Backend as a service (BaaS), sometimes also referred to as mobile backend as a service (MBaaS), is a service for providing web app and mobile app developers with a way to easily build a backend to their frontend applications. Features available include user management, push notifications, and integration with social networking services. These services are provided via the use of custom software development kits (SDKs) and application programming interfaces (APIs). BaaS is a relatively recent development in cloud computing, with most BaaS startups dating from 2011 or later. Some of the most popular service providers are AWS Amplify and Firebase. == Purpose == Web and mobile apps require a similar set of features on the backend, including notification service, integration with social networks, and cloud storage. Each of these services has its own API that must be individually incorporated into an app, a process that can be time-consuming and complicated for app developers. BaaS providers form a bridge between the frontend of an application and various cloud-based backends via a unified API and SDK. Providing a consistent way to manage backend data means that developers do not need to redevelop their own backend for each of the services that their apps need to access, potentially saving both time and money. Although similar to other cloud-computing business models, such as serverless computing, software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS), BaaS is distinct from these other services in that it specifically addresses the cloud-computing needs of web and mobile app developers by providing a unified means of connecting their apps to cloud services. == Features == BaaS providers offer different set of features and backend tools. Some of the most common features include: Database management. Most BaaS solutions provide SQL and/or NoSQL database management services for applications. Developers can store their app data without deploying and managing databases themselves. BaaS usually provides client SDKs, REST and GraphQL APIs for the frontend to interact with databases. File storage. BaaS providers often offer storage solutions for media files, user uploads, and other binary data. Applications can upload, download, and delete files through provided SDKs and APIs. Authentication and authorization. Some BaaS offer authentication and authorization services that allow developers to easily manage app users. This includes user sign-up, login, password reset, social media login integration through OAuth, user group and permission management etc. Notification service. Some BaaS providers such as Firebase and AWS Amplify have notification services that can send custom emails to users and push native notifications on mobile platforms. This is especially useful for applications that need to send messages, alerts, and reminders. Cloud functions. Some BaaS allow developers to deploy and run serverless functions. The functions are usually stateless and can be triggered by various ways including HTTP requests, SDK invocation, background server events, and cloud scheduled executions. Different providers offer runtime support for different languages, some of the popular languages are JavaScript/TypeScript (Node.js, Deno), Python, Java/Kotlin. Cloud functions extend the potential and flexibility of BaaS by allowing developers to write custom functionalities for their apps, working in a way similar to a traditional REST API backend framework. Usage analytics. Analytics data about application usage is often included in BaaS. This allows developers to monitor user behaviors and make decisions correspondingly in marketing strategies and performance optimizations. UI design. Some BaaS providers, such as AWS Amplify and Backendless, offer user interface designing tools that help developers design the frontend UI of web and mobile apps. While this may be useful for small teams and individual developers, UI design assistance may not be conventional in BaaS as it goes beyond the scope of backend infrastructure. Real-Time. Real-time features in a BaaS platform ensure that data updates and synchronizations occur instantly across all clients, making changes immediately visible to users. This is crucial for applications like live chat and collaborative tools, using technologies like WebSockets to maintain continuous server-client connections. == Service providers == BaaS providers have a broad focus, providing SDKs and APIs that work for app development on multiple platforms with different technology stacks, such as JavaScript (for Web apps), Flutter, Java/Kotlin (for Android apps), Swift/Objective-C (for iOS/MacOS/WatchOS/TvOS apps), .NET (for Windows) and others. BaaS providers also come in different types, suiting developers of different needs. === Cloud-based BaaS === Most BaaS providers host backend platforms on their cloud servers. They also manage the infrastructure, security, and scalability of the platforms. Developers can access the backend services via a web interface or the provided APIs. Some examples of cloud-based BaaS include Firebase (hosted on Google Cloud Platform), AWS Amplify (hosted on Amazon Web Services), and Microsoft Azure Mobile Apps (hosted on Microsoft Azure). === Self-hosted BaaS === Self-hosted BaaS allow developers to host backend on their own servers, providing more flexibility and potential to customization compared to cloud-based BaaS, which often is more difficult to migrate from. However, developers are also in charge of managing the infrastructure, security, and scalability of their servers. === Mobile BaaS === Mobile backend as a service (MBaaS) is a type of BaaS specifically for applications deployed in mobile systems. While some references use MBaaS interchangeably for BaaS, BaaS can have a wider variety of support such as for web apps and desktop apps. == Business model == BaaS providers generate revenue from their services in various ways, often using a freemium model. Under this model, a client receives a certain number of free active users or API calls per month, and pays a fee for each user or call over this limit. Alternatively, clients can pay a set fee for a package which allows for a greater number of calls or active users per month. There are also flat fee plans that make the pricing more predictable. Some of the providers offer the unlimited API calls inside their free plan offerings. Another business model that has been used by a lot of BaaS providers is PAYG (pay as you go), which has a flexible cost based on developers' usage of database, storage, bandwidth, function calls, user numbers etc.
