In cloud computing, a carrier cloud is a class of cloud that integrates wide area networks (WAN) and other attributes of communications service providers’ carrier-grade networks to enable the deployment of highly-complex applications in the cloud. In contrast, classic cloud computing focuses on the data center and does not address the network connecting data centers and cloud users. This may result in unpredictable response times and security issues when business-critical data are transferred over the Internet. == History == The advent of virtualization technology, cost-effective computing hardware, and ubiquitous Internet connectivity have enabled the first wave of cloud services starting in the early years of the 21st century. But many businesses and other organizations hesitated to move to more demanding applications, from on-premises dedicated hardware to private or public clouds. As a response, communications service providers started in the 2010/2011 time frame to develop carrier clouds that address perceived weaknesses in existing cloud services. Cited weaknesses vary but often include possible downtime, security issues, high cost of custom software and data transfer, inflexibility of some cloud apps, poor customer and nonfulfillment of service level agreements (SLAs). == Characteristics == To enable the deployment of time-sensitive and business critical applications in the cloud, the carrier cloud is designed to match or even exceed the characteristics of on-premises deployments. Therefore, the carrier cloud is characterized by some or all of the following items: Configurable, elastic network performance: Typical cloud computing solutions use the best effort of the public Internet to connect cloud users and data centers. This approach provides instant connectivity but does not offer control over network capacities, latencies, and jitter. Carrier clouds address these gaps with content delivery networks and/or dedicated virtual private networks (VPN) at OSI layers 1 (optical wavelengths), 2 (data link layer), and 3 (network layer). These VPNs can be configured to offer the desired performance parameters and exhibit the same type of elasticity for the network that regular clouds provide for servers and storage. To achieve the requested performance parameters, such as low latency, cloud applications can be (automatically) allocated to distributed data centers that are close enough to the cloud users. Automatic resource placement: For a cloud with multiple data centers, information about both the data center and the connecting network is relevant for a decision of where to place cloud images and storage volumes. For this decision, carrier clouds can obtain relevant information about the network, e.g., using the Application-Layer Traffic Optimization (ALTO) protocol. High level of security and governance: Cloud application providers are subject to general and domain specific security, privacy, and governance requirements and regulations, such as the European Data Protection Directive and the U.S. Health Insurance Portability and Accountability Act. For added security, the wide area network of the carrier cloud can provide segregated encrypted or unencrypted network links that are not accessible from the general Internet. At the data center, the carrier cloud provides e.g. virtual private servers, management processes, logs, and documentation to fulfill security and governance rules. Location control: Fundamentally, cloud users should not be concerned with the geographic location of their cloud resources. However, privacy and other regulations may mandate that certain types of data must not be sent outside a national jurisdiction or other geographical region. Open APIs: Carrier clouds provide graphical user interfaces and Web application programming interfaces that allow cloud application providers to set up, manage, and monitor both, the data center and the WAN, of their cloud services. == Architecture == Carrier clouds encompass data centers at different network tiers and wide area networks that connect multiple data centers to each other as well as to the cloud users. Links between data centers are used for failover, overflow, backup, and geographic diversity. Carrier clouds can be set up as public, private, or hybrid clouds. The carrier cloud federates these cloud entities by using a single management system to orchestrate, manage, and monitor data center and network resources as a single system.
