Top PDF Open Source Vulnerability Database Project

Open Source Vulnerability Database Project

Open Source Vulnerability Database Project

The assurance level required for execut- ing applications depends on their execu- tion context. Our context is military, in which confidential data is processed by sensitive applications running on wide- spread operating systems, such as Win- dows and Linux, and mostly programmed in C/C++ and Java. Our primary goal was to get rid of common security problems using automated source code verification tools for C++ and Java. To do so, we first investigated errors and vulnerabilities emerging from software defects. This al- lowed us to create meaningful tests in or- der to evaluate the detection performance and usability of these tools. In our investigation of common software security problems, we observed that most do not come from the failure of security mechanisms. Rather, they occur from fail- ures at a lower level, which we call pro- gram sanity problems. Security mechanisms ensure high level properties, such as confidentiality, integrity, and availability, and are mostly related to design. Access control frameworks, intru- sion prevention systems, and firewalls are all examples of security mechanisms. Pro- gram sanity problems are related to pro- tected memory, valid control and data flow, and correct management of re- sources like memory, files, and network connections.
Mostrar mais

45 Ler mais

Editorial: Open Source in Government

Editorial: Open Source in Government

Use of OSS was started by the federal gov- ernment, but now the state and municip- al governments are also using OSS. As an example, the Government of the State of Ceará has already passed a law that "es- tablished the preferential use of free soft- ware as corporate standard tool for implementation and management of state policy of information technology and communication within the Govern- ment of the State of Ceará" (http://soft warelivre.ceara.gov.br/categoria1/docu mentos-oficiais-arqs/decreto-29255-DOE .pdf ). This "preferential use" has already resulted in every department switching from the proprietary Oracle database to the open source PostgreSQL database. Licia Maria Viana Bezerra, IT strategic manager for the Ceará government, said in an interview: "The challenge is a change of culture. Government needs to convince all users to adopt and use new products, with new interfaces, but it’s so hard to do it. In the Ceará State Govern- ment, we have several cases of success; some entities in the government are us- ing only open source software. The Ceará Government Migration Project to Open Source Software was already presented in other states and is serving as a model for other governments."
Mostrar mais

34 Ler mais

Open source face recognition API

Open source face recognition API

Face recognition applications are widely used today for a variety of tasks, whether personal or professional. When looking for a service that provides face detection and classification, it is easy to find several solutions. In this project another way is described so that it is possible to perform this task according to the desired needs without the need to use proprietary software. With the emergence of the Django Rest Frame Work, web application development has become easier. This work describes development of stable foundation and features that offer an administration panel, relational database management, and support for a Restful Application Programming Interface (API). This takes advantage of the exclusive use of Open Source technologies thus the application code can be modified and distributed free of charge. For the development of an API that could perform detection and facial recognition, applying an Open Source philosophy, in addition to Django Rest Framework technologies such as Python, C++, MySql and JSON were used. The prototype is initially capable of recognizing the number of faces per image, assessing eyes, smile, age and gender. Flexibility is designed to increase application capabilities with new algorithms implemented in various programing languages.
Mostrar mais

66 Ler mais

Open Source Interoperability: It's More than Technology

Open Source Interoperability: It's More than Technology

In December 1999, Si2 formed the Design API Coalition (DAPIC), whose founding members included many large, high-end EDA user companies that were previously involved in the CHDStd initiative. Si2 made as a condition for membership in DAPIC that members must commit engin- eering resources on an active project mak- ing use of the reference implementation. Further, Cadence set conditions on DAP- IC for its contribution, one of which was that a Working Group (WG) would be formed to address some important miss- ing technological aspects of Genesis. The DAPIC members agreed to form a WG to define an “Extensibility” technology that would play a critical role in convincing other major EDA vendors to consider us- ing technology from a major competitor. In June 2001, Si2 renamed DAPIC to OAC and publicly announced its launch. The OAC released the Genesis API specifica- tions to the public as “OA API 1.0”, accom- panied by the database binary code and, later, the source code. During this phase of the program, the attitude of most EDA vendors was one of “wait and see.”
Mostrar mais

33 Ler mais

Academic impact of a public electronic health database: bibliometric analysis of studies using the general practice research database.