TSheets
TSheets was a web-based and mobile time tracking and employee scheduling app. The service was accessed via a web browser or a mobile app. TSheets was an alternative to a paper timesheet or punch cards. == History == Based in Eagle, Idaho, TSheets was co-founded in 2006 by CEO Matt Rissell and CTO Brandon Zehm. In 2008, TSheets released a native employee time tracking app for the iPhone. In 2012, TSheets released an integration with accounting and payroll software QuickBooks. In 2015, TSheets accepted $15 million in growth equity funding from Summit Partners, bought a building in Eagle, Idaho, and opened a second location in Sydney, Australia. On 5 December 2017, Intuit announced an agreement to acquire TSheets. The transaction was valued at approximately $340 million of cash and other consideration and closed on 11 January 2018. After the transaction closed, Time Capture became a new business unit within Intuit's Small Business and Self-Employed Group with Matt Rissell assuming the leader role reporting to Alex Chriss. TSheets's Eagle, Idaho site became an Intuit location.
MinID
MinID is an electronic login system used to secure a range of internet services in the Norwegian public sector. The communication done with MinID is encrypted to secure information from unauthorized usage. Everyone registered in the Norwegian Population Register over the age of 13 years can create a public ID with MinID. As of April 2010, more than 2 million people living in Norway had created user accounts with MinID. To create a public ID, PIN-codes from the Norwegian Tax Administration are needed. == Purpose == The purpose of MinID is to communicate an electronic identity, so that users are authorized to use electronic services, in a secure way. MinID has a user database where social security numbers and PIN-codes are saved. MinID can be used to access more than 50 online services from various Norwegian public agencies, including the Norwegian Labour and Welfare Administration, the Directorate of Taxes and the State Educational Loan. == Controller == The Norwegian Digitalisation Agency (Digdir) is the controller of the personal data handled by MinID. The Norwegian Digitalisation Agency (Norwegian: Digitaliseringsdirektoratet) or Digdir is a government agency subordinate to the Ministry of Digitalisation and Public Governance. It is responsible for help the public sector achieve quality, efficiency, user friendliness, openness and participation, as well as helping the public sector be organized and led in a good way with good intersectoral cooperation. == User profile == Users of MinID have a user profile that contains their mobile phone number and/or e-mail address. This data is used to administrate MinID use. The e-mail address is needed in order to send the user a temporary password if he or she forgets the password. The phone number is needed in order to send an SMS-code at log in or a temporary password if the user forgets the password. == Transparency, correction and deletion == According to the law users can claim full access of the handling of their own personal data. Users also have the right to information about how this data are handled and saved, and how they can correct or delete inaccurate data. Users can at any time choose to delete themselves as a user of MinID. The user profile will then be deleted from the MinID user database. == Extradition to others == MinID passes on the user's social security number and chosen language to the public services he or she logs on to, so that the user can go to other public services without a new login.