Superellipsoid
In mathematics, a superellipsoid (or super-ellipsoid) is a solid whose horizontal sections are superellipses (Lamé curves) with the same squareness parameter ϵ 2 {\displaystyle \epsilon _{2}} , and whose vertical sections through the center are superellipses with the squareness parameter ϵ 1 {\displaystyle \epsilon _{1}} . It is a generalization of an ellipsoid, which is a special case when ϵ 1 = ϵ 2 = 1 {\displaystyle \epsilon _{1}=\epsilon _{2}=1} . Superellipsoids as computer graphics primitives were popularized by Alan H. Barr (who used the name "superquadrics" to refer to both superellipsoids and supertoroids). In modern computer vision and robotics literatures, superquadrics and superellipsoids are used interchangeably, since superellipsoids are the most representative and widely utilized shape among all the superquadrics. Superellipsoids have a rich shape vocabulary, including cuboids, cylinders, ellipsoids, octahedra and their intermediates. It becomes an important geometric primitive widely used in computer vision, robotics, and physical simulation. The main advantage of describing objects and environment with superellipsoids is its conciseness and expressiveness in shape. Furthermore, a closed-form expression of the Minkowski sum between two superellipsoids is available. This makes it a desirable geometric primitive for robot grasping, collision detection, and motion planning. == Special cases == A handful of notable mathematical figures can arise as special cases of superellipsoids given the correct set of values, which are depicted in the above graphic: Cylinder Sphere Steinmetz solid Bicone Regular octahedron Cube, as a limiting case where the exponents tend to infinity Piet Hein's supereggs are also special cases of superellipsoids. == Formulas == === Basic (normalized) superellipsoid === The basic superellipsoid is defined by the implicit function f ( x , y , z ) = ( x 2 ϵ 2 + y 2 ϵ 2 ) ϵ 2 / ϵ 1 + z 2 ϵ 1 {\displaystyle f(x,y,z)=\left(x^{\frac {2}{\epsilon _{2}}}+y^{\frac {2}{\epsilon _{2}}}\right)^{\epsilon _{2}/\epsilon _{1}}+z^{\frac {2}{\epsilon _{1}}}} The parameters ϵ 1 {\displaystyle \epsilon _{1}} and ϵ 2 {\displaystyle \epsilon _{2}} are positive real numbers that control the squareness of the shape. The surface of the superellipsoid is defined by the equation: f ( x , y , z ) = 1 {\displaystyle f(x,y,z)=1} For any given point ( x , y , z ) ∈ R 3 {\displaystyle (x,y,z)\in \mathbb {R} ^{3}} , the point lies inside the superellipsoid if f ( x , y , z ) < 1 {\displaystyle f(x,y,z)<1} , and outside if f ( x , y , z ) > 1 {\displaystyle f(x,y,z)>1} . Any "parallel of latitude" of the superellipsoid (a horizontal section at any constant z between -1 and +1) is a Lamé curve with exponent 2 / ϵ 2 {\displaystyle 2/\epsilon _{2}} , scaled by a = ( 1 − z 2 ϵ 1 ) ϵ 1 2 {\displaystyle a=(1-z^{\frac {2}{\epsilon _{1}}})^{\frac {\epsilon _{1}}{2}}} , which is ( x a ) 2 ϵ 2 + ( y a ) 2 ϵ 2 = 1. {\displaystyle \left({\frac {x}{a}}\right)^{\frac {2}{\epsilon _{2}}}+\left({\frac {y}{a}}\right)^{\frac {2}{\epsilon _{2}}}=1.} Any "meridian of longitude" (a section by any vertical plane through the origin) is a Lamé curve with exponent 2 / ϵ 1 {\displaystyle 2/\epsilon _{1}} , stretched horizontally by a factor w that depends on the sectioning plane. Namely, if x = u cos θ {\displaystyle x=u\cos \theta } and y = u sin θ {\displaystyle y=u\sin \theta } , for a given θ {\displaystyle \theta } , then the section is ( u w ) 2 ϵ 1 + z 2 ϵ 1 = 1 , {\displaystyle \left({\frac {u}{w}}\right)^{\frac {2}{\epsilon _{1}}}+z^{\frac {2}{\epsilon _{1}}}=1,} where w = ( cos 2 ϵ 2 θ + sin 2 ϵ 2 θ ) − ϵ 2 2 . {\displaystyle w=(\cos ^{\frac {2}{\epsilon _{2}}}\theta +\sin ^{\frac {2}{\epsilon _{2}}}\theta )^{-{\frac {\epsilon _{2}}{2}}}.