The QWERTY keyboard on mobile devices usually requires users? full visual attention and both hands, which are not always possible. We propose a thumb-stroke based keyboard, ThumbStroke, to support both sight-free and one-handed text entry. Selecting characters via ThumbStroke completely relies on the directions of thumb movements at any place on the screen of a mobile device. It does not require physical press of any specific keys, thus eliminating the need of visual attention and reducing errors due to tiny key size, fat thumb, limited thumb reachability, and visual occlusion. We empirically evaluated ThumbStroke through a 20-session longitudinal controlled lab experiment. ThumbStroke shows advantages in typing accuracy and user perceptions in comparison to the Escape and QWERTY keyboards for one-handed text entry, and results in faster typing speed than QWERTY in sight-free and one-handed text entry. This study provides novel research contributions to mobile HCI, advancing the design of soft keyboards for one-handed interaction with mobile devices and mobile accessibility.

The need to create and deploy business application systems rapidly has sparked interest in using web services to compose them. When creating mission critical business applications through web service compositions, in addition to ensuring that functional requirements are met, designers need to consider the end-to-end reliability, security, performance, and overall cost of the application. As the number of available coarse grain business services grows, the problem of selecting appropriate services quickly becomes combinatorially explosive for realistic-sized business applications. This paper develops a business process driven approach for composing service-oriented applications. To address the complexity, we utilize an evolutionary heuristic approach based on a multi-criteria genetic algorithm. By using a combination of weights, we identify a Pareto-optimal multidimensional frontier that permits managers to trade-off conflicting objectives when selecting a set of services for the application. We illustrate the use and effectiveness of the approach by applying it to the composition of a real-world drop-ship business application.

Under what conditions is the Internet more likely to be used maliciously for criminal activity? This study examines the conditions under which the Internet is associated with cybercriminal offenses. Using comprehensive state-level data in the United States during 2004-2010, our findings show that there is no clear empirical evidence that the Internet penetration rate is related to the number of Internet crime perpetrators; however, cybercriminal activities are contingent upon socioeconomic factors and connection speed. Specifically, a higher income, more education, a lower poverty rate, a lower unemployment rate, and a lower inequality are likely to make the Internet penetration be more positively related with cybercrime perpetrators, which are indeed different from the conditions of terrestrial crime in the real world. In addition, broadband connections are significantly and positively associated with Internet crime perpetrators, though narrowband connections are not. Taken together, cybercrime requires more than just a skilled perpetrator, and it requires an infrastructure to facilitate profiteering from the act. A relevant discussion is provided.

Security breaches adversely impact profit margins, market capitalization, and brand image of an organization. To alleviate the risk of such breaches, global IT organizations are increasingly resorting to cyber-insurance products, in addition to the use of technological devices such as anti-virus, firewalls, IDS, etc. To this end, a necessary and significantly important functionality from the insurer viewpoint is a proper assessment of system vulnerability driven risks within an IT organization that eventually drives insurance policy pricing. In this paper, we comment on the tightness of risk quantification via the copula-based cyber-vulnerability assessment (C-VA) model from \cite{mcsms}, for correlated IT-insured risk. More specifically, we derive a tighter estimate of risk quantification using the C-VA model. A significant assumptional drawback of the C-VA model is the presence of \emph{linear} correlational associations between any pair of random variables characterizing the parameters contributing to the cyber-risk outcome of an IT-organization. This might not be true for general IT organizational environments. Thus, use of the C-VA model in general will result in loose estimates of correlated IT risk, and will affect cyber-insurance companies in framing appropriately profitable coverage policies for IT organizations. In this paper, we extend the copula density computation in \cite{mcsms} to account for the presence of possible \emph{non-linear} correlations between pairs of random variables influencing the risk quantification outcome, thereby paving the way for cyber-insurers to have tighter estimates of cyber-risk.