Jean Véronis (3 June 1955 – 8 September 2013) was a French linguist, computer scientist and blogger, and a research professor at Aix-Marseille University. His research interests included natural language processing, text mining and standardisation. He was a founder of the field that is now called digital humanities. In 2006, his blog was listed among the 15 most influential by Le Monde.
Association for Computational Linguistics
The Association for Computational Linguistics (ACL) is a scientific and professional organization for people working on natural language processing. Its namesake conference is one of the primary high impact conferences for natural language processing research, along with EMNLP. The conference is held each summer in locations where significant computational linguistics research is carried out. It was founded in 1962, originally named the Association for Machine Translation and Computational Linguistics (AMTCL). It became the ACL in 1968. The ACL has a European (EACL), a North American (NAACL), and an Asian (AACL) chapter. == History == The ACL was founded in 1962 as the Association for Machine Translation and Computational Linguistics (AMTCL). The initial membership was about 100. In 1965, the AMTCL took over the journal Mechanical Translation and Computational Linguistics. This journal was succeeded by many other journals: the American Journal of Computational Linguistics (1974–1978, 1980–1983), and then Computational Linguistics (1984–present). Since 1988, the journal has been published for the ACL by MIT Press. The annual meeting was first held in 1963 in conjunction with the Association for Computing Machinery National Conference. The annual meeting was, for a long time, relatively informal and did not publish anything longer than abstracts. By 1968, the society took on its current name, the Association for Computational Linguistics (ACL). The publication of the annual meeting's Proceedings of the ACL began in 1979 and gradually matured into its modern form. Many of the meetings were held in conjunction with the Linguistic Society of America, and a few with the American Society for Information Science and the Cognitive Science Society. The United States government sponsored much research from 1989 to 1994, characterized by an increase in author retention rates and an increase in research in some key topics, such as speech recognition, in ACL. By the 21st century, it was able to maintain authors at a high rate who coalesced in a more stable arrangement around individual research topics. In 1991, the group published a prototype for a text generator based on the universal grammar theory of Noam Chomsky. The system, nicknamed Parrot, relied on a finite set of syntactic transformations and a hand-curated lexicon. Despite some initial success, including experimentation with morpheme syntactics, funding halted after the research team encountered intractable difficulties with inflection and abstract locutions. == Annual Meeting of the ACL == Every year, the ACL holds the Annual Meeting of the ACL. The location lies in Europe in years zero modulo three, North America in years one modulo three, and Asia–Australia in years two modulo three. In 2020, the Annual Meeting received for the first time more submissions from China than the United States. == Activities == The ACL organizes several of the top conferences and workshops in the field of computational linguistics and natural language processing. These include: Annual Meeting of the Association for Computational Linguistics (ACL), the flagship conference of the organization Empirical Methods in Natural Language Processing (EMNLP) International Joint Conference on Natural Language Processing (IJCNLP), held jointly one of the other conferences on a rotating basis Conference on Computational Natural Language Learning (CoNLL) Lexical and Computational Semantics and Semantic Evaluation (SemEval) Joint Conference on Lexical and Computational Semantics (SEM) Workshop on Statistical Machine Translation (WMT) Besides conferences, the ACL also sponsors the journals Computational Linguistics and Transactions of the Association for Computational Linguistics (TACL). Papers and other presentations at ACL and ACL-affiliated venues are archived online in the open-access ACL Anthology. == Special Interest Groups == ACL has a large number of Special Interest Groups (SIGs), focusing on specific areas of natural language processing. Some current SIGs within ACL are: == Presidents == Each year, the ACL elects a distinguished computational linguist who becomes vice-president of the organization in the next calendar year and president one year later. Recent ACL presidents are:
HKDF
HKDF is a multi-purpose key derivation function (KDF) based on the HMAC message authentication code. HKDF follows "extract-then-expand" paradigm, where the KDF logically consists of two modules: the first stage takes the input keying material and "extracts" from it a fixed-length pseudorandom key, and then the second stage "expands" this key into several additional, independent pseudorandom keys as the output of the KDF. == Mechanism == HKDF is the composition of two functions, HKDF-Extract and HKDF-Expand: HKDF(salt, IKM, info, length) = HKDF-Expand(HKDF-Extract(salt, IKM), info, length) === HKDF-Extract === HKDF-Extract (XTR) takes "input key material" or "source key material" (IKM or SKM) such as a shared secret generated using Diffie-Hellman; an optional, non-secret, random or pseudorandom salt (r); and generates a cryptographic key called the PRK ("pseudorandom key"). HKDF-Extract acts as a "randomness extractor", specifically a "computational extractor", taking a potentially non-uniform value of sufficient min-entropy and generating a value indistinguishable from a uniform random value (pseudorandom). Computational extractors assume attackers are computationally bounded and source entropy may only exist in a computational sense. Such extractors can be built using cryptographic