Computer appliance

A computer appliance is a computer system with a combination of hardware, software, or firmware that is specifically designed to provide a particular computing resource. Such devices became known as appliances because of the similarity in role or management to a home appliance, which are generally closed and sealed, and are not serviceable by the user or owner. The hardware and software are delivered as an integrated product and may even be pre-configured before delivery to a customer, to provide a turn-key solution for a particular application. Unlike general purpose computers, appliances are generally not designed to allow the customers to change the software and the underlying operating system, or to flexibly reconfigure the hardware. Another form of appliance is the virtual appliance, which has similar functionality to a dedicated hardware appliance, but is distributed as a software virtual machine image for a hypervisor-equipped device. == Overview == Traditionally, software applications run on top of a general-purpose operating system, which uses the hardware resources of the computer (primarily memory, disk storage, processing power, and networking bandwidth) to meet the computing needs of the user. The main issue with the traditional model is related to complexity. It is complex to integrate the operating system and applications with a hardware platform, and complex to support it afterwards. By tightly constraining the variations of the hardware and software, the appliance becomes easily deployable, and can be used without nearly as wide (or deep) IT knowledge. Additionally, when problems and errors appear, the supporting staff very rarely needs to explore them deeply to understand the matter thoroughly. The staff needs merely training on the appliance management software to be able to resolve most of problems. In all forms of the computer appliance model, customers benefit from easy operations. The appliance has exactly one combination of hardware and operating system and application software, which has been pre-installed at the factory. This prevents customers from needing to perform complex integration work, and dramatically simplifies troubleshooting. In fact, this "turnkey operation" characteristic is the driving benefit that customers seek when purchasing appliances. To be considered an appliance, the (hardware) device needs to be integrated with software, and both are supplied as a package. This distinguishes appliances from "home grown" solutions, or solutions requiring complex implementations by integrators or value-added resellers (VARs). The appliance approach helps to decouple the various systems and applications, for example in the data center. Once a resource is decoupled, in theory it can be also centralized to become shared among many systems, centrally managed and optimized, all without requiring changes to any other system. == Tradeoffs of the computer appliance approach == The major disadvantage of deploying a computer appliance is that since they are designed to supply a specific resource, they most often include a customized operating system running over specialized hardware, neither of which are likely to be compatible with the other systems previously deployed. Customers lose flexibility. One may believe that a proprietary embedded operating system, or operating system within an application, can make the appliance much more secure from common cyber attacks. However, the opposite is true. Security by obscurity is a poor security decision, and appliances are often plagued by security issues as evidenced by the proliferation of IoT devices. == Types of appliances == The variety of computer appliances reflects the wide range of computing resources they provide to applications. Some examples: Storage appliances provide large amounts of storage, often available to many machines on the network. See Network-attached storage and Storage area network. Network appliances are general purpose routers which may also provide firewall protection, Transport Layer Security (TLS), messaging, access to specialized networking protocols (like the ebXML Message Service) and bandwidth multiplexing for the multiple systems they front-end. Backup and disaster recovery appliances computer appliances that are integrated backup software and backup targets, sometimes with hypervisors to support local DR of protected servers. They are often a gateway to a full DRaaS solution. Firewall and Security appliances Dedicated network appliances that are designed to protect computer networks from unwanted traffic. IIoT and MES Gateway appliances Computer appliances that are designed to translate data bidirectionally between control systems and enterprise systems. Proprietary, embedded, firmware applications running on the appliance use point-to-point connections to translate data between field devices in their native automation protocols and MES systems through their APIs, ODBC, or RESTful interfaces. Anti-spam appliances for e-mail spam Software appliances A single application server appliance, with just enough operating system (JeOS) for it to run. Virtual machine appliances consist of a "hypervisor style" embedded operating system running on appliance hardware. The hypervisor layer is matched to the hardware of the appliance, and cannot be varied by the customer, but the customer may load other operating systems and applications onto the appliance in the form of virtual machines. == Consumer appliances == Aside from its deployment within data centers, many computer appliances are directly used by the general public. These include: Digital video recorder Residential gateway Network-attached storage (NAS) Video game console Consumer uses stress the need for an