AI Face Time

AI Face Time — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Physical information security

Physical information security is the intersection or common ground between physical security and information security. It primarily concerns the protection of tangible information-related assets such as computer systems and storage media against physical, real-world threats such as unauthorized physical access, theft, fire and flood. It typically involves physical controls such as protective barriers and locks, uninterruptible power supplies, and shredders. Information security controls in the physical domain complement those in the logical domain (such as encryption), and procedural or administrative controls (such as information security awareness and compliance with policies and laws). == Background == Asset are inherently valuable and yet vulnerable to a wide variety of threats, both malicious (e.g. theft, arson) and accidental/natural (e.g. lost property, bush fire). If threats materialize and exploit those vulnerabilities causing incidents, there are likely to be adverse impacts on the organizations or individuals who legitimately own and utilize the assets, varying from trivial to devastating in effect. Security controls are intended to reduce the probability or frequency of occurrence and/or the severity of the impacts arising from incidents, thus protecting the value of the assets. Physical security involves the use of controls such as smoke detectors, fire alarms and extinguishers, along with related laws, regulations, policies and procedures concerning their use. Barriers such as fences, walls and doors are obvious physical security controls, designed to deter or prevent unauthorized physical access to a controlled area, such as a home or office. The moats and battlements of Mediaeval castles are classic examples of physical access controls, as are bank vaults and safes. Information security controls protect the value of information assets, particularly the information itself (i.e. the intangible information content, data, intellectual property, knowledge etc.) but also computer and telecommunications equipment, storage media (including papers and digital media), cables and other tangible information-related assets (such as computer power supplies). The corporate mantra "Our people are our greatest assets" is literally true in the sense that so-called knowledge workers qualify as extremely valuable, perhaps irreplaceable information assets. Health and safety measures and even medical practice could therefore also be classed as physical information security controls since they protect humans against injuries, diseases and death. This perspective exemplifies the ubiquity and value of information. Modern human society is heavily reliant on information, and information has importance and value at a deeper, more fundamental level. In principle, the subcellular biochemical mechanisms that maintain the accuracy of DNA replication could even be classed as vital information security controls, given that genes are 'the information of life'. Malicious actors who may benefit from physical access to information assets include computer crackers, corporate spies, and fraudsters. The value of information assets is self-evident in the case of, say, stolen laptops or servers that can be sold-on for cash, but the information content is often far more valuable, for example encryption keys or passwords (used to gain access to further systems and information), trade secrets and other intellectual property (inherently valuable or valuable because of the commercial advantages they confer), and credit card numbers (used to commit identity fraud and further theft). Furthermore, the loss, theft or damage of computer systems, plus power interruptions, mechanical/electronic failures and other physical incidents prevent them being used, typically causing disruption and consequential costs or losses. Unauthorized disclosure of confidential information, and even the coercive threat of such disclosure, can be damaging as we saw in the Sony Pictures Entertainment hack at the end of 2014 and in numerous privacy breach incidents. Even in the absence of evidence that disclosed personal information has actually been exploited, the very fact that it is no longer secured and under the control of its rightful owners is itself a potentially harmful privacy impact. Substantial fines, adverse publicity/reputational damage and other noncompliance penalties and impacts that flow from serious privacy breaches are best avoided, regardless of cause! == Examples of physical attacks to obtain information == There are several ways to obtain information through physical attacks or exploitations. A few examples are described below. === Dumpster diving === Dumpster diving is the practice of searching through trash in the hope of obtaining something valuable such as information carelessly discarded on paper, computer disks or other hardware. === Overt access === Sometimes attackers will simply go into a building and take the information they need. Frequently when using this strategy, an attacker will masquerade as someone who belongs in the situation. They may pose as a copy room employee, remove a document from someone's desk, copy the document, replace the original, and leave with the copied document. Individuals pretending to building maintenance may gain access to otherwise restricted spaces. They might walk right out of the building with a trash bag containing sensitive documents, carrying portable devices or storage media that were left out on desks, or perhaps just having memorized a password on a sticky note stuck to someone's computer screen or called out to a colleague across an open office. == Examples of Physical Information Security Controls == Shredding paper documents prior to their disposal can prevent unintended information leakage. Digital data can be encrypted or securely wiped. Offices may require visitors to present valid identification cards or valid access keys. Office workers may be required to obey "clear desk" policies, protecting documents and other storage media (including portable IT devices) by tidying them away out of sight (for example in locked drawers, filing cabinets, safes or a Bank vault). Workers may be required to memorize their passwords or use a password manager instead of writing passwords on paper. Computers are vulnerable to outages caused by power cuts, accidental disconnection, flat batteries, brown-outs, surges, spikes, electrical interference and electronic failures. Physical information security controls to address the associated risks include: fuses, no-break battery-backed power supplies, electrical generators, redundant power sources and cabling, "Do not remove" warning signs on plugs, surge protectors, power quality monitoring, spare batteries, professional design and installation of power circuits plus regular inspections/tests and preventive maintenance.
Read more →
List of cryptosystems

A cryptosystem is a set of cryptographic algorithms that map ciphertexts and plaintexts to each other. == Private-key cryptosystems == Private-key cryptosystems use the same key for encryption and decryption. Caesar cipher Substitution cipher Enigma machine Data Encryption Standard Twofish Serpent Camellia Salsa20 ChaCha20 Blowfish CAST5 Kuznyechik RC4 3DES Skipjack Safer IDEA Advanced Encryption Standard, also known as AES and Rijndael. == Public-key cryptosystems == Public-key cryptosystems use a public key for encryption and a private key for decryption. Diffie–Hellman key exchange RSA encryption Rabin cryptosystem Schnorr signature ElGamal encryption Elliptic-curve cryptography Lattice-based cryptography McEliece cryptosystem Multivariate cryptography Isogeny-based cryptography
Read more →
Data security