functions under suitable assumptions, modeled as universal hash function (in the generic case) or a random oracle (in constrained scenarios like sources with weak entropy). Salt (r) acts as a "source-independent extractor", strengthening HKDF's security guarantees. Using a fixed public r is safe for multiple invocations of HKDF (on "independent" but secret IKMs which may or may not be derived from the same source), provided r isn't chosen or manipulated by an attacker. Ideally, r is a random string of hash function's output length. Even low quality r (weak entropy or shorter length) is recommended as they contribute "significantly" to the security of the OKM. Without or with a low-entropy, non-secret r, if an attacker can influence the IKMs source in a way that specifically exploits HKDF-Extract's underlying hash function (finding a collision or a specific bias), XTR provides no protection. A random r, even if fixed by the application (for example, random number generators using r as seed), would strengthen protections for that specific extractor session. In such a setting, sufficiently long IKMs also provide better entropy extraction. However, allowing the attacker to influence enough of the IKM after seeing r may result in a completely insecure KDF. HKDF-Extract is the result of HMAC with r as the key (all zeros up to length of the underlying extractor hash function, if not provided) and the IKM as the message. The underlying hash function used for HKDF-Extract step may be different to the one used by HKDF-Expand. It is recommended that HKDF-Extract uses strongest hash function available to the application, as it "concentrates" the entropy already present in IKM but may not necessarily "add" to it. Truncated output from a stronger underlying hash function for XTR (for example, SHA512/256) offers stronger extraction properties. The attacker is assumed to have partial knowledge about IKM (publicly known values in the case of Diffie-Hellman) or partial control over it (entropy pools). HKDF-Extract may be skipped if the IKM is itself a cryptographically strong key (and hence can assume the role of PRK), though it is recommended that HKDF-Extract be applied for the sake of compatibility with the general case, especially if r is available to the application. === HKDF-Expand === HKDF-Expand (PRF) takes the PRK (or any random key-derivation key if HKDF-Extract step is skipped), optional info (CTXinfo), and a length (L), to generate output key material (OKM) of length L. Multiple OKMs can be generated from a single PRK by using different values for CTXinfo, which must be "independent" of the IKM passed in HKDF-Extract. Even if an attacker, who knows r and some auxillary information about the secret IKM, can force the use of the same IKM (and PRK, by extension), in two or more HKDF-Expand contexts (represented by CTXinfo), the OKMs output are computationally independent (leak no useful information on each other). HKDF-Expand, acting as a variable-output-length pseudorandom function (PRF) keyed on PRK, calls HMAC on CTXinfo as the message (empty string, if unspecified) appended to a 8-bit counter i initialized to 1. Subsequent calls to HMAC are chained in "feedback mode" by prepending the previous HMAC output to CTXinfo and incrementing i. OKM is a function of the output size (k bits) of HMAC's underlying hash function; i.e., SHA-256 outputs OKM in segments of k=256 bits for up to a maximum of length i × k bits (255 × 256 bits = 8160 bytes) truncated to desired length L. HKDF-Expand may be skipped if PRK is at least desired length L, though it is recommended that HKDF-Expand be applied for additional "smoothing" of the OKM. == Standardization == HKDF was proposed as a building block in various protocols and applications, as well as to discourage the proliferation of multiple KDF mechanisms by its authors. It is formally described in RFC 5869 with detailed analysis in a paper published in 2010. NIST SP800-56Cr2 specifies a parameterizable extract-then-expand scheme, noting that RFC 5869 HKDF is a version of it and citing its paper for the rationale for the recommendations' extract-and-expand mechanisms. == Applications == HKDF is used in the Signal Protocol for end-to-end encrypted messaging where it generates the message keys, in conjunction with the triple Elliptic-curve Diffie-Hellman handshake (X3DH) key agreement protocol. Signal's "Secure Value Recovery" and "Sealed Sender" are based on HKDF. HKDF is a main component in the Noise Protocol Framework, Message Layer Security, and is used in widely deployed protocols like IPsec Internet Key Exchange and TLS 1.3. The "multi-purpose" nature of HKDF is meant to serve applications that require key extraction, key expansion, and key hierarchies in key wrapping, key exchange, PRNG, and password-based key derivation schemes. == Implementations == There are implementations of HKDF for C#, Go, Java, JavaScript, Perl, PHP, Python, Ruby, Rust, and other programming languages. RFC6234 lays out a reference C implementation of HKDF based on the Secure Hash Standard. === Example in Python ===
Master/Session
In cryptography, Master/Session is a key management scheme in which a pre-shared Key Encrypting Key (called the "Master" key) is used to encrypt a randomly generated and insecurely communicated Working Key (called the "Session" key). The Working Key is then used for encrypting the data to be exchanged. Its advantage is simplicity, but it suffers the disadvantage of having to communicate the pre-shared Key Exchange Key, which can be difficult to update in the event of compromise. The Master/Session technique was created in the days before asymmetric techniques, such as Diffie-Hellman, were invented. This technique still finds widespread use in the financial industry, and is routinely used between corporate parties such as issuers, acquirers, switches. Its use in device communications (such as PIN pads), however, is in decline given the advantages of techniques such as DUKPT.
