State complexity is an area of theoretical computer science dealing with the size of abstract automata, such as different kinds of finite automata. The classical result in the area is that simulating an n {\displaystyle n} -state nondeterministic finite automaton by a deterministic finite automaton requires exactly 2 n {\displaystyle 2^{n}} states in the worst case. == Transformation between variants of finite automata == Finite automata can be deterministic and nondeterministic, one-way (DFA, NFA) and two-way (2DFA, 2NFA). Other related classes are unambiguous (UFA), self-verifying (SVFA) and alternating (AFA) finite automata. These automata can also be two-way (2UFA, 2SVFA, 2AFA). All these machines can accept exactly the regular languages. However, the size of different types of automata necessary to accept the same language (measured in the number of their states) may be different. For any two types of finite automata, the state complexity tradeoff between them is an integer function f {\displaystyle f} where f ( n ) {\displaystyle f(n)} is the least number of states in automata of the second type sufficient to recognize every language recognized by an n {\displaystyle n} -state automaton of the first type. The following results are known. NFA to DFA: 2 n {\displaystyle 2^{n}} states. This is the subset construction by Rabin and Scott, proved optimal by Lupanov. UFA to DFA: 2 n {\displaystyle 2^{n}} states, see Leung, An earlier lower bound by Schmidt was smaller. NFA to UFA: 2 n − 1 {\displaystyle 2^{n}-1} states, see Leung. There was an earlier smaller lower bound by Schmidt. SVFA to DFA: Θ ( 3 n / 3 ) {\displaystyle \Theta (3^{n/3})} states, see Jirásková and Pighizzini 2DFA to DFA: n ( n n − ( n − 1 ) n ) {\displaystyle n(n^{n}-(n-1)^{n})} states, see Kapoutsis. Earlier construction by Shepherdson used more states, and an earlier lower bound by Moore was smaller. 2DFA to NFA: ( 2 n n + 1 ) = O ( 4 n n ) {\displaystyle {\binom {2n}{n+1}}=O({\frac {4^{n}}{\sqrt {n}}})} , see Kapoutsis. Earlier construction by Birget used more states. 2NFA to NFA: ( 2 n n + 1 ) {\displaystyle {\binom {2n}{n+1}}} , see Kapoutsis. 2NFA to NFA accepting the complement: O ( 4 n ) {\displaystyle O(4^{n})} states, see Vardi. AFA to DFA: 2 2 n {\displaystyle 2^{2^{n}}} states, see Chandra, Kozen and Stockmeyer. AFA to NFA: 2 n {\displaystyle 2^{n}} states, see Fellah, Jürgensen and Yu. 2AFA to DFA: 2 n 2 n {\displaystyle 2^{n2^{n}}} , see Ladner, Lipton and Stockmeyer. 2AFA to NFA: 2 Θ ( n log n ) {\displaystyle 2^{\Theta (n\log n)}} , see Geffert and Okhotin. === The 2DFA vs. 2NFA problem and logarithmic space === It is an open problem whether all 2NFAs can be converted to 2DFAs with polynomially many states, i.e. whether there is a polynomial p ( n ) {\displaystyle p(n)} such that for every n {\displaystyle n} -state 2NFA there exists a p ( n ) {\displaystyle p(n)} -state 2DFA. The problem was raised by Sakoda and Sipser, who compared it to the P vs. NP problem in the computational complexity theory. Berman and Lingas discovered a formal relation between this problem and the L vs. NL open problem. This relation was further elaborated by Kapoutsis. == State complexity of operations for finite automata == Given a binary regularity-preserving operation on languages ∘ {\displaystyle \circ } and a family of automata X (DFA, NFA, etc.), the state complexity of ∘ {\displaystyle \circ } is an integer function f ( m , n ) {\displaystyle f(m,n)} such that for each m-state X-automaton A and n-state X-automaton B there is an f ( m , n ) {\displaystyle f(m,n)} -state X-automaton for L ( A ) ∘ L ( B ) {\displaystyle L(A)\circ L(B)} , and for all integers m, n there is an m-state X-automaton A and an n-state X-automaton B such that every X-automaton for L ( A ) ∘ L ( B ) {\displaystyle L(A)\circ L(B)} must have at least f ( m , n ) {\displaystyle f(m,n)} states. Analogous definition applies for operations with any number of arguments. The first results on state complexity of operations for DFAs were published by Maslov and by Yu, Zhuang and Salomaa. Holzer and Kutrib pioneered the state complexity of operations on NFA. The known results for basic operations are