appliance to have easy installation, configuration, and operation, with little or no technical knowledge being necessary. == Appliances in industrial automation == The world of industrial automation has been rich in appliances. These appliances have been hardened to withstand temperature and vibration extremes. These appliances are also highly configurable, enabling customization to meet a wide variety of applications. The key benefits of an appliance in automation are: Reduced downtime - a failed appliance is typically replaced with a COTS replacement and its task is quickly and easily reloaded from a backup. Highly scalable - appliances are typically targeted solutions for an area of a plant or process. As the requirements change, scalability is achieved through the installation of another appliance. Automation concepts are easily replicated throughout the enterprise by standardizing on appliances to perform the needed tasks, as opposed to the development of custom automation schemes for each task. Low TCO (total cost of ownership) - appliances are developed, tested and supported by automation product vendors and undergo a much broader level of quality testing than custom designed automation solutions. The use of appliances in automation reduce the level of testing needed in each individual application. Reduced design time - appliances perform specific functions and although they are highly configurable, they are typically self documenting. This enables appliance based solutions to be transferred from engineer to engineer with minimal need for training and documentation. Types of automation appliances: PLC (programmable logic controller) - Programmable logic controllers are appliances that are typically used for discrete control and offer a wide range of Input and Output options. They are configured through standardized programming languages such as IEC-1131. PID (proportional–integral–derivative controller) - PID controllers are appliances that monitor a process variable and, based on an error term, effect change on a control output (manipulated variable) to drive the process variable to a setpoint. PAC (programmable automation controller) - Programmable automation controllers are appliances that embody properties of both PLCs and PID controllers enabling the integration of both analog and discrete control. Universal gateway - A universal gateway appliance has the ability to communicate with a variety of devices through their respective communication protocols, and will affect data transactions between them. This in increasingly important as manufacturing strives to improve agility, quality, production rates, production costs and reduce downtime through enhanced M2M (machine to machine) communications. EATMs (Enterprise Appliance Transaction Modules) - Enterprise appliance transaction modules are appliances that affect data transactions from plant floor automation systems to enterprise business systems. They communicate to plant floor equipment through various vendor automation protocols, and communicate to business systems through database communication protocols such as JMS (Java Message Service) and SQL (Structured Query Language). == Internal structure == There are several

Opponent process

The opponent process is a hypothesis of color vision that states that the human visual system interprets information about color by processing signals from the three types of photoreceptor cells in an antagonistic manner. The three types of cones are called L, M, and S. The names stand for "Long wavelength sensitive,” "middle wavelength sensitive," and "short wavelength sensitive." The opponent-process theory implicates three opponent channels: L versus M, S versus (L+M), and a luminance channel (+ versus -). These cone-opponent mechanisms were at one time thought to be the neural substrate for a psychological theory called Hering's Opponent Colors Theory, which calls for three psychologically important opponent color processes: red versus green, blue versus yellow, and black versus white (luminance). The Opponent Colors Theory is named for the German physiologist Ewald Hering who proposed the idea in the late 19th century. However, it has been argued that Hering’s Opponent Colors Theory lacks adequate phenomenological and empirical support, and may not be a necessary feature of normal human color experience. Correspondingly, considerable physiological and behavioral evidence proves that the physiological cone opponent mechanisms do not constitute the neurobiological basis for Hering's Opponent Colors Theory. == Color theory == === Complementary colors === When staring at a bright color for a while (e.g. red), then looking away at a white field, an afterimage is perceived, such that the original color will evoke its complementary color (cyan, in the case of red input). When complementary colors are combined or mixed, they "cancel each other out" and become neutral (white or gray). That is, complementary colors are never perceived as a mixture; there is no "greenish red" or "yellowish blue", despite claims to the contrary. The strongest color contrast that a color can have is its complementary color. Complementary colors may also be called "opposite colors" and they were originally considered the primary evidence in support of Hering's Opponent Colors Theory. There are two fatal problems with this evidence. First, the complement of red is not green, as called for by Hering's theory; it is bluish-green. And second, there exists a complementary color for every color, so there is nothing special about the set of complementary pairs picked out by Hering's theory. === Unique hues === The colors that define the extremes for each opponent channel are called unique hues, as opposed to composite (mixed) hues. Ewald Hering first defined the unique hues as red, green, blue, and yellow, and based them on the concept that these colors could not be simultaneously perceived. For example, a color cannot appear both red and green. These definitions have been experimentally refined and are represented today by average hue angles of 353° (carmine red), 128° (cobalt green), 228° (cobalt blue), 58° (yellow). The unique hues are a defining feature of many psychological color spaces, but there is substantial evidence showing that the unique hues are not hard wired in the nervous system, contrary to the stipulations of Hering's Opponent Colors Theory. Unique hues can differ between individuals and are often used in psychophysical research to measure variations in color perception due to color-vision deficiencies or color adaptation. While there is considerable inter-subject variability when defining unique hues experimentally, an individual's unique hues are very consistent, to within a few nanometers of wavelength. == Physiological basis == === Relation to LMS color space === The trichromatic theory is in conflict with Hering's Opponent Colors Theory, although it is compatible with a physiological opponent process that compares the outputs of the different classes of cone types. The poles of these cone opponent mechanisms do not correspond to the unique hues of Hering's Opponent Colors Theory and unlike the unique hues, have no privilege in color perception. Most humans have three different cone cells in their retinas that facilitate trichromatic color vision. Colors are determined by the proportional excitation of these three cone types, i.e. their quantum catch. The levels of excitation of each cone type are the parameters that define LMS color space. To calculate the opponent process tristimulus values from the LMS color space, the cone excitations must be compared: The luminous (achromatic) opponent channel is a weighted sum of all three cone cells (plus the rod cells in some conditions). The red–green opponent channel is equal to the difference of the L- and M-cones. The blue–yellow opponent channel is equal to the difference of the S-cone and the average/weighted sum of the L- and M-cones. Most mammals have no L cone (the primate L cone arose from a gene duplication of the M cone opsin gene). These mammals still show two kinds of opponent channels in their retinal ganglion cells: the achromatic channel and the blue-yellow opponency channel. === Cone opponent mechanisms are encoded in the retina === The output of different types of cones are compared by cells in the retina including retina bipolar cells (which compare signals from L and M cones) and bistratified retinal ganglion cells (which compare S cone signals with L and M cone signals). The output of bipolar cells is relayed to the visual cortex by the retinal ganglion cells (RGCs) by way of a thalamic relay station called the lateral geniculate nucleus (LGN) of the thalamus. Much of the scientific knowledge of retinal ganglion cell physiology was obtained by neural recordings of cells in the LGN. The cone-opponent mechanisms in the retina and LGN represent a fundamental physiological opponent process but do not represent the unique hues (or Hering's Opponent Colors Theory). For example, the colors that best elicit responses of the bistratified S-(L+M)-opponent neurons are best described as purplish (or lavender) and lime-green, not "blue" and "yellow". The neurons are sometimes referred to as "blue–yellow" neurons, but this is a historical artifact dating to the time when it was thought that Hering's Opponent Colors Theory was hardwired by the retina and the mismatch between the colors to which they are optimally tuned and Hering's Opponent Colors was overlooked. Cone opponent mechanisms exist in the retinas of many mammals, including monkeys, mice, and cats. In primates, the LGN contains three major classes of layers: Magnocellular layers (M, large-cell) – responsible largely for the luminance channel Parvocellular layers (P, small-cell) – responsible largely for red–green opponency Koniocellular layers (K) – responsible largely for blue–yellow opponency, poor spatial resolution, long latency Other mammals such as cats also have three cell types denoted as X (magno), Y (parvo), and W (konio). The W type is beyond most doubt homologous to the primate K type. There are some subtle differences between the M and X types as well as the Y and P types to make the correspondence unclear. === Advantage === Transmitting information in opponent-channel color space could be advantageous over transmitting it in LMS color space ("raw" signals from each cone type). There is some overlap in the wavelengths of light to which the three types of cones (L for long-wave, M for medium-wave, and S for short-wave light) respond, so it is more efficient for the visual system (from a perspective of dynamic range) to record differences between the responses of cones, rather than each type of cone's individual response. Hurvich and Jameson argued that the use of opponent-channel color space would increase color contrast, making the information easier to process by later stages of vision. === Color blindness === Color blindness can be classified by the cone cell that is affected (protan, deutan, tritan) or by the opponent channel that is affected (red–green or blue–yellow). In either case, the channel can either be inactive (in the case of dichromacy) or have a lower dynamic range (in the case of anomalous trichromacy). For example, individuals with deuteranopia see little difference between the red and green unique hues. == History == Johann Wolfgang von Goethe first studied the physiological effect of opposed colors in his Theory of Colours in 1810. Goethe arranged his color wheel symmetrically "for the colours diametrically opposed to each other in this diagram are those which reciprocally evoke each other in the eye. Thus, yellow demands purple; orange, blue; red, green; and vice versa: Thus again all intermediate gradations reciprocally evoke each other." Ewald Hering proposed opponent color theory in 1892. He thought that the colors red, yellow, green, and blue are special in that any other color can be described as a mix of them, and that they exist in opposite pairs. That is, either red or green is perceived and never greenish-red: Even though yellow is a mixture of red and green in the RGB color theory, humans