} In particular, if ϵ 2 {\displaystyle \epsilon _{2}} is 1, the horizontal cross-sections are circles, and the horizontal stretching w {\displaystyle w} of the vertical sections is 1 for all planes. In that case, the superellipsoid is a solid of revolution, obtained by rotating the Lamé curve with exponent 2 / ϵ 1 {\displaystyle 2/\epsilon _{1}} around the vertical axis. === Superellipsoid === The basic shape above extends from −1 to +1 along each coordinate axis. The general superellipsoid is obtained by scaling the basic shape along each axis by factors a x {\displaystyle a_{x}} , a y {\displaystyle a_{y}} , a z {\displaystyle a_{z}} , the semi-diameters of the resulting solid. The implicit function is F ( x , y , z ) = ( ( x a x ) 2 ϵ 2 + ( y a y ) 2 ϵ 2 ) ϵ 2 ϵ 1 + ( z a z ) 2 ϵ 1 {\displaystyle F(x,y,z)=\left(\left({\frac {x}{a_{x}}}\right)^{\frac {2}{\epsilon _{2}}}+\left({\frac {y}{a_{y}}}\right)^{\frac {2}{\epsilon _{2}}}\right)^{\frac {\epsilon _{2}}{\epsilon _{1}}}+\left({\frac {z}{a_{z}}}\right)^{\frac {2}{\epsilon _{1}}}} . Similarly, the surface of the superellipsoid is defined by the equation F ( x , y , z ) = 1 {\displaystyle F(x,y,z)=1} For any given point ( x , y , z ) ∈ R 3 {\displaystyle (x,y,z)\in \mathbb {R} ^{3}} , the point lies inside the superellipsoid if f ( x , y , z ) < 1 {\displaystyle f(x,y,z)<1} , and outside if f ( x , y , z ) > 1 {\displaystyle f(x,y,z)>1} . Therefore, the implicit function is also called the inside-outside function of the superellipsoid. The superellipsoid has a parametric representation in terms of surface parameters η ∈ [ − π / 2 , π / 2 ) {\displaystyle \eta \in [-\pi /2,\pi /2)} , ω ∈ [ − π , π ) {\displaystyle \omega \in [-\pi ,\pi )} . x ( η , ω ) = a x cos ϵ 1 η cos ϵ 2 ω {\displaystyle x(\eta ,\omega )=a_{x}\cos ^{\epsilon _{1}}\eta \cos ^{\epsilon _{2}}\omega } y ( η , ω ) = a y cos ϵ 1 η sin ϵ 2 ω {\displaystyle y(\eta ,\omega )=a_{y}\cos ^{\epsilon _{1}}\eta \sin ^{\epsilon _{2}}\omega } z ( η , ω ) = a z sin ϵ 1 η {\displaystyle z(\eta ,\omega )=a_{z}\sin ^{\epsilon _{1}}\eta } === General posed superellipsoid === In computer vision and robotic applications, a superellipsoid with a general pose in the 3D Euclidean space is usually of more interest. For a given Euclidean transformation of the superellipsoid frame g = [ R ∈ S O ( 3 ) , t ∈ R 3 ] ∈ S E ( 3 ) {\displaystyle g=[\mathbf {R} \in SO(3),\mathbf {t} \in \mathbb {R} ^{3}]\in SE(3)} relative to the world frame, the implicit function of a general posed superellipsoid surface defined the world frame is F ( g − 1 ∘ ( x , y , z ) ) = 1 {\displaystyle F\left(g^{-1}\circ (x,y,z)\right)=1} where ∘ {\displaystyle \circ } is the transformation operation that maps the point ( x , y , z ) ∈ R 3 {\displaystyle (x,y,z)\in \mathbb {R} ^{3}} in the world frame into the canonical superellipsoid frame. === Volume of superellipsoid === The volume encompassed by the superelllipsoid surface can be expressed in terms of the beta functions β ( ⋅ , ⋅ ) {\displaystyle \beta (\cdot ,\cdot )} , V ( ϵ 1 , ϵ 2 , a x , a y , a z ) = 2 a x a y a z ϵ 1 ϵ 2 β ( ϵ 1 2 , ϵ 1 + 1 ) β ( ϵ 2 2 , ϵ 2 + 2 2 ) {\displaystyle V(\epsilon _{1},\epsilon _{2},a_{x},a_{y},a_{z})=2a_{x}a_{y}a_{z}\epsilon _{1}\epsilon _{2}\beta ({\frac {\epsilon _{1}}{2}},\epsilon _{1}+1)\beta ({\frac {\epsilon _{2}}{2}},{\frac {\epsilon _{2}+2}{2}})} or equivalently with the Gamma function Γ ( ⋅ ) {\displaystyle \Gamma (\cdot )} , since β ( m , n ) = Γ ( m ) Γ ( n ) Γ ( m + n ) {\displaystyle \beta (m,n)={\frac {\Gamma (m)\Gamma (n)}{\Gamma (m+n)}}} == Recovery from data == Recoverying the superellipsoid (or superquadrics) representation from raw data (e.g., point cloud, mesh, images, and voxels) is an important task in computer vision, robotics, and physical simulation. Traditional computational methods model the problem as a least-square problem. The goal is to find out the optimal set of superellipsoid parameters θ ≐ [ ϵ 1 , ϵ 2 , a x , a y , a z , g ] {\displaystyle \theta \doteq [\epsilon _{1},\epsilon _{2},a_{x},a_{y},a_{z},g]} that minimize an objective function. Other than the shape parameters, g ∈ {\displaystyle g\in } SE(3) is the pose of the superellipsoid frame with respect to the world coordinate. There are two commonly used objective functions. The first one is constructed directly based on the implicit function G 1 ( θ ) = a x a y a z ∑ i = 1 N ( F ϵ 1 ( g − 1 ∘ ( x i , y i , z i ) ) − 1 ) 2 {\displaystyle G_{1}(\theta )=a_{x}a_{y}a_{z}\sum _{i=1}^{N}\left(F^{\epsilon _{1}}\left(g^{-1}\circ (x_{i},y_{i},z_{i})\right)-1\right)^{2}} The minimization of the objective function provides a recovered superellipsoid as close as possible to all the input points { ( x i , y i , z i ) ∈ R 3 , i = 1 , 2 , . . . , N } {\displaystyle \{(x_{i},y_{i},z_{i})\in \mathbb {R} ^{3},i=1,2,...,N\}} . At the mean time, the scalar value a x , a y , a z {\displaystyle a_{x},a_{y},a_{z}} is positively proportional to the volume of the superellipsoid, and thus have the effect of minimizing the volume as well. The other objective function tries to minimized the radial distance between the points and the superellipsoid. That is G 2 ( θ ) = ∑ i = 1 N ( | r