Certified social engineering prevention specialist
Certified Social Engineering Prevention Specialist (CSEPS) is a social engineering security-awareness training and professional certification program originally developed by Kevin Mitnick and Alexis Kasperavičius. == Course structure == The original CSEPS program was structured as a multi-module corporate security-awareness course designed to teach employees, managers, and IT personnel how social engineers manipulate human behavior to bypass technical security systems. The curriculum combined case studies, psychological analysis, attack demonstrations, pretexting exercises, and operational security scenarios. The course materials described social engineering as the exploitation of "the human factor" in information security and argued that traditional technical defenses alone were insufficient to protect organizations from deception-based attacks. The training program was divided into instructional modules covering topics such as: social engineering methodology and threat analysis intelligence gathering and reconnaissance dumpster diving pretexting elicitation technique telephone-system exploitation and caller-ID spoofing psychological influence techniques industrial espionage identity theft organizational vulnerabilities security policy development and employee awareness training The course also analyzed historical and contemporary case studies involving information theft, corporate espionage, fraudulent wire transfers, and telephone-based impersonation attacks. Training exercises required participants to analyze how attackers established credibility, manipulated trust, overcame objections, and exploited organizational procedures. According to The Wall Street Journal, CSEPS was delivered as a two-day "boot camp" course costing approximately US$1,500 per attendee. Clients reportedly included the United States Air Force and the United States Marine Corps. The certification examination included multiple-choice and written-response sections dealing with social-engineering defense scenarios and mitigation strategies. == History == In 2003, Mitnick and Kasperavičius partnered with the Florida-based IT training company Intense School Inc. to offer CSEPS classes throughout the United States. In 2020, Mitnick partnered with security-awareness training company KnowBe4, and elements of the original CSEPS material became incorporated into KnowBe4's social-engineering awareness training offerings.
Tuber (app)
Tuber (Chinese: Tuber浏览器) was a web browser mobile app developed by Shanghai Fengxuan Information Technology that allowed users within mainland China to view filtered versions of certain websites normally blocked by the Great Firewall. Filtered versions of websites such as Google, Facebook, Instagram, YouTube, Twitter, Netflix, IMDb, and Wikipedia could be viewed. The app was backed by cybersecurity company Qihoo 360 which served as the parent company. The app required phone number registration. Sensitive keywords were blocked by the app. On October 9, 2020, Global Times editor Rita Bai Yunyi tweeted that the move represented "a great step for China's opening up". The app was removed from China domestic app stores and operations ceased as of October 10, 2020. On October 12, when questioned by a Bloomberg News reporter on the topic, Foreign Ministry spokesperson Zhao Lijian replied, "This is not a diplomatic issue, and I do not have the relevant information you mentioned. China has always managed the Internet in accordance with the law. I suggest you ask the competent department for the specific situation."