Data security or data protection is the process of securing digital information to protect it from online threats. Data security or protection means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users, such as a cyberattack or a data breach. Data security protects computer hardware, software, storage devices, and the data of user devices. Data security also protects the data of organizations, companies and administrative controls. Data security guarantees the protection of individual data, such as identity documents and bank data, and protects against unauthorized access, theft and loss of individual data. Data security also protects data breaches that occurs in companies and industries. Good security measures in industries reduce the probability of data breaches, and employees can rely on the company with their data and private information to be kept secured while companies can continue to maintain a stable reputation. The CIA Triad (Confidentiality, Integrity, and Availability) is what is used to practice what an information security is required to follow. Confidentiality, protects information from being accessed by unauthorized persons. Integrity, makes sure data is trustworthy; and Availability, meaning that data can be accessed by approved users when it is needed; are three goals for data security. Non-repudiation in data security definition, is a device/service that shows where the data originated from and the proof of integrity. == Technologies == === Disk encryption === Disk encryption refers to encryption technology that encrypts data on a hard disk drive. It takes data from a storage device and coverts it into an unreadable format. Disk encryption typically takes form in either software (see disk encryption software) or hardware (see disk encryption hardware) which can be used together. Disk encryption is often referred to as on-the-fly encryption (OTFE) or transparent encryption. Full disk encryption encrypts each individual sector of a disk volume. Files and user data are encrypted to hinder unauthorized users from accessing without a decryption key. A diversifier permits a plaintext of a specific disk sector to be encrypted into different ciphertexts, which does not require additional storage, such as an initialization vector (IV) or message authentication code (MAC). === Software versus hardware-based mechanisms for protecting data === Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data to make it unrecoverable, making the system unusable. Hardware-based security solutions prevent read and write access to data, which provides very strong protection against tampering and unauthorized access. Hardware-based security or assisted computer security offers an alternative to software-only computer security. Security tokens such as those using PKCS#11 or a mobile phone may be more secure due to the physical access required in order to be compromised. Access is enabled only when the token is connected and the correct PIN is entered (see two-factor authentication). However, dongles can be used by anyone who can gain physical access to it. Newer technologies in hardware-based security solve this problem by offering full proof of security for data. Working off hardware-based security: A hardware device allows a user to log in, log out and set different levels through manual actions. Many devices use biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read by controllers in peripheral devices such as hard disks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by hard disk and DVD controllers making illegal access to data impossible. Hardware-based access control is more secure than the protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers. The data on hard disks can be corrupted after malicious access is obtained. With hardware-based protection, the software cannot manipulate the user privilege levels. A hacker or a malicious program cannot gain access to secure data protected by hardware or perform unauthorized privileged operations. This assumption is broken only if the hardware itself is malicious or contains a backdoor. The hardware protects the operating system image and file system privileges from being tampered with. Therefore, a completely secure system can be created using a combination of hardware-based security and secure system administration policies. === Backups === Backup is the process of reproducing copies of essential data and storing in a separate, secured place. It is used to ensure data that is lost can be recovered from another source. Backups contains a minimum of one copy of the data that requires preservation. It is considered essential to keep a backup of any data in most industries and the process is recommended for any files of importance to a user. There are 3 types of backups; full backups, incremental backups, and differential backups. Full backups secure all data from a production system, such as a server, database, or other connected data source. It is impossible to lose all data in a full backup if a breach or corruption were to occur. Full backups require a significantly large amount of time to back up and may be time-consuming taking hours to days to complete. Incremental backups only secures changed data since last backup. While all backups are done in full backups, incremental backups only save data that is recently or frequently changed. Incremental backups require lower storage costs making it a prominent solution for growing datasets. === Data Privacy === Data privacy (or information privacy) is the right for individual's data to be secured to obstruct the use of unauthorized access. It gives individuals control over their data and how it can be shared to third parties. The U.S Privacy Protection Law (see Privacy laws of the United States) requires organizations to inform individuals of how their data is collected and when a data breach occurs. By implementing an encryption, it ensures that private data is unreadable to cybercriminals. === Data masking === Data masking of structured data is the process of obscuring (masking) specific data within a database table or cell to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel. This may include masking the data from users (for example so banking customer representatives can only see the last four digits of a customer's national identity number), developers (who need real production data to test new software releases but should not be able to see sensitive financial data), outsourcing vendors, etc. Data masking is a form of encryption, as it obscures data by modifying particular letters and numbers to keep data concealed and protected from potential hackers. The individual that has access to the code that decrypts the replaced characters are the only ones that can uncover the data. === Data erasure === Data erasure (or data deletion, data destruction) is a method of software-based overwriting that permanently clears all electronic data residing on a hard drive or other digital media to ensure that no sensitive data is lost when an asset is retired or reused. Article 17: Right to be Forgotten states that users have the right to permanently remove all of their private information from their old devices/services to give people more control over their data. Users are able to switch between devices efficiently. == Threats == === Malware === Malware (or malicious software) is designed to destroy, corrupt or gain unauthorized access to a computer for the purpose of stealing, or destroying data. Hackers who use malware typically utilize many types of malware, which includes computer virus, computer worms, ransomware, spyware and Trojan horse to create a vast system of disruption and cause easy data theft. One of the victims of the vast system of disruption includes healthcare workers, who are targeted by compromised systems by infections and then having their data attacked. === Phishing === Phishing is a type of scam that allows hackers to hoax people using psychological and social engineering (using human emotions such as their trust and fear) tactics into giving personal data through emails and messages, and install computer viruses if the individual were to click on a malicious link unknowingly. Attackers are able to create websites that are very similar to original websites, which makes it difficult to detect a fake website, causing individuals to fall for giving in information. Phishing attackers use human emotion to exploit them, such as making them feel fear, urgency, sympathy with the message
Read more →
Link encryption

Link encryption is an approach to communications security that encrypts and decrypts all network traffic at each network routing point (e.g. network switch, or node through which it passes) until arrival at its final destination. This repeated decryption and encryption is necessary to allow the routing information contained in each transmission to be read and employed further to direct the transmission toward its destination, before which it is re-encrypted. This contrasts with end-to-end encryption where internal information, but not the header/routing information, is encrypted by the sender at the point of origin and only decrypted by the intended recipient. Link encryption offers two main advantages: encryption is automatic so there is less opportunity for human error. if the communications link operates continuously and carries an unvarying level of traffic, link encryption defeats traffic analysis. On the other hand, end-to-end encryption ensures only the intended recipient has access to the plaintext. Link encryption can be used with end-to-end systems by superencrypting the messages. Bulk encryption refers to encrypting a large number of circuits at once, after they have been multiplexed.
Read more →
The Outliner of Giants