PGP word list
The PGP Word List ("Pretty Good Privacy word list", also called a biometric word list for reasons explained below) is a list of words for conveying data bytes in a clear unambiguous way via a voice channel. They are analogous in purpose to the NATO phonetic alphabet, except that a longer list of words is used, each word corresponding to one of the 256 distinct numeric byte values. == History and structure == The PGP Word List was designed in 1995 by Patrick Juola, a computational linguist, and Philip Zimmermann, creator of PGP. The words were carefully chosen for their phonetic distinctiveness, using genetic algorithms to select lists of words that had optimum separations in phoneme space. The candidate word lists were randomly drawn from Grady Ward's Moby Pronunciator list as raw material for the search, successively refined by the genetic algorithms. The automated search converged to an optimized solution in about 40 hours on a DEC Alpha, a particularly fast machine in that era. The Zimmermann–Juola list was originally designed to be used in PGPfone, a secure VoIP application, to allow the two parties to verbally compare a short authentication string to detect a man-in-the-middle attack (MiTM). It was called a biometric word list because the authentication depended on the two human users recognizing each other's distinct voices as they read and compared the words over the voice channel, binding the identity of the speaker with the words, which helped protect against the MiTM attack. The list can be used in many other situations where a biometric binding of identity is not needed, so calling it a biometric word list may be imprecise. Later, it was used in PGP to compare and verify PGP public key fingerprints over a voice channel. This is known in PGP applications as the "biometric" representation. When it was applied to PGP, the list of words was further refined, with contributions by Jon Callas. More recently, it has been used in Zfone and the ZRTP protocol, the successor to PGPfone. The list is actually composed of two lists, each containing 256 phonetically distinct words, in which each word represents a different byte value between 0 and 255. Two lists are used because reading aloud long random sequences of human words usually risks three kinds of errors: 1) transposition of two consecutive words, 2) duplicate words, or 3) omitted words. To detect all three kinds of errors, the two lists are used alternately for the even-offset bytes and the odd-offset bytes in the byte sequence. Each byte value is actually represented by two different words, depending on whether that byte appears at an odd or an even offset from the beginning of the byte sequence. The two lists are readily distinguished by the number of syllables; the odd list has words of three syllables, the even list has two. The two lists have a maximum word length of 11 and 9 letters, respectively. Using a two-list scheme was suggested by Zhahai Stewart. == Examples == Each byte in a bytestring is encoded as a single word. A sequence of bytes is rendered in network byte order, from left to right. For example, the leftmost (i.e. byte 0) is considered "even" and is encoded using the PGP Even Word table. The next byte to the right (i.e. byte 1) is considered "odd" and is encoded using the PGP Odd Word table. This process repeats until all bytes are encoded. Thus, "E582" produces "topmost Istanbul", whereas "82E5" produces "miser travesty". A PGP public key fingerprint that displayed in hexadecimal as E582 94F2 E9A2 2748 6E8B 061B 31CC 528F D7FA 3F19 would display in PGP Words (the "biometric" fingerprint) as topmost Istanbul Pluto vagabond treadmill Pacific brackish dictator goldfish Medusa afflict