Social media mining

Social media mining is the process of obtaining data from user-generated content on social media in order to extract actionable patterns, form conclusions about users, and act upon the information. Mining supports targeting advertising to users or academic research. The term is an analogy to the process of mining for minerals. Mining companies sift through raw ore to find the valuable minerals; likewise, social media mining sifts through social media data in order to discern patterns and trends about matters such as social media usage, online behaviour, content sharing, connections between individuals, buying behaviour. These patterns and trends are of interest to companies, governments and not-for-profit organizations, as such organizations can use the analyses for tasks such as design strategies, introduce programs, products, processes or services. Social media mining uses concepts from computer science, data mining, machine learning, and statistics. Mining is based on social network analysis, network science, sociology, ethnography, optimization and mathematics. It attempts to formally represent, measure and model patterns from social media data. In the 2010s, major corporations, governments and not-for-profit organizations began mining to learn about customers, clients and others. Platforms such as Google, Facebook (partnered with Datalogix and BlueKai) conduct mining to target users with advertising. Scientists and machine learning researchers extract insights and design product features. Users may not understand how platforms use their data. Users tend to click through Terms of Use agreements without reading them, leading to ethical questions about whether platforms adequately protect users' privacy. During the 2016 United States presidential election, Facebook allowed Cambridge Analytica, a political consulting firm linked to the Trump campaign, to analyze the data of an estimated 87 million Facebook users to profile voters, creating controversy when this was revealed. == Background == As defined by Kaplan and Haenlein, social media is the "group of internet-based applications that build on the ideological and technological foundations of Web 2.0, and that allow the creation and exchange of user-generated content." There are many categories of social media including, but not limited to, social networking (Facebook or LinkedIn), microblogging (Twitter), photo sharing (Flickr, Instagram, Photobucket, or Picasa), news aggregation (Google Reader, StumbleUpon, or Feedburner), video sharing (YouTube, MetaCafe), livecasting (Ustream or Twitch), virtual worlds (Kaneva), social gaming (World of Warcraft), social search (Google, Bing, or Ask.com), and instant messaging (Google Talk, Skype, or Yahoo! messenger). The first social media website was introduced by GeoCities in 1994. It enabled users to create their own homepages without having a sophisticated knowledge of HTML coding. The first social networking site, SixDegrees.com, was introduced in 1997. Since then, many other social media sites have been introduced, each providing service to millions of people. These individuals form a virtual world in which individuals (social atoms), entities (content, sites, etc.) and interactions (between individuals, between entities, between individuals and entities) coexist. Social norms and human behavior govern this virtual world. By understanding these social norms and models of human behavior and combining them with the observations and measurements of this virtual world, one can systematically analyze and mine social media. Social media mining is the process of representing, analyzing, and extracting meaningful patterns from data in social media, resulting from social interactions. It is an interdisciplinary field encompassing techniques from computer science, data mining, machine learning, social network analysis, network science, sociology, ethnography, statistics, optimization, and mathematics. Social media mining faces grand challenges such as the big data paradox, obtaining sufficient samples, the noise removal fallacy, and evaluation dilemma. Social media mining represents the virtual world of social media in a computable way, measures it, and designs models that can help us understand its interactions. In addition, social media mining provides necessary tools to mine this world for interesting patterns, analyze information diffusion, study influence and homophily, provide effective recommendations, and analyze novel social behavior in social media. == Uses == Social media mining is used across several industries including business development, social science research, health services, and educational purposes. Once the data received goes through social media analytics, it can then be applied to these various fields. Often, companies use the patterns of connectivity that pervade social networks, such as assortativity—the social similarity between users that are induced by influence, homophily, and reciprocity and transitivity. These forces are then measured via statistical analysis of the