Academic impact of a public electronic health database: bibliometric analysis of studies using the general practice research database.

To measure the research activity of GPRD studies, the absolute numbers of GPRD studies were adjusted to the population size of each country and the numbers of national SCI publications per thousand inhabitants were calculated as references (Table 6). The UK benefited most from GRPD studies, jumping from the 5 th most productive country according to SCI in general to the number one in GPRD studies. Switzerland and the Netherlands were also all active and productive in GPRD studies and took a clear lead over other countries. In consideration of the rank of first Figure 1. Cumulative numbers of GPRD studies compared with epidemiologic studies using public electronic health database in Canada, France and Germany. The cumulative numbers of studies published between 1995 and 2009 (solid data points) were fitted well with a power growth model (solid line). The predicted cumulative numbers of GPRD studies were then extrapolated by the fitted power model (hollow data points with short dashed line). The extrapolation should be interpreted cautiously under assumption. Data source: Germany: studies using German health insurance medication claims data [8]; France: studies using French reimbursement databases [9]; Canada: studies using Manitoba and Saskatchewan administrative health care utilization databases [10].
Mostrar mais

7 Ler mais

OPENOBC: uma arquitetura de um computador de bordo open source e de baixo custo para o padrão CUBESAT

OPENOBC: uma arquitetura de um computador de bordo open source e de baixo custo para o padrão CUBESAT

The definition of the CubeSat standard boosted the research and development of the pico and nano satellites inside of the universities. Besides the standardization of the physical dimensions, the CubeSat specifies a communication protocol between the sub-systems of the satellite, what can make possible the shortening of the time and cost of the project using COTS (Comercial off-the-shelf) components. Although cost is an important requirement for the development of small satellites, the cost reduction must come from the correct architecture choice, not from the loss of system reliability. Focusing in a specific component, like the OBC (On Board Computer), becomes clear that the currents solutions meets the low cost requirements but fails in providing high failure tolerance. Some OBC models do not provide a mechanism of detection and correction of failures, while others cover only partially the failure points with a way to correct errors in external memories. At this job will be proposed an open source architecture with low cost and high reliability for an on board computer with compatibility with the CubeSat standard. The proposal architecture uses a TMS570LS0432 processor from Texas Instruments, which have dual ARM Cortex-R4 core, detection and failure correction in RAM and internal ROM, hardware BIST (built-in self test) at the CPU and RAM memory and others securities characters like clock monitoring and power supply voltage. An external flash memory was used for storage of code and data. Two I2C interfaces for communication between the sub systems, one had been used exclusively for transponder communication and the other one for the other systems. The architecture is complemented with an UART interface for diagnosis and debugging, PWM signals for activate the torque coils and ADC inputs for light measuring in the satellite. A MicroSD card reader has been planned for data storage and a CAN bus for data traffic in real time, ensuring a rigid control of failures and messages receiving. The OBC was electronically tested and is able to be embedded with the others sub systems.
Mostrar mais

75 Ler mais

Open Source in Embedded System Development

Open Source in Embedded System Development

When it comes to hardware modeling, EDA has been a bastion of proprietary software―much of it costing $50,000 per seat per year or more. However open source has some credible modeling tools now available. For high level modeling, SystemC has always had an open source reference implementation, while for cycle accurate modeling of synthesizable Verilog RTL designs, Verilator, on its third major release cycle, is well established and robust. For event driven simulation, Icarus Verilog handles Verilog, while the newer GHDL handles VHDL. Both event driven simulators are significantly slower than the fastest proprietary products. However for many designs―with hundreds of thousands of gates or so, they are quite adequate.
Mostrar mais

