Dorie Minich

Bio: Dorie Minich is an academic researcher. The author has contributed to research in topics: Service catalog & Services computing. The author has an hindex of 1, co-authored 1 publications receiving 13 citations.

Content Management System

Abstract: The growth in web technologies and the need for improved and more secured role based web management has spurred the growth for content management systems. A content management system, as the name implies, is managing web content and, look and feel via role based access for viewing content, editing content and administering the portal dynamically. This role based security permits organizations to create a hierarchical multi-tier architecture model for securely managing individual pages or even individual modules on a page. The basic idea behind a portal is to provide an easy interface to users while maintaining the flexibility for developers to plug-in new features. It is a tool that allows people to communicate interactively and effectively by sharing documents, images and latest developments almost instantly. It provides a framework that works on top of role-based security. This can be adapted to develop any site that requires content management. Hence, it caters to the needs of a wide range of audience. While portals look like any other static web site with tabs to navigate between pages and page content organized in a neat readable format, they provide a dynamic way to modify, maintain and monitor usage. The basic architecture of the portal consists of tabs and modules. A collection of modules on a page constitutes the contents of the tab and a collection of tabs make the entire portal. We will look individually into each element that constitutes the portal. Tabs in the portal constitute the basic navigation bar. From a user's point of view this is the basic container of all data and hence its accessibility is of at most importance. Controlling the visibility of the tabs via a role-based mechanism allows managing users belonging to a wide spectrum. Users with different roles only see the tabs that they are authorized to view. Thus, the portal can be set up in such a way that two users with different roles see completely different web contents. Portal administrators manage tabs and they can dynamically create new tabs and add new modules onto the tab. Modules act as the container of all data and content. Modules in a tab can be either in the right pane or left pane depending on where the content is to be displayed. This way we use the entire space on the computer screen. Like view permissions on tabs, role based security can also be used to …

A Survey of Moving Target Defenses for Network Security

Abstract: Network defenses based on traditional tools, techniques, and procedures (TTP) fail to account for the attacker’s inherent advantage present due to the static nature of network services and configurations. To take away this asymmetric advantage, Moving Target Defense (MTD) continuously shifts the configuration of the underlying system, in turn reducing the success rate of cyberattacks. In this survey, we analyze the recent advancements made in the development of MTDs and highlight (1) how these defenses can be defined using common terminology, (2) can be made more effective with the use of artificial intelligence techniques for decision making, (3) be implemented in practice and (4) evaluated. We first define an MTD using a simple and yet general notation that captures the key aspects of such defenses. We then categorize these defenses into different sub-classes depending on what they move, when they move and how they move. In trying to answer the latter question, we showcase the use of domain knowledge and game-theoretic modeling can help the defender come up with effective and efficient movement strategies. Second, to understand the practicality of these defense methods, we discuss how various MTDs have been implemented and find that networking technologies such as Software Defined Networking and Network Function Virtualization act as key enablers for implementing these dynamic defenses. We then briefly highlight MTD test-beds and case-studies to aid readers who want to examine or deploy existing MTD techniques. Third, our survey categorizes proposed MTDs based on the qualitative and quantitative metrics they utilize to evaluate their effectiveness in terms of security and performance. We use well-defined metrics such as risk analysis and performance costs for qualitative evaluation and metrics based on Confidentiality, Integrity, Availability (CIA), attack representation, QoS impact, and targeted threat models for quantitative evaluation. Finally, we show that our categorization of MTDs is effective in identifying novel research areas and highlight directions for future research.

On the Software Ecosystem Health of Open Source Content Management Systems.

Abstract: Choosing a content management system on which you rely your business is challenging because they need a healthy software ecosystem in order to function efficaciously. Unawareness of this will result in content managers having uncertainty about the future suitability of their chosen content management system. This study describes an empirical, inductive approach by comparing the software ecosystem health of the three most popular open source Content Management System platforms (WordPress, Joomla and Drupal) according to a number of health characteristics. Taking the software ecosystem health of a desired content management system into account enables stakeholders to make a more grounded decision in choosing either of the Content Management Systems. This could lead to a more suitable, dynamic and/or sustainable solution.

Creating Open Source Lecture Materials: A Guide to Trends, Technologies, and Approaches in the Information Sciences

Abstract: This chapter surveys recent and continuing trends in software tools for preparation of open courseware, in particular audiovisual lecture materials, documentaries and tutorials, and derivative materials. It begins by presenting a catalog of tools ranging from open source wikis and custom content management systems to desktop video production. Next, it reviews techniques for preparation of lecture materials consisting of five specific learning technologies: animation of concepts and problem solutions; explanation of code; video walkthroughs of system documentation; software demonstrations; and creation of materials for instructor preparation and technology transfer. Accompanying the description of each technology and the review of its state of practice is a discussion of the goals and assessment criteria for deployed courseware that uses those tools and techniques. Holistic uses of these technologies are then analyzed via case studies in three domains: artificial intelligence, computer graphics, and enterprise information systems. An exploration of technology transfer to college and university-level instructors in the information sciences then follows. Finally, effective practices for encouraging adoption and dissemination of lecture materials are then surveyed, starting with comprehensive, well-established open courseware projects that adapt pre-existing content and continuing through recent large-scale online courses aimed at audiences of tens to hundreds of thousands. William H. Hsu Kansas State University, USA DOI: 10.4018/978-1-4666-7363-2.ch004

Alohamora: Reviving HTTP/2 Push and Preload by Adapting Policies On-the-Fly

Abstract: Author(s): Kansal, Nikhil | Advisor(s): Netravali, Ravi | Abstract: Despite their promise of improved performance, HTTP/2's server push and link preload features have seen minimal adoption, largely because designing performant push/preload policies requires complex reasoning about the subtle relationships between page content, browser state, device resources, and network conditions. Static policies and guidelines that sufficiently generalize across these diverse conditions remain elusive.We present Alohamora, a system that automatically generates push/preload policies using Reinforcement Learning (RL). Alohamora trains a neural network that, given inputs that characterize the page structure and execution environment, outputs a push/preload policy for the page load at hand. To ensure efficient and practical training despite the large space of potential policies, number of pages served by a given site, and high mobile page load times, Alohamora introduces several key innovations: a faithful page load simulator that can evaluate a policy in several milliseconds (compared to 10s of seconds for a regular page load), and a page clustering strategy that appropriately balances insights for push/preload with the number of pages required during training. Experiments across a wide range of pages and mobile execution environments reveal that Alohamora is able to accelerate page loads by 19-57% and 12-34% for page load time and Speed Index, respectively.