nodes and connections between these nodes. Social analytics also uses sentiment analysis, because social media users often relay positive or negative sentiment in their posts. This provides important social information about users' emotions on specific topics. These three patterns have several uses beyond pure analysis. For example, influence can be used to determine the most influential user in a particular network. Companies would be interested in this information in order to decide who they may hire for influencer marketing. These influencers are determined by recognition, activity generation, and novelty—three requirements that can be measured through the data mined from these sites. Analysts also value measures of homophily: the tendency of two similar individuals to become friends. Users have begun to rely on information of other users' opinions in order to understand diverse subject matter. These analyses can also help create recommendations for individuals in a tailored capacity. By measuring influence and homophily, online and offline companies are able to suggest specific products for individuals consumers, and groups of consumers. Social media networks can use this information themselves to suggest to their users possible friends to add, pages to follow, and accounts to interact with. == Perception == Modern social media mining is a controversial practice that has led to exponential gains in user growth for tech giants such as Facebook, Inc., Twitter, and Google. Companies such as these, considered "Big Tech" are companies that build algorithms that take advantage of user input to understand their preferences, and keep them on the platform as much as possible. These inputs, that can be as simple as time spent on a given screen, provide the data being mined, and lead to companies profiting heavily from using that data to capitalize on extremely accurate predictions about user behavior. The growth of platforms accelerated rapidly once these strategies were put in place; Most of the largest platforms now average over 1 billion active users per month as of 2021. It has been claimed by a multitude of anti-algorithm personalities, like Tristan Harris or Chamath Palihapitiya, that certain companies (specifically Facebook) valued growth above all else, and ignored potential negative impacts from these growth engineering tactics. At the same time, users have now created their own data arbitrages with the help of their own data, through content monetization and becoming influencers. Users typically have access to a varied set of analytics specific to people that interact with them on social media, and can use these as building blocks for their own targeting and growth strategies through ads and posts that cater to their audiences. Influencers also commonly promote products and services for established brands, creating one of the largest digital industries: Influencer marketing. Instagram, Facebook, Twitter, YouTube, Google, and others have long given access to platform analytics, and allowed third parties to access that information as well, at times unbeknownst to even the user whose data is being viewed/bought. == Research == === Research areas === Social media event detection – Social networks enable users to freely communicate with each other and share their recent news, ongoing activities or views about different topics. As a result, they can be seen as a potentially viable source of information to understand the current emerging topics/events. Public health monitoring and surveillance - Using large-scale analysis of social media to study large cohorts of patients and the general public, e.g. to obtain early warning signals of drug-drug interactions and adverse drug reactions, or understand human reproduction and sexual interest. Community structure (Community Detection/Evolution/Evaluation) – Identifying communities on social networks, how t

MIME Object Security Services

MIME Object Security Services (MOSS) is a protocol that uses the multipart/signed and multipart/encrypted framework to apply digital signature and encryption services to MIME objects. == Details == The services are offered through the use of end-to-end cryptography between an originator and a recipient at the application layer. Asymmetric (public key) cryptography is used in support of the digital signature service and encryption key management. Symmetric (secret key) cryptography is used in support of the encryption service. The procedures are intended to be compatible with a wide range of public key management approaches, including both ad hoc and certificate-based schemes. Mechanisms are provided to support many public key management approaches. == Spreading == MOSS was never widely deployed and is now abandoned, largely due to the popularity of PGP.

Telenet

Telenet was an American commercial packet-switched network which went into service in August 16, 1975. It was the first FCC-licensed public data network in the United States. Various commercial and government interests paid monthly fees for dedicated lines connecting their computers and local networks to this backbone network. Free public dialup access to Telenet, for those who wished to access these systems, was provided in hundreds of cities throughout the United States. == History == After establishing that commercial operation of "value added carriers" was legal in the U.S., Bolt Beranek and Newman (BBN), who were the private contractors for constructing packet switching nodes (Interface Message Processor) for the ARPANET, set out to create a private sector version. The original founding company, Telenet Inc., was established by BBN. In January 1975, Telenet Communications Corporation announced that they had acquired the necessary venture