listed below. === Union === If language L 1 {\displaystyle L_{1}} requires m states and language L 2 {\displaystyle L_{2}} requires n states, how many states does L 1 ∪ L 2 {\displaystyle L_{1}\cup L_{2}} require? DFA: m n {\displaystyle mn} states, see Maslov and Yu, Zhuang and Salomaa. NFA: m + n + 1 {\displaystyle m+n+1} states, see Holzer and Kutrib. UFA: at least min ( n , m ) Ω ( log ( min ( n , m ) ) ) {\displaystyle \min(n,m)^{\Omega (\log(\min(n,m)))}} ; between m n + m + n {\displaystyle mn+m+n} and m + n m 2 0.79 m {\displaystyle m+nm2^{0.79m}} states, see Jirásek, Jirásková and Šebej. SVFA: m n {\displaystyle mn} states, see Jirásek, Jirásková and Szabari. 2DFA: between m + n {\displaystyle m+n} and 4 m + n + 4 {\displaystyle 4m+n+4} states, see Kunc and Okhotin. 2NFA: m + n {\displaystyle m+n} states, see Kunc and Okhotin. === Intersection === How many states does L 1 ∩ L 2 {\displaystyle L_{1}\cap L_{2}} require? DFA: m n {\displaystyle mn} states, see Maslov and Yu, Zhuang and Salomaa. NFA: m n {\displaystyle mn} states, see Holzer and Kutrib. UFA: m n {\displaystyle mn} states, see Jirásek, Jirásková and Šebej. SVFA: m n {\displaystyle mn} states, see Jirásek, Jirásková and Szabari. 2DFA: between m + n {\displaystyle m+n} and m + n + 1 {\displaystyle m+n+1} states, see Kunc and Okhotin. 2NFA: between m + n {\displaystyle m+n} and m + n + 1 {\displaystyle m+n+1} states, see Kunc and Okhotin. === Complementation === If language L requires n states then how many states does its complement require? DFA: n {\displaystyle n} states, by exchanging accepting and rejecting states. NFA: 2 n {\displaystyle 2^{n}} states, see Birget. or Jirásková UFA: at least n Ω ~ ( log n ) {\displaystyle n^{{\tilde {\Omega }}(\log n)}} states, see Göös, Kiefer and Yuan, (this follows an earlier bound by Raskin); and at most n + 1 ⋅ 2 0.5 n {\displaystyle {\sqrt {n+1}}\cdot 2^{0.5n}} states, see Indzhev and Kiefer. SVFA: n {\displaystyle n} states, by exchanging accepting and rejecting states. 2DFA: at least n {\displaystyle n} and at most 4 n {\displaystyle 4n} states, see Geffert, Mereghetti and Pighizzini. === Concatenation === How many states does L 1 L 2 = { w 1 w 2 ∣ w 1 ∈ L 1 , w 2 ∈ L 2 } {\displaystyle L_{1}L_{2}=\{w_{1}w_{2}\mid w_{1}\in L_{1},w_{2}\in L_{2}\}} require? DFA: m ⋅ 2 n − 2 n − 1 {\displaystyle m\cdot 2^{n}-2^{n-1}} states, see Maslov and Yu, Zhuang and Salomaa. NFA: m + n {\displaystyle m+n} states, see Holzer and Kutrib. UFA: 3 4 2 m + n − 1 {\displaystyle {\frac {3}{4}}2^{m+n}-1} states, see Jirásek, Jirásková and Šebej. SVFA: Θ ( 3 n / 3 2 m ) {\displaystyle \Theta (3^{n/3}2^{m})} states, see Jirásek, Jirásková and Szabari. 2DFA: at least 2 Ω ( n ) log m {\displaystyle {\frac {2^{\Omega (n)}}{\log m}}} and at most 2 m m + 1 ⋅ 2 n n + 1 {\displaystyle 2m^{m+1}\cdot 2^{n^{n+1}}} states, see Jirásková and Okhotin. === Kleene star === DFA: 3 4 2 n {\displaystyle {\frac {3}{4}}2^{n}} states, see Maslov and Yu, Zhuang and Salomaa. NFA: n + 1 {\displaystyle n+1} states, see Holzer and Kutrib. UFA: 3 4 2 n {\displaystyle {\frac {3}{4}}2^{n}} states, see Jirásek, Jirásková and Šebej. SVFA: 3 4 2 n {\displaystyle {\frac {3}{4}}2^{n}} states, see Jirásek, Jirásková and Szabari. 2DFA: at least 1 n 2 n 2 − 1 {\displaystyle {\frac {1}{n}}2^{{\frac {n}{2}}-1}} and at most 2 O ( n n + 1 ) {\displaystyle 2^{O(n^{n+1})}} states, see Jirásková and Okhotin. === Reversal === DFA: 2 n {\displaystyle 2^{n}} states, see Mirkin, Leiss, and Yu, Zhuang and Salomaa. NFA: n + 1 {\displaystyle n+1} states, see Holzer and Kutrib. UFA: n {\displaystyle n} states. SVFA: 2 n + 1 {\displaystyle 2n+1} states, see Jirásek, Jirásková and Szabari. 2DFA: between n + 1 {\displaystyle n+1} and n + 2 {\displaystyle n+2} states, see Jirásková and Okhotin. == Finite automata over a unary alphabet == State complexity of finite automata with a one-letter (unary) alphabet, pioneered by Chrobak, is different from the multi-letter case. Let g ( n ) = e Θ ( n ln n ) {\displaystyle g(n)=e^{\Theta ({\sqrt {n\ln n}})}} be Landau's function. === Transformation between models === For a one-letter alphabet, transformations between different types of finite automata are sometimes more efficient than in the general case. NFA to DFA: g ( n ) + O ( n 2 ) {\displaystyle g(n)+O(n^{2})} states, see Chrobak. 2DFA to DFA: g ( n ) + O ( n ) {\displaystyle g(n)+O(n)} states, see Chrobak and Kunc and Okhotin. 2NFA to DFA: O ( g ( n ) ) {\displaystyle O(g(n))} states, see Mereghetti and Pighizzini. and Geffert, Mereghetti and Pighizzini. NFA to 2DFA: at most O ( n 2 ) {\displaystyle O(n^{2})} states, see Chrobak. 2NFA to 2DFA: at most n O ( log n ) {\displaystyle n^{O(\log n)}} states, proved by implementing the method of Savitch's theorem, see