8 Ler mais

Geostatical Modelling For Ground Water Pollution in Salem by  Using Gis

Geostatical Modelling For Ground Water Pollution in Salem by Using Gis

Reclassifying simply means replacing input cell values with new output cell values. There are many reasons why data need to be reclassified; for example, it is needed to replace values based on new information, to group certain values together, and to reclassify values to a common scale (McCoy and Johnston, 2001). In this project, each data layer needs to be reclassified to a common scale showing its potential to cause contamination of groundwater by pesticides. This scale consists of five classes for each data layer with a value from 5 to 1, meaning high to low pollution potential. The reclassifications of all data layers were conducted by using ArcView spatial analyst 2.0 (ModelBuilder). - The soil data layer was reclassified by its texture, which is the most permanent of all soil characteristics. According to Olson (1981), soil texture can be categorized into five groups, including coarse textured (sand, loamy sand), moderately coarse textured (sandy loam), medium textured (very fine sandy loam, loam, silt loam, silt), moderately fine textured (clay loam, sandy clay loam, silty clay loam), and fine textured (sandy clay, silty clay, clay). The soil data layer was reclassified in accordance with the categories mentioned above. Table 16 shows the reclassification of soil texture into five classes. Because of this, each cell in this layer was assigned a value varying from 5 (coarse textured) to 1 (fine textured).
Mostrar mais

8 Ler mais

Commercial open source software companies

Commercial open source software companies

The sample size was reduced to 14.534 by dismissing extreme outliers. However, the plot of studentized residuals against unstandardized residuals indicates that heteroscedasticity is given (Figure 8). To be able continue the analysis the parameters should be estimates using robust standard errors with the HC3 method (A. Hayes, 2007). A significant regression was found F (7, 14.533) = 3036.366, p < .001, R2 = .594). Here, forks (B =.515, p < .001), watchers (B = .381, p < .001), total issues (B = .087, p < .001) and releases (B = .088, p < .001) have a positive effect on stars. Therefore, in these cases projects with more forks, watchers, total issues and releases are also more popular. In contrast project size (B = -.058, p < .001), milestones (B = -.080, p = .008), and pull requests (B = -.080, p < .001) have a negative influence of project stars. Projects with a large size have a smaller number of stars. Therefore, projects tend to be less popular when the source code becomes too large and complex. In addition, projects with many milestones are less popular. A reason for that might be that the developer community is interested in problem solving through
Mostrar mais

38 Ler mais

Correction: The Genographic Project Public Participation Mitochondrial DNA Database.

Correction: The Genographic Project Public Participation Mitochondrial DNA Database.

Citation: Li X, Schimenti JC (2007) Mouse pachytene checkpoint 2 ( Trip13 ) is required for completing meiotic recombination but not synapsis. The correct citation is:[r]

1 Ler mais

FrameWork de Localização ERP Open Source

FrameWork de Localização ERP Open Source

A internacionalização de aplicações de negócio é relevante pois permite um mais adequado ajustamento a diversas realidades. Porém, para que o processo seja completo é imprescindível fazer a respectiva localização. Os sistemas ERP (Entreprise Resource Planning) não são excepção. Considerando que o ERP tem um certo nível de internacionalização, o software pode ser ajustado e localizado a um determinado país ou região. Este artigo apresenta uma framework de localização de ERP OS (Open Source), identificando níveis de localização e respectiva associação a componentes de software, processos e tipos de customização. A tradução e a customização constituem as principais tarefas neste processo.
Mostrar mais

21 Ler mais

Open-Source georeferentiation for resilient communities

Open-Source georeferentiation for resilient communities

The mobile market is an emerging mass market with little research data available for use. Consumers are changing their habits; the Internet players are adapting their content to fit new needs. Although the business model is restricted to cost-per-use, with operators maintaining a high cost and network restrictions to avoid the massive use, data portability for mobile devices has yet to take off. Mobile devices fulfil the true purpose of the Internet to offer better connectivity anytime, anywhere. The tendency of the wireless technology goes beyond the walls of houses, university buildings or hotels, and reaches the open spaces of nature or mobile spaces of trains and buses. The mobility that users appreciate to use on their mobile devices being able to speak everywhere and without the need for registration in a wireless local area network and can extend to other Internet services such as Web browsing, e-mail, news reading, online radio, or even watch streaming video and television.
Mostrar mais

80 Ler mais

Contributions of the concept of vulnerability to professional nursing practice: integrated review

Contributions of the concept of vulnerability to professional nursing practice: integrated review

nitially, the concept of vulnerability has been proposed to the United Nations Program for the Acquired Immunodeficiency Syndrome (SIDA/AIDS), called UNAIDS, as an attempt to respond to the gaps in the epidemic. This was justified by the fact that the current health practices at the time could not adequately respond to the advance of this disease, especially among people of lower social classes, women, blacks, residents of the large city suburbs, as well as those living in poorer nations. 1