The Outliner of Giants was commercial outlining software. Like other outliners, it allowed the user to create a document consisting of a series of nested lists. It was one of a number of browser-based outliners that are delivered as a web application, used through a web browser, rather than being installed as a stand-alone application. The Outliner of Giants was released in 2009. The service was shut down on December 31, 2017 and only exports are allowed at this time. == Feature set == Unlike most other browser-based outliners - which often focus on providing a minimum viable product - the Outliner of Giants had much of the functionality typically associated with a desktop outliner, such as the ability to use of columns to structure information. However, The Outliner of Giants did not support offline editing, requiring an active internet connection in order to make changes to an outline document. === Outlining === Like all outliners, The Outliner of Giants supported the creation of a hierarchy of items, with users modifying the parent-child relationship between items in order to structure a document. This included the ability to promote or demote items up or down the hierarchy, or move an item up or down a list of siblings on the same level. The Outliner of Giants did not support the true cloning of items (where an item can appear to be in multiple places within the hierarchy at the same time), although it did support the copying of single or multiple nodes. === Import === The Outliner of Giants could import both plain text and the OPML XML format, which is commonly used to transfer data between outlining applications. === Editing === Outline documents could be edited using a WYSIWYG editor, as well as the Markdown, and Textile markup languages. === Annotation === The Outliner of Giants supported functions to annotate an outline, such as the ability to add colored labels, highlights and text, as well as tags and hashtags. === Collaboration === The Outliner of Giants supported real-time collaboration, where multiple users could edit the same document, and can see the changes made by another user as they happened. === Publication === Outlines created through The Outliner of Giants could be published directly online through the service, either as outlines, pages or in a blog format. === Export === The Outliner of Giants can export outline data as plain text, HTML, as well as directly to the Google Docs word processor.
Read more →
Social media mining

Social media mining is the process of obtaining data from user-generated content on social media in order to extract actionable patterns, form conclusions about users, and act upon the information. Mining supports targeting advertising to users or academic research. The term is an analogy to the process of mining for minerals. Mining companies sift through raw ore to find the valuable minerals; likewise, social media mining sifts through social media data in order to discern patterns and trends about matters such as social media usage, online behaviour, content sharing, connections between individuals, buying behaviour. These patterns and trends are of interest to companies, governments and not-for-profit organizations, as such organizations can use the analyses for tasks such as design strategies, introduce programs, products, processes or services. Social media mining uses concepts from computer science, data mining, machine learning, and statistics. Mining is based on social network analysis, network science, sociology, ethnography, optimization and mathematics. It attempts to formally represent, measure and model patterns from social media data. In the 2010s, major corporations, governments and not-for-profit organizations began mining to learn about customers, clients and others. Platforms such as Google, Facebook (partnered with Datalogix and BlueKai) conduct mining to target users with advertising. Scientists and machine learning researchers extract insights and design product features. Users may not understand how platforms use their data. Users tend to click through Terms of Use agreements without reading them, leading to ethical questions about whether platforms adequately protect users' privacy. During the 2016 United States presidential election, Facebook allowed Cambridge Analytica, a political consulting firm linked to the Trump campaign, to analyze the data of an estimated 87 million Facebook users to profile voters, creating controversy when this was revealed. == Background == As defined by Kaplan and Haenlein, social media is the "group of internet-based applications that build on the ideological and technological foundations of Web 2.0, and that allow the creation and exchange of user-generated content." There are many categories of social media including, but not limited to, social networking (Facebook or LinkedIn), microblogging (Twitter), photo sharing (Flickr, Instagram, Photobucket, or Picasa), news aggregation (Google Reader, StumbleUpon, or Feedburner), video sharing (YouTube, MetaCafe), livecasting (Ustream or Twitch), virtual worlds (Kaneva), social gaming (World of Warcraft), social search (Google, Bing, or Ask.com), and instant messaging (Google Talk, Skype, or Yahoo! messenger). The first social media website was introduced by GeoCities in 1994. It enabled users to create their own homepages without having a sophisticated knowledge of HTML coding. The first social networking site, SixDegrees.com, was introduced in 1997. Since then, many other social media sites have been introduced, each providing service to millions of people. These individuals form a virtual world in which individuals (social atoms), entities (content, sites, etc.) and interactions (between individuals, between entities, between individuals and entities) coexist. Social norms and human behavior govern this virtual world. By understanding these social norms and models of human behavior and combining them with the observations and measurements of this virtual world, one can systematically analyze and mine social media. Social media mining is the process of representing, analyzing, and extracting meaningful patterns from data in social media, resulting from social interactions. It is an interdisciplinary field encompassing techniques from computer science, data mining, machine learning, social network analysis, network science, sociology, ethnography, statistics, optimization, and mathematics. Social media mining faces grand challenges such as the big data paradox, obtaining sufficient samples, the noise removal fallacy, and evaluation dilemma. Social media mining represents the virtual world of social media in a computable way, measures it, and designs models that can help us understand its interactions. In addition, social media mining provides necessary tools to mine this world for interesting patterns, analyze information diffusion, study influence and homophily, provide effective recommendations, and analyze novel social behavior in social media. == Uses == Social media mining is used across several industries including business development, social science research, health services, and educational purposes. Once the data received goes through social media analytics, it can then be applied to these various fields. Often, companies use the patterns of connectivity that pervade social networks, such as assortativity—the social similarity between users that are induced by influence, homophily, and reciprocity and transitivity. These forces are then measured via statistical analysis of the nodes and connections between these nodes. Social analytics also uses sentiment analysis, because social media users often relay positive or negative sentiment in their posts. This provides important social information about users' emotions on specific topics. These three patterns have several uses beyond pure analysis. For example, influence can be used to determine the most influential user in a particular network. Companies would be interested in this information in order to decide who they may hire for influencer marketing. These influencers are determined by recognition, activity generation, and novelty—three requirements that can be measured through the data mined from these sites. Analysts also value measures of homophily: the tendency of two similar individuals to become friends. Users have begun to rely on information of other users' opinions in order to understand diverse subject matter. These analyses can also help create recommendations for individuals in a tailored capacity. By measuring influence and homophily, online and offline companies are able to suggest specific products for individuals consumers, and groups of consumers. Social media networks can use this information themselves to suggest to their users possible friends to add, pages to follow, and accounts to interact with. == Perception == Modern social media mining is a controversial practice that has led to exponential gains in user growth for tech giants such as Facebook, Inc., Twitter, and Google. Companies such as these, considered "Big Tech" are companies that build algorithms that take advantage of user input to understand their preferences, and keep them on the platform as much as possible. These inputs, that can be as simple as time spent on a given screen, provide the data being mined, and lead to companies profiting heavily from using that data to capitalize on extremely accurate predictions about user behavior. The growth of platforms accelerated rapidly once these strategies were put in place; Most of the largest platforms now average over 1 billion active users per month as of 2021. It has been claimed by a multitude of anti-algorithm personalities, like Tristan Harris or Chamath Palihapitiya, that certain companies (specifically Facebook) valued growth above all else, and ignored potential negative impacts from these growth engineering tactics. At the same time, users have now created their own data arbitrages with the help of their own data, through content monetization and becoming influencers. Users typically have access to a varied set of analytics specific to people that interact with them on social media, and can use these as building blocks for their own targeting and growth strategies through ads and posts that cater to their audiences. Influencers also commonly promote products and services for established brands, creating one of the largest digital industries: Influencer marketing. Instagram, Facebook, Twitter, YouTube, Google, and others have long given access to platform analytics, and allowed third parties to access that information as well, at times unbeknownst to even the user whose data is being viewed/bought. == Research == === Research areas === Social media event detection – Social networks enable users to freely communicate with each other and share their recent news, ongoing activities or views about different topics. As a result, they can be seen as a potentially viable source of information to understand the current emerging topics/events. Public health monitoring and surveillance - Using large-scale analysis of social media to study large cohorts of patients and the general public, e.g. to obtain early warning signals of drug-drug interactions and adverse drug reactions, or understand human reproduction and sexual interest. Community structure (Community Detection/Evolution/Evaluation) – Identifying communities on social networks, how t
Read more →
PGP word list

