Bynum about Computer Ethics

In 1989 Terrell Ward Bynum developed another broad definition of
computer ethics following a suggestion of Moor in 1985. According to
this view, computer ethics identifies and analyzes the impacts of
information technology on such social and human values as health,
wealth, work, opportunity, freedom, democracy, knowledge, privacy,
security, self-fulfillment, etc. This very broad view of computer ethics
employs applied ethics, sociology of computing, technology assessment,
computer law, and related fields. It employs concepts, theories, and
 methodologies from these and other relevant disciplines. This conception
of computer ethics is motivated by the belief that – eventually – information
technology will profoundly affect everything that human beings hold dear.

Shared Queue Pattern

In many parallel algorithms, a queue is very common data structure that is
to be shared among multiple units of execution (UE). For example, many
graph traversal algorithms maintain a queue that contains a set of vertexes
that need to be traversed in the next span. Parallel graph traversal involves
efficient sharing of the queue among concurrent UEs. Also, a task queue
is commonly used as a scheduling and load‐balancing framework,
which implements the Master/Worker pattern.

Forces

1. Simple protocols vs. increased concurrency: Simple concurrency‐control
protocols employing a single synchronization construct are easy to implement
correctly and hence are less error prone. However, if concurrency‐control
protocols encompass too much of the shared queue in a single synchronization
construct, they will increase the chances that UEs will remain blocked waiting to
access the queue and will limit available concurrency. On the contrary, if the
protocols are finely tuned, they will increase the available concurrency but such
tuning requires more synchronization constructs getting complicated, thus more
error‐prone.

2. Single queue abstraction vs. multiple queue abstraction: Depending on
the memory hierarchy of the underlying hardware and on the number of UEs,
maintaining a single queue can cause excess contention and increase parallel
overhead. Solutions may need to break with the single‐queue abstraction and
use multiple or distributed queues.

XPath & XPath Filter 2.0 Transform Injection

Attack surface: Key resolution, reference resolution

Attack impact: Denial of service

Exploit scenario: Complex XPath expressions can be costly to process. XPath Filters allow Union, Intersection and Subtraction operations on an XML node set using multiple XPath selections. Intended as a performance optimization, large filter sets specifying many complex XPath expressions can quickly consume many system resources.

Mitigation: Do not process KeyInfo, or keys identified by RetrievalMethod. Restrict the total number of transforms. Reject, via out-of-band schema or DTD validation, any Reference or RetrievalMethod specifying XPath or XPath Filter 2.0 transforms unless required. Identifying content by a whole document reference or by ID is preferable.

Applies to XML Encryption? Yes

Parallelization of the Application Program

While machines like Teradata and Gamma separate the application
program running on a host processor from the database software
running on the parallel processor, both the Tandem and Bubba systems
use the same processors for both application programs and the parallel
database software. This arrangement has the disadvantage of requiring a
complete, full-function operating system on the parallel processor, but it
avoids any potential load imbalance between the two systems and allows
parallel applications. Missing, however, are tools that would allow the 
application programs themselves to take advantage of the inherent
underlying parallelism of these integrated parallel systems. While automatic
parallelization of applications programs written in Cobol may not be
feasible, library packages to facilitate explicitly parallel application programs
are needed. Support for the SQL3 NOWAIT option in which the application
can launch several SQL statements at once would be an advance. Ideally the
SPLIT and MERGE operators could be packaged so that applications
could benefit from them.

Next-generation parallel database systems

The penetration of database technology into new application areas with different
requirements than traditional business data processing has motivated the notion
of next-generation database systems. One major objective is that
the data model to be supported must be more powerful than the relational
model, without compromising its advantages (data independence and high-level
query languages). When applied to more complex application domains such as
engineering, office information systems, and expert systems, the relational data
model exhibits limitations in terms of rule management, type system and complex
object support.

To address these issues, two important technologies, KBMSs and
OODBMSs, are currently being investigated. Initially considered antagonistic,
many believe today that a combination of their capabilities into deductive and
object-oriented database (DOOD) systems will shape next-generation, universal
database systems. For the same reasons which led to parallel relational database
systems, implementing KBMSs and OODBMSs on parallel computers can be
cost-effective. Obviously, this presents new, challenging research problems in
addition to the current issues of KBMSs and OODBMSs.

Retargetable API generation

The generator has been designed to be retargetable to different host languages by
separating the implementation in a generic front-end, which produces an abstract
representation of an API, and a host language specific back-end. For each host
language, code templates need to be provided for generating automata, escaping,
and pretty-printing. For the Java and PHP back-ends the templates amount to
420 and 400 lines of code respectively.

To make the implementation of a new back-end as lightweight as possible, the
generator back-ends produces parse trees of the host API, which can be unparsed
to a source API without the need for a pretty printer for the host language. In this
way, only a syntax definition of the host language is required.