capital after a two-year quest. Initially, Bob Kahn was the first President of Telenet; he then moved to ARPA as Larry Roberts left to become President of the company. Barry Wessler also joined from ARPA. On August 16 of the same year they began operating the first public data network. The network offered an email service called Telemail. Telenet had its first offices in downtown Washington, D.C., then moved to McLean, Virginia. It was acquired by GTE in 1979, and then moved to offices in Reston, Virginia. It was later acquired by Sprint and called "Sprintnet". Sprint migrated customers from Telenet to the modern-day Sprintlink IP network, one of many networks composing today's Internet. == Coverage == Originally, the public network had switching nodes in seven US cities: Washington, D.C. (network operations center as well as switching) Boston, Massachusetts New York, New York Chicago, Illinois Dallas, Texas San Francisco, California Los Angeles, California The switching nodes were fed by Telenet Access Controller (TAC) terminal concentrators both colocated and remote from the switches. By 1980, there were over 1000 switches in the public network. At that time, the next largest network using Telenet switches was that of Southern Bell, which had approximately 250 switches. In 1977, Telenet added a London node and a Network Control Centre in a London building of Britain's Post Office Telecommunications. == Internal network technology == Telenet initially used a proprietary virtual connection host interface. The network used statically defined hop-by-hop routing, using Prime commercial minicomputers as switches, but then migrated to a purpose-built multiprocessing switch based on 6502 microprocessors. Among the innovations of this second-generation switch was a patented arbitrated bus interface that created a switched fabric among the microprocessors. By contrast, a typical microprocessor-based system of the time used a bus; switched fabrics did not become common until about twenty years later, with the advent of PCI Express and HyperTransport. Most interswitch lines ran at 56 kbit/s, with a few, such as New York-Washington, at T1 (i.e., 1.544 Mbit/s). Originally, the switching tables could not be altered separately from the main executable code, and topology updates had to be made by deliberately crashing the switch code and forcing a reboot from the network management center. Improvements in the software allowed new tables to be loaded, but the network never used dynamic routing protocols. Multiple static routes, on a switch-by-switch basis, could be defined for fault tolerance. Network management functions continued to run on Prime minicomputers. Roberts and Barry Wessler joined the international effort to standardize the a protocol for packet-switched data communication based on virtual circuits shortly before it was finalized. The CCITT proposal for X.25 was being prepared by Rémi Després and other international experts. A few minor changes, which complemented the proposed specification, were accommodated to enable Telenet to join the agreement. Telenet adopted X.25 shortly after the protocol was published in March 1976. Its X.25 host interface was the first in the industry. The main internal protocol was a proprietary variant on X.75; Telenet also ran standard X.75 gateways to other packet switching networks. == Accessing the network == === Basic asynchronous access === Users could use modems on the Public Switched Telephone Network to dial TAC ports, calling either from "dumb" terminals or from computers emulating such terminals. Organizations with a large number of local terminals could install a TAC on their own site, which used a dedicated line, at up to 56 kbit/s, to connect to a switch at the nearest Telenet location. Dialup modems supported had a maximum speed of 1200 bit/s, and later 4800 bit/s. For example, a customer in NYC could dial into the local number, then type in a command similar to: which would connect (that "c") them to a computer system designated as number "555" located in the same vicinity as the standard telephone "area code" 301. One significant customer was an early (what would now be called) internet service provider The Source which had their equipment in Mclean, Va. Telenet offered a much lower nighttime rate when there were few corporate customers, and this let The Source set up a modestly priced offering to tens of thousands of customers. Another prominent customer in the 1980s was Quantum Link (now AOL). === Other access protocols === Telenet supported remote concentrators for IBM 3270 family intelligent terminals, which communicated, via X.25 to Telenet-written software that ran in IBM 370x series front-end processors. Telenet also supported Block Mode Terminal Interfaces (BMTI) for IBM Remote Job Entry terminals supporting the 2780/3780 and HASP Bisync protocols. === PC Pursuit === In the late 1980s, Telenet offered a service called PC Pursuit. For a flat monthly fee, customers could dial into the Telenet network in one city, then dial out on the modems in another city to access bulletin board systems and other services. PC Pursuit was popular among computer hobbyists because it sidestepped long-distance charges. In this sense, PC Pursuit was similar to the Internet, allowing any user to call any system as if it were local. On connection to the network, the user entered a 5-letter code for the target city they wished to call. This consisted of a 2-letter state code and a 3-letter acronym for the city. For instance, to call a system in Cleveland, Ohio, the user would enter the code OHCLV, for "OHio", "CLeVeland". Once connected, the user could dial out to any local number, and the system simulated a direct connection between the two endpoints.