The PGP Word List ("Pretty Good Privacy word list", also called a biometric word list for reasons explained below) is a list of words for conveying data bytes in a clear unambiguous way via a voice channel. They are analogous in purpose to the NATO phonetic alphabet, except that a longer list of words is used, each word corresponding to one of the 256 distinct numeric byte values. == History and structure == The PGP Word List was designed in 1995 by Patrick Juola, a computational linguist, and Philip Zimmermann, creator of PGP. The words were carefully chosen for their phonetic distinctiveness, using genetic algorithms to select lists of words that had optimum separations in phoneme space. The candidate word lists were randomly drawn from Grady Ward's Moby Pronunciator list as raw material for the search, successively refined by the genetic algorithms. The automated search converged to an optimized solution in about 40 hours on a DEC Alpha, a particularly fast machine in that era. The Zimmermann–Juola list was originally designed to be used in PGPfone, a secure VoIP application, to allow the two parties to verbally compare a short authentication string to detect a man-in-the-middle attack (MiTM). It was called a biometric word list because the authentication depended on the two human users recognizing each other's distinct voices as they read and compared the words over the voice channel, binding the identity of the speaker with the words, which helped protect against the MiTM attack. The list can be used in many other situations where a biometric binding of identity is not needed, so calling it a biometric word list may be imprecise. Later, it was used in PGP to compare and verify PGP public key fingerprints over a voice channel. This is known in PGP applications as the "biometric" representation. When it was applied to PGP, the list of words was further refined, with contributions by Jon Callas. More recently, it has been used in Zfone and the ZRTP protocol, the successor to PGPfone. The list is actually composed of two lists, each containing 256 phonetically distinct words, in which each word represents a different byte value between 0 and 255. Two lists are used because reading aloud long random sequences of human words usually risks three kinds of errors: 1) transposition of two consecutive words, 2) duplicate words, or 3) omitted words. To detect all three kinds of errors, the two lists are used alternately for the even-offset bytes and the odd-offset bytes in the byte sequence. Each byte value is actually represented by two different words, depending on whether that byte appears at an odd or an even offset from the beginning of the byte sequence. The two lists are readily distinguished by the number of syllables; the odd list has words of three syllables, the even list has two. The two lists have a maximum word length of 11 and 9 letters, respectively. Using a two-list scheme was suggested by Zhahai Stewart. == Examples == Each byte in a bytestring is encoded as a single word. A sequence of bytes is rendered in network byte order, from left to right. For example, the leftmost (i.e. byte 0) is considered "even" and is encoded using the PGP Even Word table. The next byte to the right (i.e. byte 1) is considered "odd" and is encoded using the PGP Odd Word table. This process repeats until all bytes are encoded. Thus, "E582" produces "topmost Istanbul", whereas "82E5" produces "miser travesty". A PGP public key fingerprint that displayed in hexadecimal as E582 94F2 E9A2 2748 6E8B 061B 31CC 528F D7FA 3F19 would display in PGP Words (the "biometric" fingerprint) as topmost Istanbul Pluto vagabond treadmill Pacific brackish dictator goldfish Medusa afflict bravado chatter revolver Dupont midsummer stopwatch whimsical cowbell bottomless The order of bytes in a bytestring depends on endianness. == Other word lists for data == There are several other word lists for conveying data in a clear unambiguous way via a voice channel: the NATO phonetic alphabet maps individual letters and digits to individual words the S/KEY system maps 64 bit numbers to 6 short words of 1 to 4 characters each from a publicly accessible 2048-word dictionary. The same dictionary is used in RFC 1760 and RFC 2289. the Diceware system maps five base-6 random digits (almost 13 bits of entropy) to a word from a dictionary of 7,776 distinct words. the Electronic Frontier Foundation has published a set of improved word lists based on the same concept FIPS 181: Automated Password Generator converts random numbers into somewhat pronounceable "words". mnemonic encoding converts 32 bits of data into 3 words from a vocabulary of 1626 words. what3words encodes geographic coordinates in 3 dictionary words. the BIP39 standard permits encoding a cryptographic key of fixed size (128 or 256 bits, usually the unencrypted master key of a Cryptocurrency wallet) into a short sequence of readable words known as the seed phrase, for the purpose of storing the key offline. This is used in cryptocurrencies such as Bitcoin or Monero. Like the PGP word list, the Bytewords standard maps each possible byte to a word. There is only one list, rather than two. The words are uniformly four letters long and can be uniquely identified by their first and last letters
Read more →
Cipher device