Query understanding
Query understanding is the process of inferring the intent of a search engine user by extracting semantic meaning from the searcher’s keywords. Query understanding methods generally take place before the search engine retrieves and ranks results. It is related to natural language processing but specifically focused on the understanding of search queries. == Methods == === Stemming and lemmatization === Many languages inflect words to reflect their role in the utterance they appear in. The variation between various forms of a word is likely to be of little importance for the relatively coarse-grained model of meaning involved in a retrieval system, and for this reason the task of conflating the various forms of a word is a potentially useful technique to increase recall of a retrieval system. Stemming algorithms, also known as stemmers, typically use a collection of simple rules to remove suffixes intended to model the language’s inflection rules. For some languages, there are simple lemmatisation methods to reduce a word in query to its lemma or root form or its stem; for others, this operation involves non-trivial string processing and may require recognizing the word's part of speech or referencing a lexical database. The effectiveness of stemming and lemmatization varies across languages. === Query Segmentation === Query segmentation is a key component of query understanding, aiming to divide a query into meaningful segments. Traditional approaches, such as the bag-of-words model, treat individual words as independent units, which can limit interpretative accuracy. For languages like Chinese, where words are not separated by spaces, segmentation is essential, as individual characters often lack standalone meaning. Even in English, the BOW model may not capture the full meaning, as certain phrases—such as "New York"—carry significance as a whole rather than as isolated terms. By identifying phrases or entities within queries, query segmentation enhances interpretation, enabling search engines to apply proximity and ordering constraints, ultimately improving search accuracy and user satisfaction. === Entity recognition === Entity recognition is the process of locating and classifying entities within a text string. Named-entity recognition specifically focuses on named entities, such as names of people, places, and organizations. In addition, entity recognition includes identifying concepts in queries that may be represented by multi-word phrases. Entity recognition systems typically use grammar-based linguistic techniques or statistical machine learning models. === Query rewriting === Query rewriting is the process of automatically reformulating a search query to more accurately capture its intent. Query expansion adds additional query terms, such as synonyms, in order to retrieve more documents and thereby increase recall. Query relaxation removes query terms to reduce the requirements for a document to match the query, thereby also increasing recall. Other forms of query rewriting, such as automatically converting consecutive query terms into phrases and restricting query terms to specific fields, aim to increase precision. === Spelling Correction === Automatic spelling correction is a critical feature of modern search engines, designed to address common spelling errors in user queries. Such errors are especially frequent as users often search for unfamiliar topics. By correcting misspelled queries, search engines enhance their understanding of user intent, thereby improving the relevance and quality of search results and overall user experience.