Document classification

Document classification or document categorization is a problem in library science, information science and computer science. The task is to assign a document to one or more classes or categories. This may be done "manually" (or "intellectually") or algorithmically. The intellectual classification of documents has mostly been the province of library science, while the algorithmic classification of documents is mainly in information science and computer science. The problems are overlapping, however, and there is therefore interdisciplinary research on document classification. The documents to be classified may be texts, images, music, etc. Each kind of document possesses its special classification problems. When not otherwise specified, text classification is implied. Documents may be classified according to their subjects or according to other attributes (such as document type, author, printing year etc.). In the rest of this article only subject classification is considered. There are two main philosophies of subject classification of documents: the content-based approach and the request-based approach. == "Content-based" versus "request-based" classification == Content-based classification is classification in which the weight given to particular subjects in a document determines the class to which the document is assigned. It is, for example, a common rule for classification in libraries, that at least 20% of the content of a book should be about the class to which the book is assigned. In automatic classification it could be the number of times given words appears in a document. Request-oriented classification (or -indexing) is classification in which the anticipated request from users is influencing how documents are being classified. The classifier asks themself: “Under which descriptors should this entity be found?” and “think of all the possible queries and decide for which ones the entity at hand is relevant” (Soergel, 1985, p. 230). Request-oriented classification may be classification that is targeted towards a particular audience or user group. For example, a library or a database for feminist studies may classify/index documents differently when compared to a historical library. It is probably better, however, to understand request-oriented classification as policy-based classification: The classification is done according to some ideals and reflects the purpose of the library or database doing the classification. In this way it is not necessarily a kind of classification or indexing based on user studies. Only if empirical data about use or users are applied should request-oriented classification be regarded as a user-based approach. == Classification versus indexing == Sometimes a distinction is made between assigning documents to classes ("classification") versus assigning subjects to documents ("subject indexing") but as Frederick Wilfrid Lancaster has argued, this distinction is not fruitful. "These terminological distinctions,” he writes, “are quite meaningless and only serve to cause confusion” (Lancaster, 2003, p. 21). The view that this distinction is purely superficial is also supported by the fact that a classification system may be transformed into a thesaurus and vice versa (cf., Aitchison, 1986, 2004; Broughton, 2008; Riesthuis & Bliedung, 1991). Therefore, assigning a subject term to a document in an index is equivalent to assigning that document to the class of documents indexed by that term (all documents indexed or classified as X belong to the same class of documents). == Automatic document classification (ADC) == Automatic document classification tasks can be divided into three sorts: supervised document classification where some external mechanism (such as human feedback) provides information on the correct classification for documents, unsupervised document classification (also known as document clustering), where the classification must be done entirely without reference to external information, and semi-supervised document classification, where parts of the documents are labeled by the external mechanism. There are several software products under various license models available. === Techniques === Automatic document classification techniques include: Artificial neural network Concept Mining Decision trees such as ID3 or C4.5 Expectation maximization (EM) Instantaneously trained neural networks Latent semantic indexing Multiple-instance learning Naive Bayes classifier Natural language processing approaches Rough set-based classifier Soft set-based classifier Support vector machines (SVM) K-nearest neighbour algorithms tf–idf == Applications == Classification techniques have been applied to spam filtering, a process which tries to discern E-mail spam messages from legitimate emails email routing, sending an email sent to a general address to a specific address or mailbox depending on topic language identification, automatically determining the language of a text genre classification, automatically determining the genre of a text readability assessment, automatically determining the degree of readability of a text, either to find suitable materials for different age groups or reader types or as part of a larger text simplification system sentiment analysis, determining the attitude of a speaker or a writer with respect to some topic or the overall contextual polarity of a document. health-related classification using social media in public health surveillance article triage, selecting articles that are relevant for manual literature curation, for example as is being done as the first step to generate manually curated annotation databases in biology

White-box cryptography