A cipher device was a term used by the US military in the first half of the 20th century to describe a manually operated cipher equipment that converted the plaintext into ciphertext or vice versa. A similar term, cipher machine, was used to describe the cipher equipment that required external power for operation. Cipher box or crypto box is a physical cryptographic device used to encrypt and decrypt messages between plaintext (unencrypted) and ciphertext (encrypted or secret) forms. The ciphertext is suitable for transmission over a channel, such as radio, that might be observed by an adversary the communicating parties wish to conceal the plaintext from.
Read more →
Color moments

Color moments are measures that characterise color distribution in an image in the same way that central moments uniquely describe a probability distribution. Color moments are mainly used for color indexing purposes as features in image retrieval applications in order to compare how similar two images are based on color. Usually one image is compared to a database of digital images with pre-computed features in order to find and retrieve a similar Image. Each comparison between images results in a similarity score, and the lower this score is the more identical the two images are supposed to be. == Overview == Color moments are scaling and rotation invariant. It is usually the case that only the first three color moments are used as features in image retrieval applications as most of the color distribution information is contained in the low-order moments. Since color moments encode both shape and color information they are a good feature to use under changing lighting conditions, but they cannot handle occlusion very successfully. Color moments can be computed for any color model. Three color moments are computed per channel (e.g. 9 moments if the color model is RGB and 12 moments if the color model is CMYK). Computing color moments is done in the same way as computing moments of a probability distribution. === Mean === The first color moment can be interpreted as the average color in the image, and it can be calculated by using the following formula E i = ∑ j = 1 N 1 N p i j {\displaystyle E_{i}=\textstyle \sum _{j=1}^{N}{\frac {1}{N}}p_{ij}} where N is the number of pixels in the image and p i j {\displaystyle p_{ij}} is the value of the j-th pixel of the image at the i-th color channel. === Standard Deviation === The second color moment is the standard deviation, which is obtained by taking the square root of the variance of the color distribution. σ i = ( 1 N ∑ j = 1 N ( p i j − E i ) 2 ) {\displaystyle \sigma _{i}={\sqrt {({\frac {1}{N}}\textstyle \sum _{j=1}^{N}(p_{ij}-E_{i})^{2})}}} where E i {\displaystyle E_{i}} is the mean value, or first color moment, for the i-th color channel of the image. === Skewness === The third color moment is the skewness. It measures how asymmetric the color distribution is, and thus it gives information about the shape of the color distribution. Skewness can be computed with the following formula: s i = ( 1 N ∑ j = 1 N ( p i j − E i ) 3 ) 3 σ i {\displaystyle s_{i}={\frac {\sqrt[{3}]{\left({\frac {1}{N}}\textstyle \sum _{j=1}^{N}(p_{ij}-E_{i})^{3}\right)}}{\sigma _{i}}}} === Kurtosis === Kurtosis is the fourth color moment, and, similarly to skewness, it provides information about the shape of the color distribution. More specifically, kurtosis is a measure of how extreme the tails are in comparison to the normal distribution. === Higher-order color moments === Higher-order color moments are usually not part of the color moments feature set in image retrieval tasks as they require more data in order to obtain a good estimate of their value, and also the lower-order moments generally provide enough information. == Applications == Color moments have significant applications in image retrieval. They can be used in order to compare how similar two images are. This is a relatively new approach to color indexing. The greatest advantage of using color moments comes from the fact that there is no need to store the complete color distribution. This greatly speeds up image retrieval since there are less features to compare. In addition, the first three color moments have the same units, which allows for comparison between them. === Color indexing === Color indexing is the main application of color moments. Images can be indexed, and the index will contain the computed color moments. Then, if someone has a particular image and wants to find similar images in the database, the color moments of the image of interest will also be computed. After that the following function will be used in order to compute a similarity score between the image of interest and all the images in the database: d m o m ( H , I ) = ∑ i = 1 r w i 1 | E i 1 − E i 2 | + w i 2 | σ i 1 − σ i 2 | + w i 3 | s i 1 − s i 2 | {\displaystyle d_{mom}(H,I)=\textstyle \sum _{i=1}^{r}w_{i1}|E_{i}^{1}-E_{i}^{2}|+w_{i2}|\sigma _{i}^{1}-\sigma _{i}^{2}|+w_{i3}|s_{i}^{1}-s_{i}^{2}|} where: H and I are the color distributions of the two images that are being compared i is the channel index and r is the total number of channels E i 1 {\displaystyle E_{i}^{1}} and E i 2 {\displaystyle E_{i}^{2}} are the first order moments computed for the image distributions. σ i 1 {\displaystyle \sigma _{i}^{1}} and σ i 2 {\displaystyle \sigma _{i}^{2}} are the second order moments computed for the image distributions. s_i^1 and s_i^2 are the third order moments computed for the image distributions. w i 1 {\displaystyle w_{i1}} , w i 2 {\displaystyle w_{i2}} , and w i 3 {\displaystyle w_{i3}} are weights, specified by the user, for each of the three color moments used. Finally, the images in the database will be ranked according to the computed similarity score with the image of interest, and the database images with the lowest d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value should be retrieved. "A retrieval based on d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} may produce false positives because the index contains no information about the correlation between the color channels". == Example == A simple and concise example of the use of color moments for image retrieval tasks is illustrated in. Consider having several test images in a database and a "New Image". The goal is to retrieve images from the database that are similar to the "New Image". The first three color moments are used as features. There are several steps in this computation. Image preprocessing (Optional) - The image preprocessing step of the computation process is optional. For example, in this step all images could be modified to be the same size (in terms of pixels). However, since color moments are invariant to scaling, it is not necessary to make all images the same width and height. Computing the features - Use the color moments formulae in order to compute the first three moments for each of the color channels in the image. For example, if the HSV color space is used, this means that for each of the images, 9 features in total will be computed (the first three order moments for the Hue, Saturation, and Value channels). Calculating the similarity score - After computing the color moments the weights for each of the moments in the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} function should be determined by the user. The weights have to be adjusted each time in accordance with the application or condition and quality of the images. Following that the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} function is used to calculate a similarity score for the "New Image" and each of the images in the database. Ranking and image retrieval - From the previous step the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} values were obtained. Now a comparison of these values can be made in order to decide which of the images in the database are more similar to the "New Image", and thus rank the database images accordingly. The smaller the d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value is the more similar the two color distributions are supposed to be. Finally, some of the top ranked images (the ones with the smallest d m o m ( H , I ) {\displaystyle d_{mom}(H,I)} value) from the database are retrieved.
Read more →
AS2

