDD) method that conducts the TFD process toward developing testable code. TsDD focuses on improving testability and reducing testing costs by measuring testability frequently and refactoring to increase testability without running the program. Our testability prediction model has a mean squared error of 0.0311 and an R² score of 0.6285. We illustrate the usefulness of TsDD by applying it to 50 Java classes from three open-source projects. TsDD achieves an average of 77.81 % improvement in the testability of these classes. Experts’ manual evaluation confirms the potential of TsDD in accelerating the TDD process.

An examination of different distributed real-time applications operating on the blockchain platform is conducted. These applications can be broadly classified into three types: permissionless public, permissioned private, and consortium chains. In order for a decentralized network to function independently, consensus mechanisms are needed to facilitate the delivery of transactions and keep track of them in a ledger. But the fundamental idea behind Blockchain technology is the use of several consensus protocols, like Proof of Stake, Proof of Elapsed Time, etc., which requires greater processing power. In order to arrange transactions, it increases the demand for buying more computing units. Furthermore, present consortia blockchain consensus mechanisms lack a policy to collect socio-economic financial levies, including monies for charitable donations, education, and social activities. To collect socio-economic taxes, this study suggests a lightweight Plenum consensus algorithm called "BLPCA" for consortium blockchains built on Hyperledger Indy. The Byzantine Fault Tolerance concept combined with optimization is used in the suggested BLPCA systems to manage large-scale decentralized traffic of socioeconomic hierarchy. Because there are no transaction costs, BLPCA encourages government analysts to review funds using fewer resources. By including a multithreading heterogeneous technique, the BLPCA can effectively handle multi-transaction needs and execute this protocol in an industrial setting that operates in real-time. It is observed from the simulations that even in the worst-case network scenario—such as a fork—the suggested consortium blockchain does not crash a single transaction. In order to guarantee node scalability, a high propagation speed is determined. Furthermore, the BLPCA shows an excellent average time while constructing socioeconomic transaction blocks.

This study presents an innovative IoT routing security model that integrates trust management to bolster network reliability, improve resilience against routing attacks, and isolate malicious activities. The model, emphasizing node behavior, reputation, and past performance, offers a nuanced approach to network security. Through comprehensive comparisons between dynamic and static models in IoT routing, the impact on crucial performance parameters, including throughput, packet delivery ratio, control traffic overhead, and energy consumption, is quantified. Simulations showcase the model's effectiveness in securing IoT communication, achieving an impressive 98 % accuracy in detecting and mitigating attacks. Comparative analysis against prior studies underscores its exceptional performance, particularly in identifying and classifying attack types such as wormhole, Sybil, and rank, alongside normal traffic. This trust-based IoT routing security model represents a substantial advancement in securing dynamic IoT environments, standing out as a valuable contribution. Noteworthy is its low average power consumption, contributing to its exceptional lightweight nature.

Traditional Digital Copyright (DC) management system faces a single point of failure, and has no strict traceability. Meanwhile, the current blockchain-based DC schemes take less consideration to the authenticity of DC information stored on the blockchain. Additionally, the full node storage overhead and computation overhead of information retrieval and traceability increase significantly with the number of blocks. Therefore, in this paper, we propose a secure and lightweight data management scheme based on the redactable blockchain for DC. Users generate their public and private keys, which provide a legitimate signature. Then, we propose a transaction control mechanism based on ECDSA, which means that the storage of DC information can only be accomplished by providing a legitimate and verifiable signature, including registration and transaction information. Furthermore, we adopt blockchain to record DC information and the chameleon hash algorithm to modify DC information stored on the blockchain when making DC transactions, while keeping the block headers unchanged. System analysis and experimental results confirm that our scheme can address a single point of failure and ensure the authenticity of the information. Meanwhile, our scheme effectively reduces full node storage overhead, and computation overhead of information retrieval and traceability.