bravado chatter revolver Dupont midsummer stopwatch whimsical cowbell bottomless The order of bytes in a bytestring depends on endianness. == Other word lists for data == There are several other word lists for conveying data in a clear unambiguous way via a voice channel: the NATO phonetic alphabet maps individual letters and digits to individual words the S/KEY system maps 64 bit numbers to 6 short words of 1 to 4 characters each from a publicly accessible 2048-word dictionary. The same dictionary is used in RFC 1760 and RFC 2289. the Diceware system maps five base-6 random digits (almost 13 bits of entropy) to a word from a dictionary of 7,776 distinct words. the Electronic Frontier Foundation has published a set of improved word lists based on the same concept FIPS 181: Automated Password Generator converts random numbers into somewhat pronounceable "words". mnemonic encoding converts 32 bits of data into 3 words from a vocabulary of 1626 words. what3words encodes geographic coordinates in 3 dictionary words. the BIP39 standard permits encoding a cryptographic key of fixed size (128 or 256 bits, usually the unencrypted master key of a Cryptocurrency wallet) into a short sequence of readable words known as the seed phrase, for the purpose of storing the key offline. This is used in cryptocurrencies such as Bitcoin or Monero. Like the PGP word list, the Bytewords standard maps each possible byte to a word. There is only one list, rather than two. The words are uniformly four letters long and can be uniquely identified by their first and last letters
Transparent decryption
Transparent decryption is a method of decrypting data which unavoidably produces evidence that the decryption operation has taken place. The idea is to prevent the covert decryption of data. In particular, transparent decryption protocols allow a user Alice to share with Bob the right to access data, in such a way that Bob may decrypt at a time of his choosing, but only while simultaneously leaving evidence for Alice of the fact that decryption occurred. Transparent decryption supports privacy, because this evidence alerts data subjects to the fact that information about them has been decrypted and disincentivises data misuse. Recent work further formalizes transparent decryption and explores practical implementations based on cryptographic protocols and blockchain systems. == Applications == Transparent decryption has been proposed for several systems where there is a need to simultaneously achieve accountability and secrecy. For example: In lawful interception, law enforcement agencies can access private messages and emails. Transparent decryption can make such accesses accountable, giving citizens guarantees about how their private information is accessed. Data arising from vehicles and IoT devices may contain personal information about the vehicle or device owners and their activities. Nevertheless, the data is typically processed in order to provide user functionality and also to investigate and fight crime. Transparent decryption can be used to help users monitor when and how data about them is being accessed and used. == Implementation == In transparent decryption, the decryption key is distributed among a set of agents (called trustees); they use their key share only if the required transparency conditions have been satisfied. Typically, the transparency condition can be formulated as the presence of the decryption request in a distributed ledger. == Alternative solutions == Besides transparent decryption, some other techniques have been proposed for achieving law enforcement while preserving privacy. Solutions that allow competing parties to unify their data access policies. Attribute-based encryption with oblivious attribute translation (OTABE) is an extension of attribute-based encryption that allows translation between proprietary attributes belonging to different organisations, and it has been applied to the problem of law-enforcement access to phone call metadata. Solutions that rely on sophisticated cryptography, such as zero-knowledge proofs that the actions of law enforcement is consistent with judge rulings and the actions of companies, and multi-party computation to compute results.