AS2 (Applicability Statement 2) is a specification on how to transport structured business-to-business data securely and reliably over the Internet. Security is achieved by using digital certificates and encryption. == Background == AS2 was created in 2002 by the IETF to replace AS1, which they created in the early 1990s. The adoption of AS2 grew rapidly throughout the early 2000s because major players in the retail and fast-moving consumer goods industries championed AS2. Walmart was the first major retailer to require its suppliers to use the AS2 protocol instead of relying on dial-up modems for ordering goods. Amazon, Target, Lowe's, Bed, Bath, & Beyond and thousands of others followed suit. Many other industries use the AS2 protocol, including healthcare, as AS2 meets legal HIPAA requirements. In some cases, AS2 is a way to bypass expensive value-added networks previously used for data interchange. == Technical overview == AS2 is specified in RFC 4130, and is based on HTTP and S/MIME. It was the second AS protocol developed and uses the same signing, encryption and MDN (as defined by RFC3798) conventions used in the original AS1 protocol introduced in the late 1990s by IETF. In other words: Files are encoded as "attachments" in a standardized S/MIME message (an AS2 message). AS2 does not specify the contents of the files. Usually, the file contents are in a standardized format that is separately agreed upon, such as XML or EDIFACT. AS2 messages are always sent using the HTTP or HTTPS protocol (Secure Sockets Layer — also known as SSL — is implied by HTTPS) and usually use the "POST" method (use of "GET" is rare). Messages can be signed, but do not have to be. Messages can be encrypted, but do not have to be. Messages may request a Message Disposition Notification (MDN) back if all went well, but do not have to request such a message. If the original AS2 message requested an MDN: Upon the receipt of the message and its successful decryption or signature validation (as necessary) a "success" MDN will be sent back to the original sender. This MDN is typically signed but never encrypted (unless temporarily encrypted in transit via HTTPS). Upon the receipt and successful verification of the signature on the MDN, the original sender will "know" that the recipient got their message (this provides the "Non-repudiation" element of AS2). If there are any problems receiving or interpreting the original AS2 message, a "failed" MDN may be sent back. However, part of the AS2 protocol states that the client must treat a lack of an MDN as a failure as well, so some AS2 receivers will not return an MDN in this case. Like any other AS file transfer, AS2 file transfers typically require both sides of the exchange to trade X.509 certificates and specific "trading partner" names before any transfers can take place. AS2 trading partner names can usually be any valid phrase. === MDN options === Unlike AS1 or AS3 file transfers, AS2 file transfers offer several "MDN return" options instead of the traditional options of "yes" or "no". Specifically, the choices are: ==== AS2 w/ "Sync" MDNs ==== Return Synchronous MDN via HTTP(S) ("AS2 Sync") - This popular option allows AS2 MDNs to be returned to AS2 message sender clients over the same HTTP connection they used to send the original message. This "MDN while you wait" capability makes "AS2 Sync" transfers the fastest of any type of AS file transfer, but it also keeps this flavor of MDN requests from being used with large files (which may time out in low-bandwidth situations). ==== AS2 w/ "ASync" MDNs ==== Return Asynchronous MDN via HTTP(S) (a.k.a. "AS2 Async") - This popular option allows AS2 MDNs to be returned to the AS2 message sender's server later over a different HTTP connection. This flavor of MDN request is usually used if large files are involved or if your trading partner's AS2 server has poor Internet service. ==== AS2 w/ "Email" MDNs ==== Return (Asynchronous) MDN via Email - This rarely used option allows AS2 MDNs to be returned to AS2 message senders via email rather than HTTP. Otherwise, it is similar to "AS2 Async (HTTP)". ==== AS2 w/ No MDNs ==== Do not return MDN - This option works like it does in any other AS protocol: the receiver of an AS2 message with this option set simply does not try to return an MDN to the AS2 message sender. ==== Filename preservation ==== AS2 filename preservation feature will be used to communicate the filename to the trading partner. The banking industry relies on filenames being communicated between trading partners. AS2 vendors are currently certifying that implementation of filename communication conforms to the standard and is interoperable. There are two profiles for filename preservation being optionally tested under AS2 testing: Filename preservation without MDN responses Filename preservation with an associated MDN response certification Walmart recommends contacting Drummond Group, LLC for more information on EDIINT AS2, or for a list of interoperable-testing AS2 software providers. == Benefits == For many businesses, the use of AS2 and electronic data interchange (EDI) is not a choice so much as it is a requirement of doing business with a large customer or partner. That said, AS2 is a universal protocol that has benefits, from both business and technology vantage points. === Business case === Cut costs by using the web for EDI file transfers, AS2 reduces the cost of transactions from expensive VANs. Extend EDI to more partners; with lower costs and universal web connectivity, AS2 allows organizations to implement EDI with partners worldwide that have little EDI infrastructure. Save time by eliminating the need to manually process orders. Eliminate errors by turning manual processes into automated processes. Universal solution — AS2 is established and tested, so no one has to re-invent the wheel. === Technological advantages === Leverage the web: if an organization can share data securely via the web, they already have much of the infrastructure for AS2. Unlimited EDI data — there are no practical limitations on transaction sizes via the web, and AS2 includes features for managing large transfers. Payload Agnostic — AS2 can be used to transport any type of document. While EDI X12, EDIFACT and XML are common, any mutually agreed-upon format may be transferred.
Read more →
Data profiling