Cover-coding
Cover-coding is a technique for obscuring the data that is transmitted over an insecure link, to reduce the risks of snooping. An example of cover-coding would be for the sender to perform a bitwise XOR (exclusive OR) of the original data with a password or random number which is known to both sender and receiver. The resulting cover-coded data is then transmitted from sender to the receiver, who uncovers the original data by performing a further bitwise XOR (exclusive OR) operation on the received data using the same password or random number. ISO 18000-6C (EPC Class 1 Generation 2) RFID tags protect some operations with a cover code. The reader requests a random number from the tag, and the tag responds with a new random number. The reader then encrypts future communications with this number, using bitwise XOR, to the data it sends. Cover coding is secure if the tag signal can't be intercepted and the random number is not re-used. Compared to the loud transmissions from the reader, tag backscatter is much weaker and difficult -- but not impossible -- to intercept.
Professional network service
A professional network service (or, in an Internet context, simply a professional network) is a type of social network service that focuses on interactions and relationships for business opportunities and career growth, with less emphasis on activities in personal life. A professional network service is used by working individuals, job-seekers, and businesses to establish and maintain professional contacts, to find work or hire employees, share professional achievements, sell or promote services, and stay up-to-date with industry news and trends. According to LinkedIn managing director Clifford Rosenberg in an interview with AAP in 2010, "[t]his is a call to action for professionals to re-address their use of social networks and begin to reap as many rewards from networking professionally as they do personally." Businesses mostly depend on resources and information outside the company and to get what they need, they need to reach out and professionally network with others, such as employees or clients as well as potential opportunities. "Nardi, Whittaker, and Schwarz (2002) point out three main tasks that they believe networkers need to attend to keep a successful professional (intentional) network: building a network, maintaining the network, and activating selected contacts. They stress that networkers need to continue to add new contacts to their network to access as many resources as possible and to maintain their network by staying in touch with their contacts. This is so that the contacts are easy to activate when the networker has work that needs to be done." By using a professional network service, businesses can keep all of their networks up-to-date, and in order, and helps figure out the best way to efficiently get in touch with each of them. A service that can do all that helps relieve some of the stress when trying to get things done. Not all professional network services are online sites that help promote a business. Some services connect the user to other services that help promote the business other than online sites, such as phone/Internet companies that provide services and companies that specifically are designed to do all of the promoting, online and in person, for a business. == History == In 1997, professional network services started up throughout the world and continue to grow. The first recognizable site to combine all features, such as creating profiles, adding friends, and searching for friends, was SixDegrees.com. According to Boyd and Ellison's article, "Social Network Sites: Definition, History, and Scholarship", from 1997 to 2001, several community tools began supporting various combinations of profiles and publicly articulated Friends. Boyd and Ellison go on to say that the next wave began with Ryze.com in 2001. It was introduced as a new way "to help people leverage their business networks". == Inside the works == Quite a lot of work is put into a professional network service, such as the number of hours that go into them and the type of people they work for, as well as the business model of it all, such as the professional interaction and the multiple services they deal with. === Types of services === Some professional network services not only help promote the business but can also help in connecting to other people. Those services may include a specific phone and/or Internet company or a company that helps to connect with other businesses. According to the Society for New Communications Research (SNCR), there are at least nine online professional networks that are being used. === Professional interaction === Kaplan and Haenlein elaborate on five key considerations for companies when utilizing media. These include the importance of careful selection, the option to choose existing applications or develop custom ones, ensuring alignment with organizational activities, integrating a comprehensive media plan, and providing accessibility to all stakeholders. ==== Choose carefully ==== "Choosing the right medium for any given purpose depends on the target group to be reached and the message to be communicated. On one hand, each Social Media application usually attracts a certain group of people, and firms should be active wherever their customers are present. On the other hand, there may be situations whereby certain features are necessary to ensure effective communication, and these features are only offered by one specific application." ==== Ensure activity alignment ==== "Sometimes you may decide to rely on various Social Media, or a set of different applications within the same group, to have the largest possible reach." "Using different contact channels can be a worthwhile and profitable strategy." According to the Society for New Communications Research at Harvard University, "the average professional belongs to 3–5 online networks for business use, and LinkedIn, Facebook, and Twitter are among the top used." ==== Integrate a media plan ==== Social media and traditional media are "both part of the same: your corporate image" in the customers' eyes. ==== Allow access to all ==== "...once the firm has decided to utilize