Social computing
Social computing is an area of computer science that is concerned with the intersection of social behavior and computational systems. It is based on creating or fostering existing social conventions and social contexts through the use of software and technology. Blogs, email, instant messaging, social network services, wikis, social bookmarking and other instances of what is often called social software illustrate ideas from social computing. The rise in social computing is attributed to the prevalence of personal devices and increased overall computing power. This enables a growing number of users to participate in sharing content and interact with another. == Definitions == Humans—and human behavior—are profoundly social. Humans tend to orient to one another and develop abilities to interact with each other and other species. This ranges from expression and gesture through spoken, written, and body language. Humans are influenced by the behavior of those around them and can rely on social context and cues to make decisions. An example of a behavior relying on social contexts is applauding at the end of the play. This is based on the context that the show ended, and other audience members are applauding. Social information provides a basis for inferences, planning, and coordinating activity. == Examples == Common tools include blogs, email, instant messaging, social networking sites, wikis, and social bookmarking platforms. These technologies enable users to generate content, share knowledge, and interact in real time. == Applications == The rise of social computing has highlighted opportunities for businesses. Businesses are interacting on social computing platforms and investing in facilities to support and research social computing.Business models can leverage the massive customer bases that accumulate through social computing channels. Some organizations have started their own blogs and networks (McAfee, 2006, Joe, 2005). Organizations from diverse industry sectors such as Google, Cisco, and Fox, have sought to acquire or invest in successful social computing enterprises. A business blog can serve as a source of information and promotion for the company. This allows the company to share content about the company and their initiatives. Businesses have also interacted with social computing to market themselves and interact with customers. A notable example is Wendy's with their X (formerly Twitter) account. The account was primarily used to promote business promotions and interact with users in a playful or meaningful way. E-commerce web sites have allowed users to leave reviews and feedback on purchases which has improved online shopping experience for sellers and consumers.As another example of social computing’s business applications, many e-commerce Web sites have adopted online product/vendor feedback/reputation systems. Such systems provide an asynchronous platform for the consumer community to share experiences collectively and influence their purchasing behavior. They also provide a vehicle for eliciting feedback information valuable to the vendors and e-commerce site operators.Consumers can use the feedback systems to make a more educated choice on a purchase by comparing reviews between products or vendors. Sellers can track consumer behaviors and trends regarding a product and adjust their supply according to the demand. == Challenges and criticism == Social computing raises several concerns related to privacy, data security, and algorithmic bias. The widespread collection and analysis of user-generated data can lead to ethical dilemmas, especially when users are unaware of how their information is used. Critics also highlight issues of digital labor, surveillance, and the spread of misinformation, which can influence public opinion and social dynamics. === Term appearance === The term appeared in the mid 1990s after technology advancements and development of the web. In 1994, the concept of social computing was first proposed by Schuler. He thought, "Social computing is a computing application, with software as the medium or focus of social relationships." === Premise === The premise of social computing is that it is possible to design digital systems that support useful functionality by making socially produced information available to their users. This information may be provided directly, as when systems show the number of users who have rated a review as helpful or not. Or the information may be provided after being filtered and aggregated, as is done when systems recommend a product based on what else people with similar purchase history have purchased. Alternatively, the information may be provided indirectly, as is the case with Google's page rank algorithms which orders search results based on the number of pages that (recursively) point to them. In all of these cases, information that is produced by a group of people is used to provide or enhance the functioning of a system. Social computing is concerned with systems of this sort and the mechanisms and principles that underlie them. Social computing can be defined as follows: "Social Computing" refers to systems that support the gathering, representation, processing, use, and dissemination of information that is distributed across social collectivities such as teams, communities, organizations, and markets. Moreover, the information is not "anonymous" but is significantly precise because it is linked to people, who are in turn linked to other people. More recent definitions, however, have foregone the restrictions regarding anonymity of information, acknowledging the continued spread and increasing pervasiveness of social computing. As an example, Hemmatazad, N. (2014) defined social computing as "the use of computational devices to facilitate or augment the social interactions of their users, or to evaluate those interactions in an effort to obtain new information." Social computing has to do with supporting "computations" that are carried out by groups of people, an idea that has been popularized in James Surowiecki's book, The Wisdom of Crowds. Examples of social computing in this sense include collaborative filtering, online auctions, reputation systems, computational social choice, tagging, and verification games. The social information processing page focuses on this sense of social computing. == History == === Technology infrastructure === Users were able to interact more with websites after the development of Web 2.0. This was an advancement from Web 1.0. Comode G. and Krishnamurthy B. (2008) note that "content creators were few in Web 1.0 with the vast majority of users simply acting as consumers of content." Web 2.0 provided functionalities that allowed for low-cost web-hosting services and introduced features with browser windows that used basic information structure and expanded it to as many devices as possible using HTTP, or Hypertext Transfer Protocol. Sometimes referred to as "Enterprise 2.0", a term derived from Web 2.0, social software for enterprise generally refers to the use of social computing in corporate intranets and in other medium- and large-scale business environments. It consisted of a class of tools that allowed for networking and social changes to businesses at the time. It was a layering of the business tools on Web 2.0 and brought forth several applications and collaborative software with specific uses. FinanceElectronic negotiation, which first came up in 1969 and was adapted over time to suit financial markets networking needs, represents an important and desirable coordination mechanism for electronic markets. Negotiation between agents (software agents as well as humans) allows cooperative and competitive sharing of information to determine a proper price. Recent research and practice has also shown that electronic negotiation is beneficial for the coordination of complex interactions among organizations. Electronic negotiation has recently emerged as a very dynamic, interdisciplinary research area covering aspects from disciplines such as Economics, Information Systems, Computer Science, Communication Theory, Sociology and Psychology.Social computing has become more widely known because of its relationship to a number of recent trends. These include the growing popularity of social software and Web 3.0, increased academic interest in social network analysis, the rise of open source as a viable method of production, and a growing conviction that all of this can have a profound impact on daily life. A February 13, 2006 paper by market research company Forrester Research suggested that: === Developments === PLATO was one of the earliest examples of social computing in a live production environment with initially hundreds and soon thousands of users. The PLATO computer system was developed by the University of Illinois at Urbana Champaign in 1960s. In the 70s, the system supported social software applications for multi-us
Tertiary review
In software engineering, a tertiary review is a systematic review of systematic reviews. It is also referred to as a tertiary study in the software engineering literature. However, Umbrella review is the term more commonly used in medicine. Kitchenham et al. suggest that methodologically there is no difference between a systematic review and a tertiary review. However, as the software engineering community has started performing tertiary reviews new concerns unique to tertiary reviews have surfaced. These include the challenge of quality assessment of systematic reviews, search validation and the additional risk of double counting. == Examples of Tertiary reviews in software engineering literature == Test quality Machine Learning Test-driven development
Ciphertext expansion
In cryptography, the term ciphertext expansion refers to the length increase of a message when it is encrypted. Many modern cryptosystems cause some degree of expansion during the encryption process, for instance when the resulting ciphertext must include a message-unique Initialization Vector (IV). Probabilistic encryption schemes cause ciphertext expansion, as the set of possible ciphertexts is necessarily greater than the set of input plaintexts. Certain schemes, such as Cocks Identity Based Encryption, or the Goldwasser-Micali cryptosystem result in ciphertexts hundreds or thousands of times longer than the plaintext. Ciphertext expansion may be offset or increased by other processes which compress or expand the message, e.g., data compression or error correction coding. == Reasons why Ciphertext expansion can occur == === Probabilistic Encryption === Probabilistic encryption schemes, such as the Goldwasser-Micali cryptosystem, necessarily produce ciphertexts that are longer than the original plaintexts. This is because the set of possible ciphertexts must be larger than the set of plaintexts to achieve semantic security. === Initialization Vectors (IVs) === Many block cipher modes of operation, like Cipher Block Chaining (CBC), require the use of an Initialization Vector (IV) that is unique for each message. The IV is typically appended to the ciphertext, resulting in expansion. === Redundancy and Error Correction === Some cryptographic schemes intentionally introduce redundancy or error correction codes into the ciphertext to protect against tampering or transmission errors. This added data increases the ciphertext size. === Specific Cryptosystems === Certain cryptographic schemes, such as Cocks Identity-Based Encryption, can produce ciphertexts that are hundreds or thousands of times longer than the original plaintext. This extreme expansion is a design choice to achieve the desired security properties. Ciphertext expansion can be offset or increased by other processes that compress or expand the message, such as data compression or error correction coding. The overall impact on message size depends on the relative strengths of these competing effects.