8 Ler mais

Automação Industrial com recurso a ferramentas "Open Source"

Automação Industrial com recurso a ferramentas "Open Source"

Descrição detalhada dos testes Scripts – A utilização dos scripts está directamente ligada à utilização de meta data sources. Ao adicionar-se um data point a este tipo de dados, é necessário escrever um script para essa variável cuja linguagem é javascript. De maneira a explorar melhor esta funcionalidade, criaram-se 3 variáveis numéricas numa data source virtual também criada para estes testes: temperatura, tensão e corrente. Para o primeiro teste, adicionou-se um data point com o nome temperaturaKelvin à meta data source criada anteriormente e definiu-se a variável Temperatura como context (p1 como nome da var a ser utilizada no script). Ao adicionar-se uma variável como context, o utilizador pode utilizá-la na escrita do script. O script que se escreveu para o primeiro teste é muito simples e retrata uma simples conversão de unidades. O script continha o seguinte texto: “return p1.value+273,15”. Desta forma, o valor do data point temperaturaKelvin estará sempre dependente do valor da variável temperatura. De seguida, adicionou-se outro data point à meta data source, este com o nome potência. As variáveis de contexto deste data point foram a tensão (p1) e a corrente (p2) referidas anteriormente e, neste script, escreveu-se o seguinte: “return p1.value * p2.value”. Para uma avaliação um bocado mais aprofundada dos scripts, criou-se um script onde se utilizam comparadores de valores como o =, > e > e expressões lógicas como o IF. Assim, criou-se mais uma variável ao meta data source com o nome clima do tipo alfanumérico à qual se associou como contexto a variável temperatura (p1). No script deste data point, escreveu-se o seguinte:
Mostrar mais

135 Ler mais

Estudo de alternativas open source para soluções IMDG

Estudo de alternativas open source para soluções IMDG

Conseguir satisfazer os clientes em mercados altamente competitivos depende diretamente da qualidade e desempenho das aplicações que lhes são direcionadas. Alguns segundos de atraso podem fazer a diferença entre o sucesso e o fracasso de uma empresa. A incapacidade de processar, aceder, analisar e integrar dados rapidamente num dado sistema é bastante problemática para organizações que têm de processar uma grande quantidade e variedade de dados. Os sistemas In Memory Data Grids (IMDG) operam essencialmente com os seus dados em memória, podendo, porém, ser suportados por vários servidores incorporados num sistema distribuído. Estes sistemas são recomendados para aplicações que exijam a manipulação de grandes volumes de dados, uma vez que são facilmente escaláveis e de fácil implementação. Além disso, em termos técnicos, os sistemas IMDG são claramente vantajosos em processos que requeiram rápidas tomadas de decisão, exijam elevados níveis de produtividade e solicitem um atendimento de alta qualidade aos seus sistemas e utilizadores clientes. Neste trabalho de dissertação foram estudas, de forma detalhada, várias alternativas IMDG open source existentes na atualidade, tendo como base de trabalho um conjunto de condições funcionais e estruturais definidas por uma empresa de telecomunicações, com o objetivo de viabilizar a utilização de uma solução IMDG open source em substituição de uma solução dita comercial. Adicionalmente, idealizou-se um pequeno conjunto de casos de estudo que foram utilizados como base para o processo de criação de duas aplicações práticas reais utilizando duas soluções IMDG open source distintas, nomeadamente, o Hazelcast e o Infinispan . No processo de elaboração destes casos de estudo tomou-se em consideração alguns cenários de aplicação bastante típicos em sistemas de telecomunicações, bem como, nas fases de implementação das aplicações, as funcionalidades mais relevantes que se podem encontrar em sistemas distribuídos deste género, em particular a execução local de dados em ambiente distribuído, a afinidade de dados em casos de particionamento, a capacidade de replicação de cache em cenários topológicos com mais de um cluster e, por fim, a integração de Java Persistence API (JPA) e Java Transaction API (JTA) como mecanismos para controlo e gestão de persistência e das transações distribuídas.
Mostrar mais