Social Media applications, it is worth checking that all employees may access them." According to the SNCR, "the convergence of Internet, mobile, and social media has taken significant shape as professionals rely on anywhere access to information, relationships, and networks." ==== Online usage ==== "Half of the respondents report participating in 3 to 5 online professional networks. Another three in ten participate in 6 or more professional networks." "Popular social networks are now being used frequently as Professional Communities. More than nine in ten respondents indicated that they use LinkedIn and half reported using Facebook. Twitter and blogs were frequently listed as 'professional networks'." === Business model === According to Michael Rappa's article, Business models on the Web", "a business model is the method of doing business by which a company can sustain itself – that is, generate revenue. The business model spells out how a company makes money by specifying where it is positioned in the value chain." Rappa mentions that there are at least nine basic categories from which a business model can be separated. Those categories are a brokerage, advertising, infomediary, merchant, manufacturer, affiliate, community, subscription, and utility. "...a firm may combine several different models as part of its overall Internet business strategy." At first, Flickr started as a way to mainstream public relations. == Social impact == When it comes to the social impact that professional network services have on today's society, it has proved to increase activity. According to the SNCR, "[t]hree quarters of respondents rely on professional networks to support business decisions. Reliance has increased for essentially all respondents over the past three years. Younger (20–35) and older professionals (55+) are more active users of social tools than middle-aged professionals. More people are collaborating outside their company wall than within their organizational intranet." == Limitations == Since the internet and social media are a part of this "world where consumers can speak so freely with each other and businesses have increasingly less control over the information available about them in cyberspace", most firms and businesses are uncomfortable with all the freedom. According to Kaplan and Haenlein's article, "Users of the world, unite! The challenges and opportunities of Social Media", businesses are pushed aside and are only able to sit back and watch as their customers publicly post comments, which may or may not be well-written.
Computer-aided software engineering
Computer-aided software engineering (CASE) is a domain of software tools used to design and implement applications. CASE tools are similar to and are partly inspired by computer-aided design (CAD) tools used for designing hardware products. CASE tools are intended to help develop high-quality, defect-free, and maintainable software. CASE software was often associated with methods for the development of information systems together with automated tools that could be used in the software development process. == History == The Information System Design and Optimization System (ISDOS) project, started in 1968 at the University of Michigan, initiated a great deal of interest in the whole concept of using computer systems to help analysts in the very difficult process of analysing requirements and developing systems. Several papers by Daniel Teichroew fired a whole generation of enthusiasts with the potential of automated systems development. His Problem Statement Language / Problem Statement Analyzer (PSL/PSA) tool was a CASE tool although it predated the term. Another major thread emerged as a logical extension to the data dictionary of a database. By extending the range of metadata held, the attributes of an application could be held within a dictionary and used at runtime. This "active dictionary" became the precursor to the more modern model-driven engineering capability. However, the active dictionary did not provide a graphical representation of any of the metadata. It was the linking of the concept of a dictionary holding analysts' metadata, as derived from the use of an integrated set of techniques, together with the graphical representation of such data that gave rise to the earlier versions of CASE. The next entrant into the market was Excelerator from Index Technology in Cambridge, Mass. While DesignAid ran on Convergent Technologies and later Burroughs Ngen networked microcomputers, Index launched Excelerator on the IBM PC/AT platform. While, at the time of launch, and for several years, the IBM platform did not support networking or a centralized database as did the Convergent Technologies or Burroughs machines, the allure of IBM was strong, and Excelerator came to prominence. Hot on the heels of Excelerator were a rash of offerings from companies such as Knowledgeware (James Martin, Fran Tarkenton and Don Addington), Texas Instrument's CA Gen and Andersen Consulting's FOUNDATION toolset (DESIGN/1, INSTALL/1, FCP). CASE tools were at their peak in the early 1990s. According to the PC Magazine of January 1990, over 100 companies were offering nearly 200 different CASE tools. At the time IBM had proposed AD/Cycle, which was an alliance of software vendors centered on IBM's Software repository using IBM DB2 in mainframe and OS/2: The application development tools can be from several sources: from IBM, from vendors, and from the customers themselves. IBM has entered into relationships with Bachman Information Systems, Index Technology Corporation, and Knowledgeware wherein selected products from these vendors will be marketed through an IBM complementary marketing program to provide offerings that will help to achieve complete life-cycle coverage. With the decline of the mainframe, AD/Cycle and the Big CASE tools died off, opening the market for the mainstream CASE tools of today. Many of the leaders of the CASE market of the early 1990s ended up being purchased by Computer Associates, including IEW, IEF, ADW, Cayenne, and Learmonth & Burchett Management Systems (LBMS). The other trend that led to the evolution of CASE tools was the rise of object-oriented methods and tools. Most