Dashboard (computing)
In computer information systems, a dashboard is a type of graphical user interface which often provides at-a-glance views of data relevant to a particular objective or process through a combination of visualizations and summary information. In other usage, "dashboard" is another name for "progress report" or "report" and is considered a form of data visualization. The dashboard is often accessible by a web browser and is typically linked to regularly updating data sources. Dashboards are often interactive and facilitate users to explore the data themselves, usually by clicking into elements to view more detailed information. The term dashboard originates from the automobile dashboard where drivers monitor the major functions at a glance via the instrument panel. == History == The idea of digital dashboards followed the study of decision support systems in the 1970s. Early predecessors of the modern business dashboard were first developed in the 1980s in the form of Executive Information Systems (EISs). Due to problems primarily with data refreshing and handling, it was soon realized that the approach wasn't practical as information was often incomplete, unreliable, and spread across too many disparate sources. Thus, EISs hibernated until the 1990s when the information age quickened pace and data warehousing, and online analytical processing (OLAP) allowed dashboards to function adequately. Despite the availability of enabling technologies, the dashboard use didn't become popular until later in that decade, with the rise of key performance indicators (KPIs), and the introduction of Robert S. Kaplan and David P. Norton's balanced scorecard. In the late 1990s, Microsoft promoted a concept known as the Digital Nervous System and "digital dashboards" were described as being one leg of that concept. Today, the use of dashboards forms an important part of Business Performance Management (BPM). Initially dashboards were used for monitoring purposes, now with the advancement of technology, dashboards are being used for more analytical purposes. The use of dashboards has now been incorporating; scenario analysis, drill down capabilities, and presentation format flexibility. == Benefits == Digital dashboards allow managers to monitor the contribution of the various departments in their organization. In addition, they enable “rolling up” of information to present a consolidated view across an organization. To gauge exactly how well an organization is performing overall, digital dashboards allow you to capture and report specific data points from each department within the organization, thus providing a "snapshot" of performance. Benefits of using digital dashboards include: Visual presentation of performance measures Ability to identify and correct negative trends Measure efficiencies/inefficiencies Ability to generate detailed reports showing new trends Ability to make more informed decisions based on collected business intelligence Dashboards offers a holistic view of the entire business as it gives the manager a bird's eye view into the performance of sales, data inventory, web traffic, social media analytics and other associated data that is visually presented on a single dashboard. Dashboards lead to better management of marketing/financial strategies as a dashboard for the display of marketing data makes the process of marketing easier and more reliable as compared to doing it manually. Web analytics play a crucial role in shaping the marketing strategy of many businesses. Dashboards also facilitate for better tracking of sales and financial reporting as the data is more precise and in one area. Lastly, dashboards offer for better customer service through monitoring because they keep both the managers and the clients updated on the project progress through automated emails and notifications. == Align strategies and organizational goals == Gain total visibility of all systems instantly Quick identification of data outliers and correlations Consolidated reporting into one location Available on mobile devices to quickly access metrics == Classification == Dashboards can be broken down according to role and are either strategic, analytical, operational, or informational. Dashboards are the 3rd step on the information ladder, demonstrating the conversion of data to increasingly valuable insights. Strategic dashboards support managers at any level in an organization and provide the quick overview that decision-makers need to monitor the health and opportunities of the business. Dashboards of this type focus on high-level measures of performance and forecasts. Strategic dashboards benefit from static snapshots of data (daily, weekly, monthly, and quarterly) that are not constantly changing from one moment to the next. Dashboards for analytical purposes often include more context, comparisons, and history, along with subtler performance evaluators. In addition, analytical dashboards typically support interactions with the data, such as drilling down into the underlying details. Dashboards for monitoring operations are often designed differently from those that support strategic decision making or data analysis and often require monitoring of activities and events that are constantly changing and might require attention and response at a moment's notice. == Types of dashboards == Digital dashboards may be laid out to track the flows inherent in the business processes that they monitor. Graphically, users may see the high-level processes and then drill down into low-level data. This level of detail is often buried deep within the corporate enterprise and otherwise unavailable to the senior executives. Three main types of digital dashboards dominate the market today: desktop software applications, web-browser-based applications, and desktop applications are also known as desktop widgets. The last are driven by a widget engine. Both Desktop and Browser-based providers enable the distribution of dashboards via a web browser. An example of the