Automated dispensing cabinet
An automated dispensing cabinet (ADC), also called a unit-based cabinet (UBC), automated dispensing device (ADD), or automated dispensing machine (ADM)[1], is a computerized medicine cabinet for hospitals and healthcare settings. ADCs allow medications to be stored and dispensed near the point of care while controlling and tracking drug distribution. == Overview == Hospital pharmacies have provided medications for patients by filling patient-specific cassettes of unit-dose medications that were then delivered to the nursing unit and stored in medication cabinets or carts. ADCs, originally designed for hospital use, were introduced in hospitals in the 1980s and have facilitated the transition to alternative delivery models and more decentralized medication distribution systems.[2] Implementing automated dispensing cabinets as part of a decentralized or hybrid medication distribution system can improve patient safety and the accountability of the inventory, streamline certain billing processes. However, in the 2000s, the technology began to be deployed into other care settings where medication doses were stored onsite, and higher security methods were needed to control inventory, access, and dispensing of each patient dose. Settings that now deploy ADCs include long-term care facilities, hospice, critical access hospitals, surgery centers, group homes, residential care facilities, rehab and psych environments, animal health, dental clinics, and nursing education simulation. These diverse care settings share a common need to safely store, account for, and dispense individual doses of medications, especially narcotics and high-value medications, at the point of care.[3] ADCs track user access and dispensed medications, and their use can improve control over medication inventory. The real-time inventory reports generated by many cabinets can simplify the filling process and help the pharmacy track expired drugs. Furthermore, by restricting individual drugs – such as high-risk medications and controlled substances – to unique drawers within the cabinet, overall inventory management, patient safety, and medication security can be improved. Automated dispensing cabinets allow the pharmacy department to profile physician orders before they are dispensed.[4] ADCs can also enable providers to record medication charges upon dispensing, reducing the billing paperwork the pharmacy is responsible for. In addition, nurses can note returned medications using the cabinets' computers, enabling direct credits to patients' accounts. Since automated cabinets can be located on the nursing unit floor, nursing have speedier access to a patient's medications. Also, shorter waiting time ensures improved patient comfort and care.[5] == Role of automated dispensing in healthcare == Automated dispensing is a pharmacy practice in which a device dispenses medications and fills prescriptions. ADCs, which can handle many different medications, are available from a number of manufacturers such as BD, ARxIUM, and Omnicell. Though members of the pharmacy community have been utilizing automation technology since the 1980s, companies are constantly improving ADCs to meet changing needs and health standards in the industry. Several goals can be met by implementing an automated product in a healthcare facility. Patient safety can be ensured with the use of ADC technology such as barcoding. Anesthesia ADCs in operating rooms and perioperative areas may include label printing to prevent mix-ups such as errors between morphine and hydromorphone, two different opioid analgesics that frequently get confused. These systems also communicate with the pharmacy and its information management system to track medications removed and support inventory replenishment. == Key features == ADCs are like automated teller machines whose specific technologies such as barcode scanning and clinical decision support can improve medication safety. Some have metal locking drawers for added security and some have automated single-dose dispensing to prevent the need for a blind count each time a controlled substance is accessed. Over the years, ADCs have been adapted to facilitate compliance with emerging regulatory requirements such as pharmacy review of medication orders and safe practice recommendations. ADCs incorporate advanced software and electronic interfaces to synthesize high-risk steps in the medication use process. These unit-based medication repositories provide computer-controlled storage, dispensation, tracking, and documentation of medication distribution in the resident care unit. Since automated dispensing cabinets are not located in the pharmacy, they are considered "decentralized" medication distribution systems. Instead, they can be found at the point of care on the resident care unit. Tracking of the stocking and distribution process can occur by interfacing the unit with a central pharmacy computer. These cabinets can also be interfaced with other external databases such as resident profiles, the facility's admission/discharge/transfer system, and billing systems. Most ADC providers offer scalable systems since several important factors vary widely by facility such as budget, physical room size, patient population/demographics, type of healthcare facility, etc.
Computer Law & Security Review
The Computer Law & Security Review is an international peer-reviewed journal published by Elsevier. It has been published six times a year since 1985 and is indexed in Scopus and SSCI. It is accessible to a wide range of professional legal and IT practitioners, businesses, academics, researchers, libraries and organisations in both the public and private sectors. The journal regularly covers: CLSR Briefing with special emphasis on UK/US developments European Union update National news from 10 European jurisdictions Pacific rim news column Refereed practitioner and academic papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection and freedom of information and many other topics. The Journal's Correspondent Panel includes more than 40 specialists in IT law and security. Each issue contains articles, case law analysis and current news on information and communications technology. Special Features High quality peer reviewed papers from internationally renowned practitioner and academic experts Latest developments reported in situ by more than 20 leading law firms from around the world Highly experienced and respected editor and correspondents panel Online access to all 23 volumes of CLSR with embedded web links to primary sources Contact details of all authors A pool of expertise that can collectively identify the key topics that need to be examined.