of the various tool vendors added some support for object-oriented methods and tools. In addition new products arose that were designed from the bottom up to support the object-oriented approach. Andersen developed its project Eagle as an alternative to Foundation. Several of the thought leaders in object-oriented development each developed their own methodology and CASE tool set: Jacobson, Rumbaugh, Booch, etc. Eventually, these diverse tool sets and methods were consolidated via standards led by the Object Management Group (OMG). The OMG's Unified Modelling Language (UML) is currently widely accepted as the industry standard for object-oriented modeling. == CASE software == === Tools === CASE tools support specific tasks in the software development life-cycle. They can be divided into the following categories: Business and analysis modeling: Graphical modeling tools. E.g., E/R modeling, object modeling, etc. Development: Design and construction phases of the life-cycle. Debugging environments. E.g., IISE LKO. Verification and validation: Analyze code and specifications for correctness, performance, etc. Configuration management: Control the check-in and check-out of repository objects and files. E.g., SCCS, IISE. Metrics and measurement: Analyze code for complexity, modularity (e.g., no "go to's"), performance, etc. Project management: Manage project plans, task assignments, scheduling. Another common way to distinguish CASE tools is the distinction between Upper CASE and Lower CASE. Upper CASE Tools support business and analysis modeling. They support traditional diagrammatic languages such as ER diagrams, Data flow diagram, Structure charts, Decision Trees, Decision tables, etc. Lower CASE Tools support development activities, such as physical design, debugging, construction, testing, component integration, maintenance, and reverse engineering. All other activities span the entire life-cycle and apply equally to upper and lower CASE. === Workbenches === Workbenches integrate two or more CASE tools and support specific software-process activities. Hence they achieve: A homogeneous and consistent interface (presentation integration) Seamless integration of tools and toolchains (control and data integration) An example workbench is Microsoft's Visual Basic programming environment. It incorporates several development tools: a GUI builder, a smart code editor, debugger, etc. Most commercial CASE products tended to be such workbenches that seamlessly integrated two or more tools. Workbenches also can be classified in the same manner as tools; as focusing on Analysis, Development, Verification, etc. as well as being focused on the upper case, lower case, or processes such as configuration management that span the complete life-cycle. === Environments === An environment is a collection of CASE tools or workbenches that attempts to support the complete software process. This contrasts with tools that focus on one specific task or a specific part of the life-cycle. CASE environments are classified by Fuggetta as follows: Toolkits: Loosely coupled collections of tools. These typically build on operating system workbenches such as the Unix Programmer's Workbench or the VMS VAX set. They typically perform integration via piping or some other basic mechanism to share data and pass control. The strength of easy integration is also one of the drawbacks. Simple passing of parameters via technologies such as shell scripting can't provide the kind of sophisticated integration that a common repository database can. Fourth generation: These environments are also known as 4GL standing for fourth generation language environments due to the fact that the early environments were designed around specific languages such as Visual Basic. They were the first environments to provide deep integration of multiple tools. Typically these environments were focused on specific types of applications. For example, user-interface driven applications that did standard atomic transactions to a relational database. Examples are Informix 4GL, and Focus. Language-centered: Environments based on a single often object-oriented language such as the Symbolics Lisp Genera environment or VisualWorks Smalltalk from Parcplace. In these environments all the operating system resources were objects in the object-oriented language. This provides powerful debugging and graphical opportunities but the code developed is mostly limited to the specific language. For this reason, these environments were mostly a niche within CASE. Their use was mostly for prototyping and R&D projects. A common core idea for these environments was the model–view–controller user interface that facilitated keeping multiple presentations of the same design consistent with the underlying model. The MVC architecture was adopted by the other types of CASE environments as well as many of the applications that were built with them. Integrated: These environments are an example of what most IT people tend to think of first when they think of CASE. Environments such as IBM's AD/Cycle, Andersen Consulting's FOUNDATION, the ICL CADES system, and DEC Cohesion. These environments attempt to cover the complete life-cycle from analysis to maintenance and provide an integrated database repository for storing all artifacts of the software pr
Insider threat
