Abstract

The Virtual Labs project (vlabs) is a country wide effort to provide access to internet and browser based virtual laboratories to science and engineering college students in India. There are currently over 800 experiments packaged in 70 vlabs in more than ten science and engineering disciplines. More than five hundred workshops on these virtual labs have been conducted and the experiments have been used over 2 million times. Vlabs are an important Government initiative in higher learning in engineering in India. This paper examines virtual labs from a usability perspective, focusing on vlabs. Usability of user-interface elements (technical usability) as well as how they aid learning (pedagogical usability) has been considered. We adapt Nielsen's technical usability heuristics and Nokelainen's pedagogical usability criteria to virtual labs and evaluate the usability of the top three most used vlabs. We construct checklists for each of these criteria and evaluate the vlabs against this checklist. Our analysis reveals a lack of usability focus in lab design. Lab design and implementation guidelines seem to be deficient in covering key usability criteria. We make suggestions on how to quickly improve the usability of these labs.

Abstract

Software systems often serve as the agents of operation for both enterprise systems and embedded systems. Engineering such systems is a knowledge-centric activity. A clear understanding of the relationship between knowledge, systems and engineering can help us to establish firm theoretical foundations for software and systems engineering.

Abstract

Systems engineering is widely perceived as an empirical discipline, with a need for theoretical foundations that can facilitate reasoning about practice. This is an attempt to help build such foundations by systems‐theoretic inquiry into the nature of the relationship between knowledge and engineering. We conceptualize this relationship in terms of four worlds: the real world, the world of systems models, a world of aspect knowledge, and a world of wholes knowledge: knowledge that indicates how aspects come together and also how wholes relate to each other. This leads us to a generative understanding of systems engineering: synthesizing aspects to develop blocks; and generating the network of blocks that form a system, through recursive performance of three activities: decomposition, dependency closure and refinement. The problem of systems engineering practice involves augmenting this core with the …

Abstract

This document describes a web security model to analyse cross origin requests and block them using CORP, a browser security policy proposed for mitigating Cross Origin Request Attacks (CORA) such as CSRF, Clickjacking, Web application timing, etc. CORP is configured by website administrators and sent as an HTTP response header to the browser. A browser which is CORP-enabled will interpret the policy and enforce it on all cross-origin HTTP requests originating from other tabs of the browser, thus preventing malicious crossorigin requests. In this document we use Alloy, a finite state model finder, to formalize a web security model to analyse malicious cross-origin attacks and verify that CORP can be used to mitigate such attacks.

Abstract

On March 27, 2015, Github witnessed a massive DDoS attack, the largest in Github's history till date. In this incident, browsers and users were used as vectors to launch the attack. In this paper, we analyse such browser-based DDoS attacks and simulate them in a lab environment. Existing browser security policies like Same Origin Policy (SOP), Content Security Policy (CSP) do not mitigate these attacks by design. In this paper we observe that CORP (Cross Origin Request Policy), a browser security policy, can be used to mitigate these attacks. CORP enables a server to control cross-origin interactions initiated by a browser. The browser intercepts the cross-origin requests and blocks unwanted requests by the server. This takes the load off the server to mitigate the attack.

Abstract

In this paper we report on a Systematic Literature Review where we explored the notion of semantics in Computer Science (CSE) literature. Our goal was 1) to surface how the idea of semantics has been used and represented, and 2) to surface its publication pattern in CSE. Our automated search in 5 CSE repositories yielded 653 relevant papers, emerging from multiple disciplines and geographies, spanning a period from year 1967 to 2017. We shortlisted 50 representative samples to study. This literature review was motivated by an external Web Accessibility effort in which we wanted to understand how to influence the various meanings that a variety of human end-user could derive by varying the computer rendering of a given content. The results of the SLR indicate that 44% of papers do have their own definition, almost all are formal in their presentation, and 94% of them have a notion of semantics that favors the computer as a processor. We observe the limited human oriented focus on semantics in CSE, and suggest such semantics focus as an area of potential study.

Abstract

Cross origin request attacks (CORA) such as Cross site request forgery (CSRF), cross site timing, etc. continue to pose a threat on the modern day web. Current browser security policies inadequately mitigate these attacks. Additionally, third party authentication services are now the preferred way to carry out identity management between multiple enterprises and web applications. This scenario, called Federated Identity Management (FIM) separates the problem of identity management from the core functionality of an application. In this paper, we construct formally checkable models and design laboratory simulations to show that FIM is susceptible to cross origin attacks. Further, we employ the Cross Origin Request Policy (CORP) to mitigate such attacks.

Abstract

The ability to modify the existing published web pages is what we are calling Renarration of the web. Such a mechanism is useful for improving accessibility and personalization of the content currently on the web. There are many techniques in place for enabling both Web Accessibility and Web Personalization. In this paper we propose a novel approach: an Aspects inspired design of renarration. Aspects have traditionally been applied to programming. Here we reinterpret concepts like Join Points, Point-cuts and Advices and apply them to web documents. To validate our approach, we designed a framework called Rennaration Studio that is built using microservices based architecture pattern and implemented using Python's flask platform. We demonstrate the feasibility of our proposal by renarrating different Aspects (text, language, phonetics) of two specific web documents.

Abstract

In India, a large number of engineering undergraduates are adopting eLearning as it provides access to best faculty and reduces concerns on inadequate physical infrastructure at colleges. Virtual Labs is a Government of India eLearning initiative containing simulation and remote triggered labs for engineering students. Virtual Labs developed over a period of 6 years is used by more than a million undergraduate students across nine engineering disciplines. The software used for developing these experiments requires substantial effort for maintenance due to deprecation, compatibility, etc. We propose a targeted crowdsourcing approach for maintenance of Virtual Labs with sustainable quality. The targeted crowdsourcing involves the large number of engineering students who are also the major stakeholders of these labs. Our quality enhancement using crowdsourcing approach was validated for 14 labs and …

Abstract

1Ontologies have emerged as a common way of representing knowledge. Recently, people with minimal domain background or ontology engineering are developing ontologies, leading to a corpus of informal and under-evaluated ontologies. Existing ontology evaluation approaches require rigorous application of formal methods and knowledge of domain experts that can be cumbersome or tedious. We propose a lightweight approach for evaluating sufficiency of ontologies based on Natural Language Processing techniques. The approach consists of verifying the extent of coverage of concepts and relationships of ontologies against words in domain corpus. As a case study, we applied our approach to evaluate sufficiency of ontology in two example domains - Education (Curriculum) and Security (Phishing). We show that our approach yields promising results, is less effort intensive and is comparable with existing evaluation methods.