latter is web-based-browser Asana, which helps teams orchestrate their work, from daily tasks to strategic cross-functional initiatives. With it, teams can manage everything from company objectives to digital transformation to product launches and marketing campaigns. Specialized dashboards may track all corporate functions. Examples include human resources, recruiting, sales, operations, security, information technology, project management, customer relationship management, digital marketing and many more departmental dashboards. For a smaller organization like a startup a compact startup scorecard dashboard tracks important activities across lot of domains ranging from social media to sales. Digital dashboard projects involve business units as the driver and the information technology department as the enabler. Therefore, the success of dashboard projects depends on the relevancy/importance of information provided within the dashboard. This includes the metrics chosen to monitor and the timeliness of the data forming those metrics; data must be up to date and accurate. Key performance indicators, balanced scorecards, and sales performance figures are some of the content appropriate on business dashboards. === Performance Dashboards === Dashboards involve the combination of visual and functional features. This combination of features helps improve cognition and interpretation. A performance dashboard sits at the intersection of two powerful disciplines: business intelligence and performance management. Therefore, there are different users who could use these dashboards for different reasons. For example, a level of workers could look at monitoring inventory while those in more managerial roles can look at lagging measure. Then executives could utilize the dashboard to evaluate strategic performance against objectives. == Dashboards and scorecards == Balanced scorecards and dashboards have been linked together as if they were interchangeable. However, although both visually display critical information, the difference is in the format: Scorecards can open the quality of an operation while dashboards provide calculated direction. A balanced scorecard has what they called a "prescriptive" format. It should always contain these components: Perspectives – group Objectives – verb-noun phrases pulled from a strategy plan Measures – also called metric or key performance indicators (KPIs) Spotlight indicators – red, yellow, or green symbols that provide an at-a-glance view of a measure's performance. Each of these sections ensures that a Balanced Scorecard is essentially connected to the businesses critical strategic needs. The design of a dashboard is more loosely defined. Dashboards are usually a series of graphics, charts, gauges and other visual indicators that can be monitored and interpreted. Even when there is a strategic link, on a dashboard, it may not be noticed as such since objectives are not normally pre
Yorba (software)
Yorba is a web-based personal information management platform for finding, monitoring, or deleting online accounts and subscriptions. Yorba is a participating member of Consumer Reports’ Data Rights Protocol (DRP) consortium that develops open technical standards for exercising consumer data rights under laws including the California Consumer Privacy Act. == History == Yorba began as a research project around 2021. It was founded by Chris Zeunstrom (CEO), Nolan Cabeje (CDO) and David Schmudde (CTO). Zeunstrom says he began developing Yorba after growing frustrated with managing numerous email accounts, noting overloaded inboxes create distraction and potential security vulnerabilities. Yorba’s early development was also influenced by security issues he encountered at a previous company, which had been affected by data breaches at a time when such incidents were becoming increasingly common. In 2023, Yorba launched a private beta as a public benefit corporation funded through a give-back model operated by Zeunstrom's New York-based design firm, Ruca. In January 2024, Yorba entered public beta and reported over 1,000 users, including 160 premium subscribers. At the time of the public beta launch, Yorba integrated with Gmail and announced plans to expand compatibility to other online services and cloud storage providers. In September 2024, Yorba completed conformance testing under the Data Rights Protocol, an initiative developed by Consumer Reports, to establish a standard and open-source framework for securely transmitting consumer data rights requests under laws like the California Consumer Privacy Act. Yorba was named among twelve participating companies that implemented the protocol alongside OneTrust and Consumer Reports’ own Permission Slip app. Yorba was one of nine startups selected as 2025 finalist in the Santander X Global Awards international entrepreneurship competition. == Features == Yorba scans user inbox history data to identify online accounts, mailing lists, and possible data breaches. It uses natural language processing and machine learning to identify a user's accounts, services, and subscriptions. The platform prompts password resets for compromised accounts and locates unused accounts. The platform also supports mailing list management by identifying and helping users unsubscribe from newsletters. Paid subscribers can locate and cancel recurring charges. Yorba links with financial institutions in the U.S., Canada, and EU via Plaid Inc. to detect recurring charges and delete unwanted subscriptions. == Privacy and Ethics == Yorba's founder has openly criticized dark patterns that make canceling services difficult, citing personal frustration with inbox clutter as part of his inspiration for Yorba. Yorba offers privacy policy analysis in partnership with Amsterdam-based nonprofit Terms of Service; Didn’t Read, assigning grades based on invasiveness or ethical concerns. As of 2024, the company described its pricing as designed to cover operational costs and sustain the platform without outside investment.