An insider threat is a perceived threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. == Overview == Insiders may have accounts giving them legitimate access to computer systems, with this access originally having been given to them to serve in the performance of their duties; these permissions could be abused to harm the organization. Insiders are often familiar with the organization's data and intellectual property as well as the methods that are in place to protect them. This makes it easier for the insider to circumvent any security controls of which they are aware. Physical proximity to data means that the insider does not need to hack into the organizational network through the outer perimeter by traversing firewalls; rather they are in the building already, often with direct access to the organization's internal network. Insider threats are harder to defend against than attacks from outsiders, since the insider already has legitimate access to the organization's information and assets. An insider may attempt to steal property or information for personal gain or to benefit another organization or country. The threat to the organization could also be through malicious software left running on its computer systems by former employees, a so-called logic bomb. == Research == Insider threat is an active area of research in academia and government. The CERT Coordination Center at Carnegie-Mellon University maintains the CERT Insider Threat Center, which includes a database of more than 850 cases of insider threats, including instances of fraud, theft and sabotage; the database is used for research and analysis. CERT's Insider Threat Team also maintains an informational blog to help organizations and businesses defend themselves against insider crime. The Threat Lab and Defense Personnel and Security Research Center (DOD PERSEREC) has also recently emerged as a national resource within the United States of America. The Threat Lab hosts an annual conference, the SBS Summit. They also maintain a website that contains resources from this conference. Complimenting these efforts, a companion podcast was created, Voices from the SBS Summit. In 2022, the Threat Lab created an interdisciplinary journal, Counter Insider Threat Research and Practice (CITRAP) which publishes research on insider threat detection. === Findings === In the 2022 Data Breach Investigations Report (DBIR), Verizon found that 82% of breaches involved the human element, noting that employees continue to play a leading role in cybersecurity incidents and breaches. According to the UK Information Commissioners Office, 90% of all breaches reported to them in 2019 were the result of mistakes made by end users. This was up from 61% and 87% over the previous two years. A 2018 whitepaper reported that 53% of companies surveyed had confirmed insider attacks against their organization in the previous 12 months, with 27% saying insider attacks have become more frequent. A report published in July 2012 on the insider threat in the U.S. financial sector gives some statistics on insider threat incidents: 80% of the malicious acts were committed at work during working hours; 81% of the perpetrators planned their actions beforehand; 33% of the perpetrators were described as "difficult" and 17% as being "disgruntled". The insider was identified in 74% of cases. Financial gain was a motive in 81% of cases, revenge in 23% of cases, and 27% of the people carrying out malicious acts were in financial difficulties at the time. The US Department of Defense Personnel Security Research Center published a report that describes approaches for detecting insider threats. Earlier it published ten case studies of insider attacks by information technology professionals. Cybersecurity experts believe that 38% of negligent insiders are victims of a phishing attack, whereby they receive an email that appears to come from a legitimate source such as a company. These emails normally contain malware in the form of hyperlinks. == Typologies and ontologies == Multiple classification systems and ontologies have been proposed to classify insider threats. Traditional models of insider threat identify three broad categories: Malicious insiders, which are people who take advantage of their access to inflict harm on an organization; Negligent insiders, which are people who make errors and disregard policies, which place their organizations at risk; and Infiltrators, who are external actors that obtain legitimate access credentials without authorization. == Criticisms == Insider threat research has been criticized. Critics have argued that insider threat is a poorly defined concept. Forensically investigating insider data theft is notoriously difficult, and requires novel techniques such as stochastic forensics. Data supporting insider threat is generally proprietary (i.e., encrypted data). Theoretical/conceptual models of insider threat are often based on loose interpretations of research in the behavioral and social sciences, using "deductive principles and intuitions of subject matter expert." Adopting sociotechnical approaches, researchers have also argued for the need to consider insider threat from the perspective of social systems. Jordan Schoenherr said that "surveillance requires an understanding of how sanctioning systems are framed, how employees will respond to surveillance, what workplace norms are deemed relevant, and what ‘deviance’ means, e.g., deviation for a justified organization norm or failure to conform to an organizational norm that conflicts with general social values." By treating all employees as potential insider threats, organizations might create conditions that lead to insider threats. == Sector-specific concerns == === Healthcare === The healthcare industry faces particularly acute insider threat risks due to the large number of workforce members who require access to sensitive patient records for legitimate clinical purposes. The U.S. Department of Health and Human Services has identified unauthorized access by insiders, including workforce snooping on patient records and theft of protected health information for identity fraud, as a persistent enforcement concern. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule addresses insider threats through several administrative safeguards, including workforce security procedures requiring covered entities to implement policies for authorizing and supervising workforce members who work with electronic protected health information, as well as termination procedures to revoke access when employment ends (45 CFR 164.308(a)(3)). The rule also requires audit controls to record and examine information system activity (45 CFR 164.312(b)), enabling detection of unauthorized access by insiders. The December 2024 Notice of proposed rulemaking (NPRM) to overhaul the HIPAA Security Rule would strengthen insider threat defenses by mandating role-based access controls, requiring notification of relevant workforce members within 24 hours of any changes to access privileges, and requiring regular review of audit logs to detect anomalous access patterns.