Data profiling is the process of examining the data available from an existing information source (e.g. a database or a file) and collecting statistics or informative summaries about that data. The purpose of these statistics may be to: Find out whether existing data can be easily used for other purposes Improve the ability to search data by tagging it with keywords, descriptions, or assigning it to a category Assess data quality, including whether the data conforms to particular standards or patterns Assess the risk involved in integrating data in new applications, including the challenges of joins Discover metadata of the source database, including value patterns and distributions, key candidates, foreign-key candidates, and functional dependencies Assess whether known metadata accurately describes the actual values in the source database Understanding data challenges early in any data intensive project, so that late project surprises are avoided. Finding data problems late in the project can lead to delays and cost overruns. Have an enterprise view of all data, for uses such as master data management, where key data is needed, or data governance for improving data quality. == Introduction == Data profiling refers to the analysis of information for use in a data warehouse in order to clarify the structure, content, relationships, and derivation rules of the data. Profiling helps to not only understand anomalies and assess data quality, but also to discover, register, and assess enterprise metadata. The result of the analysis is used to determine the suitability of the candidate source systems, usually giving the basis for an early go/no-go decision, and also to identify problems for later solution design. == How data profiling is conducted == Data profiling utilizes methods of descriptive statistics such as minimum, maximum, mean, mode, percentile, standard deviation, frequency, variation, aggregates such as count and sum, and additional metadata information obtained during data profiling such as data type, length, discrete values, uniqueness, occurrence of null values, typical string patterns, and abstract type recognition. The metadata can then be used to discover problems such as illegal values, misspellings, missing values, varying value representation, and duplicates. Different analyses are performed for different structural levels. E.g. single columns could be profiled individually to get an understanding of frequency distribution of different values, type, and use of each column. Embedded value dependencies can be exposed in a cross-columns analysis. Finally, overlapping value sets possibly representing foreign key relationships between entities can be explored in an inter-table analysis. Normally, purpose-built tools are used for data profiling to ease the process. The computational complexity increases when going from single column, to single table, to cross-table structural profiling. Therefore, performance is an evaluation criterion for profiling tools. == When is data profiling conducted? == According to Kimball, data profiling is performed several times and with varying intensity throughout the data warehouse developing process. A light profiling assessment should be undertaken immediately after candidate source systems have been identified and DW/BI business requirements have been satisfied. The purpose of this initial analysis is to clarify at an early stage if the correct data is available at the appropriate detail level and that anomalies can be handled subsequently. If this is not the case the project may be terminated. Additionally, more in-depth profiling is done prior to the dimensional modeling process in order assess what is required to convert data into a dimensional model. Detailed profiling extends into the ETL system design process in order to determine the appropriate data to extract and which filters to apply to the data set. Additionally, data profiling may be conducted in the data warehouse development process after data has been loaded into staging, the data marts, etc. Conducting data at these stages helps ensure that data cleaning and transformations have been done correctly and in compliance of requirements. == Benefits and examples == Data profiling can improve data quality, shorten the implementation cycle of major projects, and improve users' understanding of data. Discovering business knowledge embedded in data itself is one of the significant benefits derived from data profiling. It can improve data accuracy in corporate databases.
Read more →
Comparison of OLAP servers

The following tables compare general and technical information for a number of online analytical processing (OLAP) servers. Please see the individual products articles for further information. == General information == == Data storage modes == == APIs and query languages == APIs and query languages OLAP servers support. == OLAP distinctive features == A list of OLAP features that are not supported by all vendors. All vendors support features such as parent-child, multilevel hierarchy, drilldown. == System limits == == Security == == Operating systems == The OLAP servers can run on the following operating systems: Note (1):The server availability depends on Java Virtual Machine not on the operating system == Support information ==
Read more →
E-gree (app)

E-gree is a legal app that became well known in 2020. It was the first app of its kind to protect users against a number of dating-related issues, including revenge porn. == Background == The app was co-founded by Araz Mamet, Keith Fraser and Ilya Flaks. The app focuses on privacy, with users being able to set up various contracts to protect themselves following a breakup, or while dating. This notably included signing an NDA when sexting. The app received investment from a number of notable people and companies, including Natalia Vodianova.
Read more →
Service Assurance Agent

IP SLA (Internet Protocol Service Level Agreement) is an active computer network measurement technology that was initially developed by Cisco Systems. IP SLA was previously known as Service Assurance Agent (SAA) or Response Time Reporter (RTR). IP SLA is used to track network performance like latency, ping response, and jitter, it also helps to provide service quality. == Functions == Routers and switches enabled with IP SLA perform periodic network tests or measurements such as Hypertext Transfer Protocol (HTTP) GET File Transfer Protocol (FTP) downloads Domain Name System (DNS) lookups User Datagram Protocol (UDP) echo, for VoIP jitter and mean opinion score (MOS) Data-Link Switching (DLSw) (Systems Network Architecture (SNA) tunneling protocol) Dynamic Host Configuration Protocol (DHCP) lease requests Transmission Control Protocol (TCP) connect Internet Control Message Protocol (ICMP) echo (remote ping) The exact number and types of available measurements depends on the IOS version. IP SLA is very widely used in service provider networks to generate time-based performance data. It is also used together with Simple Network Management Protocol (SNMP) and NetFlow, which generate volume-based data. == Usage considerations == For IP SLA tests, devices with IP SLA support are required. IP SLA is supported on Cisco routers and switches since IOS version 12.1. Other vendors like Juniper Networks or Enterasys Networks support IP SLA on some of their devices. IP SLA tests and data collection can be configured either via a console (command-line interface) or via SNMP. When using SNMP, both read and write community strings are needed. The IP SLA voice quality feature was added starting with IOS version 12.3(4)T. All versions after this, including 12.4 mainline, contain the MOS and ICPIF voice quality calculation for the UDP jitter measurement.
Read more →
Personal network