87 Ler mais

TESTES DE FERRAMENTAS OPEN SOURCE NO COMBATE AO SPAM

TESTES DE FERRAMENTAS OPEN SOURCE NO COMBATE AO SPAM

O grande número de mensagens indesejadas recebidas pelos usuários em suas caixas de correio eletrônico faz com que se busquem formas de combater ou amenizar os problemas ocasionados pelo recebimento de spams. O presente trabalho destina-se ao estudo de técnicas e ferramentas que podem ser utilizadas no combate ao spam, apresentando o funcionamento do correio eletrônico e do protocolo SMTP, as formas mais comuns de spams existentes atualmente, estatísticas de ocorrência, bem como as formas utilizadas para envio desse tipo de men- sagem. Também será mostrado o funcionamento e um comparativo dos testes realizados com três ferramentas open source: Bogofilter, SpamAssassin e SpamPal destinadas ao combate ao spam.
Mostrar mais

11 Ler mais

Estudo bibliométrico de software livre e open source

Estudo bibliométrico de software livre e open source

Resumo — O software open source tem adquirido uma relevância crescente no mundo organizacional e social. Este artigo tem por propósito identificar os principais tópicos de investigação no contexto do open source e software livre. Para tal foi realizado um estudo bibliométrico no qual foram encontrados os clusters baseados em coocorrência de palavras-chave e coautoria, em duas bibliotecas digitais distintas, IEEE Explore e ACM Digital Libary. Os resultados permitiram quantificar por clusters e concluir que temas são mais proeminentes no ecossistema de Software Livre. Embora se tenha identificado um crescimento quase exponencial em termos de publicações, formadas por pequenos grupos de investigadores e com poucas ligações entre elas.
Mostrar mais

7 Ler mais

Identificação de vulnerabilidades em aplicações web open-source

Identificação de vulnerabilidades em aplicações web open-source

Na atualidade, as tecnologias da informação facilitam a comunicação das empresas e permitem uma implementação digital dos principais processos de negócio internos e da integração com clientes, fornecedores e parceiros de negócio. Mas nem tudo são benefícios. O facto dos negócios estarem mais acessíveis e interligados traduz-se também em novos riscos de segurança que devem ser identificados e devidamente mitigados. Muitas destas organizações optam hoje por software open-source, em particular aplicações web, sem ter a capacidade de avaliar até que ponto estas mesmas aplicações são seguras. Esta é a principal motivação para o presente trabalho de investigação, a de permitir que as organizações possam ter uma opinião informada sobre este tipo de software que utilizam. Para conseguir atingir este objetivo, esta investigação baseou-se na auditoria e análise das aplicações web open-source mais utilizadas pelas empresas através das principais ferramentas de análise automatizada de vulnerabilidades em aplicações web.
Mostrar mais

75 Ler mais

Analysis of Computing Open Source Systems

Analysis of Computing Open Source Systems

Graphical user interfaces (GUIs) are critical components of today's open source software. Given their increased relevance, the correctness and usability of GUIs are becoming essential. This paper describes the latest results in the development of our tool to reverse engineer the GUI layer of interactive computing open source systems. We use static analysis techniques to generate models of the user interface behavior from source code. Models help in graphical user interface inspection by allowing designers to concentrate on its more important aspects. One particular type of model that the tool is able to generate is state machines. The paper shows how graph theory can be useful when applied to these models. A number of metrics and algorithms are used in the analysis of aspects of the user interface's quality. The ultimate goal of the tool is to enable analysis of interactive system through GUIs source code inspection.
Mostrar mais

9 Ler mais

A identidade profissional no jornalismo open source

A identidade profissional no jornalismo open source

que as equipes de repórteres – sejam profissionais ou cidadãos com participações eventuais – sejam suficientes, embora pequenas, para dar conta dos fatos que marcam o cotidiano nacional. Este aspecto também é favorável à checagem de dados que os editores fazem sobre cada artigo remetido por um cidadão-repórter. Para além desses motivos que justificam a escalada do jornalismo open source na Coréia do Sul, Oh Yeon Ho (2005a) destaca o preparo e a disposição de seus compatriotas em participar de iniciativas em nome de um propósito comum. Essa característica pode ser uma resposta que o povo coreano dá à própria história.
Mostrar mais

17 Ler mais

Show all 10000 documents...