Papers by Diomidis Spinellis
Abstract We outline the Web technologies and the related threats within the framework of a Web th... more Abstract We outline the Web technologies and the related threats within the framework of a Web threat environment. We also examine the issue surrounding dowloadable executable content and present a number of security services that can be used for Web transactions categorised according to the Internet layering model.
Abstract Wux is a port of Unix tools to the Microsoft Windows environment. It is based on a libra... more Abstract Wux is a port of Unix tools to the Microsoft Windows environment. It is based on a library providing a Unixcompatible set of system calls on top of Windows. Unix-derived tools run in parallel, communicating using the Unix pipe abstraction. All processes are run within an application template that gives them basic Windows compatibility such as input and output windows and an icon. The performance of the system is comparable to that of Unix ports to the PC architecture.
Abstract A Prolog debugger running in the same process as the debugged program presents some prob... more Abstract A Prolog debugger running in the same process as the debugged program presents some problems. In many environments the debugger and the debugged process are separate. We examine how this separation is commonly implemented and present a system abstraction based on a set of primitives for accessing a trace line continuum.
Abstract Field accessor methods have become a ubiquitous feature of object-oriented programming. ... more Abstract Field accessor methods have become a ubiquitous feature of object-oriented programming. The definition and use of such methods promote code bloat and an unnatural expression style. We propose a simple addition to the C++ language that can move the burden of providing abstraction support for fields from the programmer to the compiler.
Page 1. Application Interconnection and Execution of Business to Business Transactions over the I... more Page 1. Application Interconnection and Execution of Business to Business Transactions over the Internet Diomidis Spinellis1, Yannis Charalambidis2 and Vassilios Karakoidas1 1 Department of Management Science and Technology, AUEB, 2 Singular Software SA email: 1{dds,bkarak}@aueb.gr, [email protected] Overview of PRAXIS The PRAXIS project is co-funded by the 3rd Community Support Framework (CSF) under the Information Society Programme.
Abstract XML is an extremely nifty format. Computers can easily parse XML data, yet humans can al... more Abstract XML is an extremely nifty format. Computers can easily parse XML data, yet humans can also understand it. By adopting XML, we can take advantage of the scores of tools that work on arbitrary XML documents. Common tasks like editing, validation, transformations, and queries become just a matter of selecting and applying the right tool.
Abstract Apart from source code, software infrastructures supporting agile and distributed softwa... more Abstract Apart from source code, software infrastructures supporting agile and distributed software projects contain traces of developer activity that does not directly affect the product itself but is important for the development process. We propose a model that, by combining traditional contribution metrics with data mined from software repositories, can deliver accurate developer contribution measurements.
Abstract Our growing ability to swiftly put together sophisticated software affords us the luxury... more Abstract Our growing ability to swiftly put together sophisticated software affords us the luxury to listen to our customers, to try out new things, to make mistakes, to redesign as we move along—in short to be agile. On the technological front, the main driving forces are powerful operating systems, the widespread availability database management systems, a wide selection of libraries, interoperability standards, versatile programming languages, ample processing power, and sophisticated development tools.
Abstract The testing, diagnostic, and repair equipment of many professions is horrendously expens... more Abstract The testing, diagnostic, and repair equipment of many professions is horrendously expensive. Assuming that the bug-finding systems the author discussed that program code a clean bill of health, our next alternatives for productively pinpointing errors that have crept into our code are debuggers or logging instrumentation. Our toolbag is full of useful debugging tools. Being an expert user of a debugger and a logging framework is a sign of professional maturity
Abstract Software development tools often fail to deliver on inflated promises. Rather than the p... more Abstract Software development tools often fail to deliver on inflated promises. Rather than the predicted progression toward ever-increasing levels of abstraction, two simple trends have driven the evolution of currently available software development tools: integration at the source-code level and a focus on quality. Thus source code has become the bus that tools tap into for communicating with other tools. Also, focus has shifted from defect removal in the later phases to defect prevention in the earlier phases.
Abstract—Man in the middle attacks involve the interception and retransmission of electronic mess... more Abstract—Man in the middle attacks involve the interception and retransmission of electronic messages in a way that the original parties will presume that their communication is secure. Such an attack could be a threat to any electronic voting scenario. This paper proposes a novel method for preventing this kind of attacks by including in the transaction a challenge-response test. The human end-user is asked to vote through an image-based challenge that will foil a typical automated software-based attack.
Abstract SQL injection attacks involve the construction of application input data that will resul... more Abstract SQL injection attacks involve the construction of application input data that will result in the execution of malicious SQL statements. Many web applications today, are prone to SQL injection attacks. This paper proposes a novel methodology of preventing this kind of attacks by placing a secure database driver between the application and its underlying relational database management system. To detect an attack, the driver creates query blueprints that are then used to distinguish between injected and legitimate queries.
Abstract In a separate compilation environment type checks across modules are difficult to implem... more Abstract In a separate compilation environment type checks across modules are difficult to implement, because the natural place to perform them, the linker, is rarely under the control of the compiler developer. A solution to this problem, presented in the C++ Reference Manual, does not cope with global variables and function return types. It is asserted that lifting those limitations would require modifying the linker or providing an environment for separate compilation.
Abstract The open source software ecosystem comprises more than a hundred thousand applications o... more Abstract The open source software ecosystem comprises more than a hundred thousand applications of varying quality. Individuals and organizations wishing to use open source software packages have scarce objective data to evaluate their quality. However, open source development projects by definition allow anybody to read, and therefore evaluate their source code. In addition, most projects also publish process-related artefacts, such as bug databases, mailing lists, and configuration management system logs.
Abstract The Unix system and its pipelines are a model of software reuse. Although many subsequen... more Abstract The Unix system and its pipelines are a model of software reuse. Although many subsequent developments weren't similarly successful, by looking at Wikipedia and its MediaWiki engine, we find many levels of successful reuse. It seems that software repositories, package-management systems, shared-library technologies, and language platforms have increased reuse's return on investment.
Abstract CPUs are no longer getting faster. Instead, CPU manufacturers now package multiple cores... more Abstract CPUs are no longer getting faster. Instead, CPU manufacturers now package multiple cores in each CPU and ask us developers to put them to good use. Writing parallel code using multiple threads or even a higher-level API is a fiendishly difficult task. An alternative approach involves using a programming language that can easily exploit multiple cores, but it requires substantial effort. A third way involves faking your application's multicore-handling dexterity by handing over this responsibility.
Traditional human-computer interaction settings involve a taskoriented approach where the human i... more Traditional human-computer interaction settings involve a taskoriented approach where the human interacts with an application to accomplish a particular goal. The emergence of media-rich computer-mediated leisure applications requires a fresh view of the current paradigms and a careful examination of how this change of perspective affects their relevance.
Abstract Although a number of tool boxes for compiler construction exist, the language implementa... more Abstract Although a number of tool boxes for compiler construction exist, the language implementation task can often be made easier by building specialised tools. A prototype Haskell system was implemented within a four month period using such an approach. The system is currently used as a front end for a transputer array, Haskell implementation. In this article we describe the tool building aspect of the implementation process.
We describe the design and implementation of a legal text database. The database of provides a nu... more We describe the design and implementation of a legal text database. The database of provides a number of Greek Council of State decisions in the form of a computer-accessible medium (CD-ROM). A graphical front-end is provided which allows the rapid retrieval of cases based on arbitrary keywords combined using boolean operators. The database was populated by automatically converting the word-processor files into a random text retrieval data structure.
Uploads
Papers by Diomidis Spinellis