Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by u...

Various studies have empirically shown that the majority of Java and Android applications misuse cryptographic libraries, causing devastating breaches data security. It is crucial to detect such misuses early in development process. To cryptography misuses, one must define secure uses first, a ...

Abstract For model-based frequentist statistics, based on a parametric statistical model ${{\cal M}_\theta }({\bf{x}})$ , the trustworthiness of ensuing evidence depends crucially (i) validity probabilistic assumptions comprising (ii) optimality inference procedures employed, and (iii) adequateness sample size ( n ) to learn from data by securing (i)–(ii). It is argued that criticism postdata s...

Jesús Rey-Rocha1, M. José Martín-Sempere2, Jesús Martínez-Frías3 and Fernando López-Vera4 (1,2Centre for Scientific Information and Documentation (CINDOC), Spanish Council for Scientific Research (CSIC), Madrid, Spain; 3Department of Geology, National Museum of Natural Sciences, Spanish Council for Scientific Research (CSIC), Madrid, Spain; 4Department of Agricultural Chemistry, Geology and Geo...

Antibiotic resistance, a major negative consequence of antibiotic overuse, is an important problem worldwide. Various means have been used to control antibiotic usage including the use of an antibiotic order form (AOF), restricted antibiotic formularies and provision of educational information. The present study was designed to evaluate the use of antimicrobials in a 1,000-bed university hospit...

This paper considers some methodological aspects of Joan Robinson’s contribution to post-Keynesian growth theory. Joan Robinson’s criticisms of equilibrium analysis, of the conflation of logical and historical time and of the uses (and misuses) of mathematical formalisation are scathing. But while many of her points are well taken, parts of her argument appear questionable. As a result, her met...

Quantitative estimation of security attributes makes it possible to do cost-effective development of security critical systems. By predicting the impact and cost of potential misuses, as well as the cost and effect of security treatment strategies, one can treat security risks at the right time for the correct cost. The Aspect-Oriented Risk-Driven Development (AORDD) framework supports cost-eff...

Although we agree with some of Dr. Watts’ statements about the uses and misuses of bone mineral density testing and T scores, we emphatically disagree with his central argument, ie, that osteopenia is not useful as a diagnosis and can actually be harmful. (In fact, he says he is “on a personal crusade” to eliminate it from the lexicon.) Our concern is that his approach is not evidence-based, is...