The purpose of this article is to present and interpret the case study of the secure electronic transaction (SET) scheme of Internet security, as an illustration of the necessary construction of interoperability sol...The purpose of this article is to present and interpret the case study of the secure electronic transaction (SET) scheme of Internet security, as an illustration of the necessary construction of interoperability solutions for financial services. The interpretation of case data with actor network theory (ANT) provides an illustration of power coalitions among banks to create a de facto standard for transnational electronic payment security on the Internet. After a step of protecting its political interests and well-known technological solutions, the coalition understands that its mission becomes a matter of life and death for its members: Brand-new currency has been invented on the Web and one could develop business and monetary transactions without the banks. This interpretative stage tells us much about the transnational mechanisms of regulation and standardization as well as the "translation" steps regarding these transnational organizations. However, an additional step has to be added to this interpretative step, a step of framework construction. The aim is to help managers of the transnational firms involved in regulations and standardization to anticipate the evolutions and make relevant decisions. The framework has three distinctive characteristics: the ability to help conception, the ability to help conceive problems "ex ante", and the ability to facilitate collective conception of strategic maneuvers.展开更多
The C standard libraries are basic function libraries standardized by the C language.Programmers usually refer to their APl documentation provided by third-party websites.Unfortunately,these documents are not necessar...The C standard libraries are basic function libraries standardized by the C language.Programmers usually refer to their APl documentation provided by third-party websites.Unfortunately,these documents are not necessarily complete or accurate,especially for constraint sentences of APl usage,which are called Security Specifications(SSs).SS issues can prevent programmers from following obligatory constraints,which results in APl misuse vulnerabilities.Previous work studying SS issues could only find certain types of inaccurate SSs through checking the compliance between APl usage and existing SSs.Therefore,we propose a novel approach SSeeker for quickly discovering missing and inaccurate SSs through the inconsistency of semantically similar SSs.More specifically,SSeeker first completes broken sentences and discovers SSs from them by judging their constraint sentiment.Then SSeeker puts semantically similar SSs from different sources into a group,which can be used to discover missing or inaccurate SSs.With the help of SSeeker,we investigated 4 popular online third-party C standard library documents,studied their conformity with the C99 standard,analyzed their APls and SSs,and discovered 92 prototype issues,15 web page issues,and 96 SS issues.展开更多
文摘The purpose of this article is to present and interpret the case study of the secure electronic transaction (SET) scheme of Internet security, as an illustration of the necessary construction of interoperability solutions for financial services. The interpretation of case data with actor network theory (ANT) provides an illustration of power coalitions among banks to create a de facto standard for transnational electronic payment security on the Internet. After a step of protecting its political interests and well-known technological solutions, the coalition understands that its mission becomes a matter of life and death for its members: Brand-new currency has been invented on the Web and one could develop business and monetary transactions without the banks. This interpretative stage tells us much about the transnational mechanisms of regulation and standardization as well as the "translation" steps regarding these transnational organizations. However, an additional step has to be added to this interpretative step, a step of framework construction. The aim is to help managers of the transnational firms involved in regulations and standardization to anticipate the evolutions and make relevant decisions. The framework has three distinctive characteristics: the ability to help conception, the ability to help conceive problems "ex ante", and the ability to facilitate collective conception of strategic maneuvers.
基金the National Key Research and Development Program(No.2020AAA0104301)National Natural Science Foundation of China(No.U1836211,61902395)+1 种基金the Anhui Department of Science and Technology(No.202103a05020009)Beijing Academy of Artificial Intelligence(BAAl).
文摘The C standard libraries are basic function libraries standardized by the C language.Programmers usually refer to their APl documentation provided by third-party websites.Unfortunately,these documents are not necessarily complete or accurate,especially for constraint sentences of APl usage,which are called Security Specifications(SSs).SS issues can prevent programmers from following obligatory constraints,which results in APl misuse vulnerabilities.Previous work studying SS issues could only find certain types of inaccurate SSs through checking the compliance between APl usage and existing SSs.Therefore,we propose a novel approach SSeeker for quickly discovering missing and inaccurate SSs through the inconsistency of semantically similar SSs.More specifically,SSeeker first completes broken sentences and discovers SSs from them by judging their constraint sentiment.Then SSeeker puts semantically similar SSs from different sources into a group,which can be used to discover missing or inaccurate SSs.With the help of SSeeker,we investigated 4 popular online third-party C standard library documents,studied their conformity with the C99 standard,analyzed their APls and SSs,and discovered 92 prototype issues,15 web page issues,and 96 SS issues.