Plaintext
In cryptography, plaintext usually means unencrypted information pending input into cryptographic algorithms, usually encryption algorithms. This usually refers to data that is transmitted or stored unencrypted. == Overview == With the advent of computing, the term plaintext expanded beyond human-readable documents to mean any data, including binary files, in a form that can be viewed or used without requiring a key or other decryption device. Information—a message, document, file, etc.—if to be communicated or stored in an unencrypted form is referred to as plaintext. Plaintext is used as input to an encryption algorithm; the output is usually termed ciphertext, particularly when the algorithm is a cipher. Codetext is less often used, and almost always only when the algorithm involved is actually a code. Some systems use multiple layers of encryption, with the output of one encryption algorithm becoming "plaintext" input for the next. == Secure handling == Insecure handling of plaintext can introduce weaknesses into a cryptosystem by letting an attacker bypass the cryptography altogether. Plaintext is vulnerable in use and in storage, whether in electronic or paper format. Physical security means the securing of information and its storage media from physical, attack—for instance by someone entering a building to access papers, storage media, or computers. Discarded material, if not disposed of securely, may be a security risk. Even shredded documents and erased magnetic media might be reconstructed with sufficient effort. If plaintext is stored in a computer file, the storage media, the computer and its components, and all backups must be secure. Sensitive data is sometimes processed on computers whose mass storage is removable, in which case physical security of the removed disk is vital. In the case of securing a computer, useful (as opposed to handwaving) security must be physical (e.g., against burglary, brazen removal under cover of supposed repair, installation of covert monitoring devices, etc.), as well as virtual (e.g., operating system modification, illicit network access, Trojan programs). Wide availability of keydrives, which can plug into most modern computers and store large quantities of data, poses another severe security headache. A spy (perhaps posing as a cleaning person) could easily conceal one, and even swallow it if necessary. Discarded computers, disk drives and media are also a potential source of plaintexts. Most operating systems do not actually erase anything— they simply mark the disk space occupied by a deleted file as 'available for use', and remove its entry from the file system directory. The information in a file deleted in this way remains fully present until overwritten at some later time when the operating system reuses the disk space. With even low-end computers commonly sold with many gigabytes of disk space and rising monthly, this 'later time' may be months later, or never. Even overwriting the portion of a disk surface occupied by a deleted file is insufficient in many cases. Peter Gutmann of the University of Auckland wrote a celebrated 1996 paper on the recovery of overwritten information from magnetic disks; areal storage densities have gotten much higher since then, so this sort of recovery is likely to be more difficult than it was when Gutmann wrote. Modern hard drives automatically remap failing sectors, moving data to good sectors. This process makes information on those failing, excluded sectors invisible to the file system and normal applications. Special software, however, can still extract information from them. Some government agencies (e.g., US NSA) require that personnel physically pulverize discarded disk drives and, in some cases, treat them with chemical corrosives. This practice is not widespread outside government, however. Garfinkel and Shelat (2003) analyzed 158 second-hand hard drives they acquired at garage sales and the like, and found that less than 10% had been sufficiently sanitized. The others contained a wide variety of readable personal and confidential information. See data remanence. Physical loss is a serious problem. The US State Department, Department of Defense, and the British Secret Service have all had laptops with secret information, including in plaintext, lost or stolen. Appropriate disk encryption techniques can safeguard data on misappropriated computers or media. On occasion, even when data on host systems is encrypted, media that personnel use to transfer data between systems is plaintext because of poorly designed data policy. For example, in October 2007, HM Revenue and Customs lost CDs that contained the unencrypted records of 25 million child benefit recipients in the United Kingdom. Modern cryptographic systems resist known plaintext or even chosen plaintext attacks, and so may not be entirely compromised when plaintext is lost or stolen. Older systems resisted the effects of plaintext data loss on security with less effective techniques—such as padding and Russian copulation to obscure information in plaintext that could be easily guessed.