In cryptography, the white-box model refers to an extreme attack scenario, in which an adversary has full unrestricted access to a cryptographic implementation, most commonly of a block cipher such as the Advanced Encryption Standard (AES). A variety of security goals may be posed (see the section below), the most fundamental being "unbreakability", requiring that any (bounded) attacker should not be able to extract the secret key hardcoded in the implementation, while at the same time the implementation must be fully functional. In contrast, the black-box model only provides an oracle access to the analyzed cryptographic primitive (in the form of encryption and/or decryption queries). There is also a model in-between, the so-called gray-box model, which corresponds to additional information leakage from the implementation, more commonly referred to as side-channel leakage. White-box cryptography is a practice and study of techniques for designing and attacking white-box implementations. It has many applications, including digital rights management (DRM), pay television, protection of cryptographic keys in the presence of malware, mobile payments and cryptocurrency wallets. Examples of DRM systems employing white-box implementations include CSS and Widevine. White-box cryptography is closely related to the more general notions of obfuscation, in particular, to Black-box obfuscation, proven to be impossible, and to Indistinguishability obfuscation, constructed recently under well-founded assumptions but so far being infeasible to implement in practice. As of January 2023, there are no publicly known unbroken white-box designs of standard symmetric encryption schemes. On the other hand, there exist many unbroken white-box implementations of dedicated block ciphers designed specifically to achieve incompressibility (see § Security goals). == Security goals == Depending on the application, different security goals may be required from a white-box implementation. Specifically, for symmetric-key algorithms the following are distinguished: Unbreakability is the most fundamental goal requiring that a bounded attacker should not be able to recover the secret key embedded in the white-box implementation. Without this requirement, all other security goals are unreachable since a successful attacker can simply use a reference implementation of the encryption scheme together with the extracted key. One-wayness requires that a white-box implementation of an encryption scheme can not be used by a bounded attacker to decrypt ciphertexts. This requirement essentially turns a symmetric encryption scheme into a public-key encryption scheme, where the white-box implementation plays the role of the public key associated to the embedded secret key. This idea was proposed already in the famous work of Diffie and Hellman in 1976 as a potential public-key encryption candidate. Code lifting security is an informal requirement on the context, in which the white-box program is being executed. It demands that an attacker can not extract a functional copy of the program. This goal is particularly relevant in the DRM setting. Code obfuscation techniques are often used to achieve this goal. A commonly used technique is to compose the white-box implementation with so-called external encodings. These are lightweight secret encodings that modify the function computed by the white-box part of an application. It is required that their effect is canceled in other parts of the application in an obscure way, using code obfuscation techniques. Alternatively, the canceling counterparts can be applied on a remote server. Incompressibility requires that an attacker can not significantly compress a given white-box implementation. This can be seen as a way to achieve code lifting security (see above), since exfiltrating a large program from a constrained device (for example, an embedded or a mobile device) can be time-consuming and may be easy to detect by a firewall. Examples of incompressible designs include SPACE cipher, SPNbox, WhiteKey and WhiteBlock. These ciphers use large lookup tables that can be pseudorandomly generated from a secret master key. Although this makes the recovery of the master key hard, the lookup tables themselves play the role of an equivalent secret key. Thus, unbreakability is achieved only partially. Traceability (Traitor tracing) requires that each distributed white-box implementation contains a digital watermark allowing identification of the guilty user in case the white-box program is being leaked and distributed publicly. == History == The white-box model with initial attempts of white-box DES and AES implementations were first proposed by Chow, Eisen, Johnson and van Oorshot in 2003. The designs were based on representing the cipher as a network of lookup tables and obfuscating the tables by composing them with small (4- or 8-bit) random encodings. Such protection satisfied a property that each single obfuscated table individually does not contain any information about the secret key. Therefore, a potential attacker has to combine several tables in their analysis. The first two schemes were broken in 2004 by Billet, Gilbert, and Ech-Chatbi using structural cryptanalysis. The attack was subsequently called "the BGE attack". The numerous consequent design attempts (2005-2022) were quickly broken by practical dedicated attacks. In 2016, Bos, Hubain, Michiels and Teuwen showed that an adaptation of standard side-channel power analysis attacks can be used to efficiently and fully automatically break most existing white-box designs. This result created a new research direction about generic attacks (correlation-based, algebraic, fault injection) and protections against them. == Competitions == Four editions of the WhibOx contest were held in 2017, 2019, 2021 and 2024 respectively. These competitions invited white-box designers both from academia and industry to submit their implementation in the form of (possibly obfuscated) C code. At the same time, everyone could attempt to attack these programs and recover the embedded secret key. Each of these competitions lasted for about 4-5 months. WhibOx 2017 / CHES 2017 Capture the Flag Challenge targeted the standard AES block cipher. Among 94 submitted implementations, all were broken during the competition, with the strongest one staying unbroken for 28 days. WhibOx 2019 / CHES 2019 Capture the Flag Challenge again targeted the AES block cipher. Among 27 submitted implementations, 3 programs stayed unbroken throughout the competition, but were broken after 51 days since the publication. WhibOx 2021 / CHES 2021 Capture the Flag Challenge changed the target to ECDSA, a digital signature scheme based on elliptic curves. Among 97 submitted implementations, all were broken within at most 2 days. WhibOx 2024 / CHES 2024 Capture the Flag Challenge again targeted ECDSA. Among 47 submitted implementations, all were broken during the competition, with the strongest one staying unbroken for almost 5 days.