Cryptovirology
Cryptovirology refers to the study of cryptography use in malware, such as ransomware and asymmetric backdoors. Traditionally, cryptography and its applications are defensive in nature, and provide privacy, authentication, and security to users. Cryptovirology employs a twist on cryptography, showing that it can also be used offensively. It can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents. The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware, whereas the attacker sees the public key contained in the malware as well as the corresponding private key (outside the malware) since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo. == Overview == The field encompasses covert malware attacks in which the attacker securely steals private information such as symmetric keys, private keys, PRNG state, and the victim's data. Examples of such covert attacks are asymmetric backdoors. An asymmetric backdoor is a backdoor (e.g., in a cryptosystem) that can be used only by the attacker, even after it is found. This contrasts with the traditional backdoor that is symmetric, i.e., anyone that finds it can use it. Kleptography, a subfield of cryptovirology, is the study of asymmetric backdoors in key generation algorithms, digital signature algorithms, key exchanges, pseudorandom number generators, encryption algorithms, and other cryptographic algorithms. The NIST Dual EC DRBG random bit generator has an asymmetric backdoor in it. The EC-DRBG algorithm utilizes the discrete-log kleptogram from kleptography, which by definition makes the EC-DRBG a cryptotrojan. Like ransomware, the EC-DRBG cryptotrojan contains and uses the attacker's public key to attack the host system. The cryptographer Ari Juels indicated that NSA effectively orchestrated a kleptographic attack on users of the Dual EC DRBG pseudorandom number generation algorithm and that, although security professionals and developers have been testing and implementing kleptographic attacks since 1996, "you would be hard-pressed to find one in actual use until now." Due to public outcry about this cryptovirology attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard. Covert information leakage attacks carried out by cryptoviruses, cryptotrojans, and cryptoworms that, by definition, contain and use the public key of the attacker is a major theme in cryptovirology. In "deniable password snatching," a cryptovirus installs a cryptotrojan that asymmetrically encrypts host data and covertly broadcasts it. This makes it available to everyone, noticeable by no one (except the attacker), and only decipherable by the attacker. An attacker caught installing the cryptotrojan claims to be a virus victim. An attacker observed receiving the covert asymmetric broadcast is one of the thousands, if not millions of receivers, and exhibits no identifying information whatsoever. The cryptovirology attack achieves "end-to-end deniability." It is a covert asymmetric broadcast of the victim's data. Cryptovirology also encompasses the use of private information retrieval (PIR) to allow cryptoviruses to search for and steal host data without revealing the data searched for even when the cryptotrojan is under constant surveillance. By definition, such a cryptovirus carries within its own coding sequence the query of the attacker and the necessary PIR logic to apply the query to host systems. == History == The first cryptovirology attack and discussion of the concept was by Adam L. Young and Moti Yung, at the time called "cryptoviral extortion" and it was presented at the 1996 IEEE Security & Privacy conference. In this attack, a cryptovirus, cryptoworm, or cryptotrojan contains the public key of the attacker and hybrid encrypts the victim's files. The malware prompts the user to send the asymmetric ciphertext to the attacker who will decipher it and return the symmetric decryption key it contains for a fee. The victim needs the symmetric key to decrypt the encrypted files if there is no way to recover the original files (e.g., from backups). The 1996 IEEE paper predicted that cryptoviral extortion attackers would one day demand e-money, long before Bitcoin even existed. Many years later, the media relabeled cryptoviral extortion as ransomware. In 2016, cryptovirology attacks on healthcare providers reached epidemic levels, prompting the U.S. Department of Health and Human Services to issue a Fact Sheet on Ransomware and HIPAA. The fact sheet states that when electronic protected health information is encrypted by ransomware, a breach has occurred, and the attack therefore constitutes a disclosure that is not permitted under HIPAA, the rationale being that an adversary has taken control of the information. Sensitive data might never leave the victim organization, but the break-in may have allowed data to be sent out undetected. California enacted a law that defines the introduction of ransomware into a computer system with the intent of extortion as being against the law. == Examples == === Tremor virus === While viruses in the wild have used cryptography in the past, the only purpose of such usage of cryptography was to avoid detection by antivirus software. For example, the tremor virus used polymorphism as a defensive technique in an attempt to avoid detection by anti-virus software. Though cryptography does assist in such cases to enhance the longevity of a virus, the capabilities of cryptography are not used in the payload. The One-half virus was amongst the first viruses known to have encrypted affected files. === Tro_Ransom.A virus === An example of a virus that informs the owner of the infected machine to pay a ransom is the virus nicknamed Tro_Ransom.A. This virus asks the owner of the infected machine to send $10.99 to a given account through Western Union. Virus.Win32.Gpcode.ag is a classic cryptovirus. This virus partially uses a version of 660-bit RSA and encrypts files with many different extensions. It instructs the owner of the machine to email a given mail ID if the owner desires the decryptor. If contacted by email, the user will be asked to pay a certain amount as ransom in return for the decryptor. === CAPI === It has been demonstrated that using just 8 different calls to Microsoft's Cryptographic API (CAPI), a cryptovirus can satisfy all its encryption needs. == Other uses of cryptography-enabled malware == Apart from cryptoviral extortion, there are other potential uses of cryptoviruses, such as deniable password snatching, cryptocounters, private information retrieval, and in secure communication between different instances of a distributed cryptovirus.