A personal network is a set of human contacts known to an individual, with whom that individual would expect to interact at intervals to support a given set of activities. In other words, a personal network is a group of caring, dedicated people who are committed to maintain a relationship with a person in order to support a given set of activities. Having a strong personal network requires being connected to a network of resources for mutual development and growth. Personal networks can be understood by: who knows you what you know about them what they know about you what are you learning together how you work at that Personal networks are intended to be mutually beneficial, extending the concept of teamwork beyond the immediate peer group. The term is usually encountered in the workplace, though it could apply equally to other pursuits outside work. Personal networking is the practice of developing and maintaining a personal network, which is usually undertaken over an extended period. The concept is related to business networking and is often encouraged by large organizations, in the hope of improving productivity, and so a number of tools exist to support the maintenance of networks. Many of these tools are IT-based, and use Web 2.0 technologies. == History of networking and business success == In the second half of the twentieth century, U.S. advocates for workplace equity popularized the term and concept of networking as part of a larger social capital lexicon—which also includes terms such as glass ceiling, role model, mentoring, and gatekeeper—serving to identify and address the problems barring non-dominant groups from professional success. Mainstream business literature subsequently adopted the terms and concepts, promoting them as pathways to success for all career climbers. In 1970 these terms were not in the general American vocabulary; by the mid-1990s they had become part of everyday speech. Before the mid-twentieth century, what we call networking today was framed in the language of family and friendship. These close personal relationships provided a range of opportunities to preferred subsets of people, such as access to job opportunities, information, credit, and partnerships. Family networks and nepotism have proven particularly strong throughout history. However, other common bonds—from ethnicity and religion to school ties and club memberships—can connect subsets of people as well. Of course people whom insiders consider undesirable have been barred from such networks, with important consequences. Those who tap into influential networks can be nurtured toward success. Those who are shut out from networks can lose hope of success. Numerous business heroes of the past—such as Benjamin Franklin, Andrew Carnegie, Henry Ford, and John D. Rockefeller—exploited networks to great effect. The business networks that seemed natural and transparent to these white men were a closed book to women and minorities for much of American history. Drawing on work from the social sciences, these outsider groups had to identify and then harness the mechanisms behind networking's power. A prominent early example of this process was the formation of corporate caucuses by black men at Xerox starting in 1969. Groups of black salesmen met regularly to share information about Xerox's culture and strategies for navigating it most effectively. Through confrontation and collaboration with a relatively accommodating upper management, the caucuses helped open opportunities for high-performing black employees. The popular and business press began using the terms "network" and "networking" in the mid-1970s in the context of businesswomen consciously pursuing this strategy. Authors encouraged female workers to recognize and exploit the informal workplace systems that provided advancement. They urged women to identify mentors, use social contacts, and build peer and authority networks. The push for networking drew on ideas and relationships from the era's feminist movement, and dictionaries of the time explicitly linked business networking to women's efforts to succeed in the workplace. Since the closing decades of the twentieth century, networking has become a pervasive term and concept in American society. People now invoke networking in relation to everything from business to child rearing to science. While ambitious careerists seek networks as an indispensable talisman, companies purposefully encourage networking among their employees to boost performance and gain competitive advantage. At the same time, Americans are forgetting the workplace activism that first illuminated the power of networking. Unfortunately, this loss of historical context can fuel a backlash against outsider groups who still seek to synthesize networks so they can access the same opportunities enjoyed by insiders. == Characteristics of networks == Broadly speaking, all networks have the following characteristics: Purpose – A network can be established for learning, mission, business, idea, and family or personal reasons. Structure – A network is a group of interlinked entities that form a cluster. Most social structures tend to be characterized by dense clusters of strong connections. Style – The place, space, pace and style of interaction of the networks give an understanding of the style of the networks. Namkee Park, Seungyoon Lee and Jang Hyun Kim examined the relations between personal network characteristics and Facebook use. According to their study, personal networks are investigated through several structural characteristics, which can be categorized into three major dimensions according to the level of analysis: Dyadic tie attributes which include the characteristics of ego-alter ties such as duration, multiplexity, and proximity. Ego-alter tie attributes represent various dimensions of relationships between the focal person and their close contacts. First, tie duration refers to the length of time since the tie was originally initiated, which indicates the duration of relationships. Second, multiplexity includes a focal individual's degree of involvement in various types of interactions with network members. The third dimension is the physical proximity between ego and alter. Theories of proximity suggest that physical proximity between people affects their interaction and subsequently, their formation of network ties. The characteristics of alter-alter ties including personal network density. When moving to ties at the alter-alter level, ego-network density, which refers to the extent to which one's alters are connected with each other, is an important dimension of personal networks. Dense personal network structure indicates close interpersonal contacts among alters, and consequently, is considered to promote the sharing of resources. On the other hand, loose connections, or structural holes in ego-networks, have been found to facilitate the flow of information and to provide advantages in searching and obtaining resources (e.g., getting a job). The composition of alter attributes centered on the heterogeneity of alters in one's personal network. The heterogeneity of alters in one's personal network is associated with access to diverse resources and information It is expected, thus, that the heterogeneity attributes may enhance the focal actor's social activities. Each of these characteristics represents unique aspects of individuals' network relationships. == Types of personal networks == Personal networks can be used for two main reasons: social and professional. In 2012, LinkedIn along with TNS conducted a survey of 6,000 social network users to understand the difference between personal social networks and personal professional networks. The "Mindset Divide" of users of these networks was compared as follows: Emotions: Personal social networks: Nostalgia, fun, distraction. Personal professional networks: Achievement, success, aspiration. Use: Personal social networks: Users are in a casual mindset often just passing time. They use social networks to socialize, stay in touch, be entertained and kill time. Personal professional networks: In this purposeful mindset, users invest time to improve themselves and their future. These networks are used to maintain professional identity, make useful contacts, search for opportunities and stay in touch. Content: Personal professional networks: These provide information about career, brand updates and current affairs. Professional development: Personal development networks: These provide access to those who can provide information, knowledge, advice, support, expertise, guidance, and concrete resources to learn and work effectively—thus those who support the continuing professional development. == Personal network management == Personal network management (PNM) is a crucial aspect of personal information management and can be understood as the practice of managing the links and connections for social and profession
Read more →