In telecommunications, the term system integrity has the following meanings: That condition of a system wherein its mandated operational and technical parameters are within the prescribed limits. The quality of an AIS when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. The state that exists when there is complete assurance that under all conditions an IT system is based on the logical correctness and reliability of the operating system, the logical completeness of the hardware and software that implement the protection mechanisms, and data integrity.
Opponent process
The opponent process is a hypothesis of color vision that states that the human visual system interprets information about color by processing signals from the three types of photoreceptor cells in an antagonistic manner. The three types of cones are called L, M, and S. The names stand for "Long wavelength sensitive,” "middle wavelength sensitive," and "short wavelength sensitive." The opponent-process theory implicates three opponent channels: L versus M, S versus (L+M), and a luminance channel (+ versus -). These cone-opponent mechanisms were at one time thought to be the neural substrate for a psychological theory called Hering's Opponent Colors Theory, which calls for three psychologically important opponent color processes: red versus green, blue versus yellow, and black versus white (luminance). The Opponent Colors Theory is named for the German physiologist Ewald Hering who proposed the idea in the late 19th century. However, it has been argued that Hering’s Opponent Colors Theory lacks adequate phenomenological and empirical support, and may not be a necessary feature of normal human color experience. Correspondingly, considerable physiological and behavioral evidence proves that the physiological cone opponent mechanisms do not constitute the neurobiological basis for Hering's Opponent Colors Theory. == Color theory == === Complementary colors === When staring at a bright color for a while (e.g. red), then looking away at a white field, an afterimage is perceived, such that the original color will evoke its complementary color (cyan, in the case of red input). When complementary colors are combined or mixed, they "cancel each other out" and become neutral (white or gray). That is, complementary colors are never perceived as a mixture; there is no "greenish red" or "yellowish blue", despite claims to the contrary. The strongest color contrast that a color can have is its complementary color. Complementary colors may also be called "opposite colors" and they were originally considered the primary evidence in support of Hering's Opponent Colors Theory. There are two fatal problems with this evidence. First, the complement of red is not green, as called for by Hering's theory; it is bluish-green. And second, there exists a complementary color for every color, so there is nothing special about the set of complementary pairs picked out by Hering's theory. === Unique hues === The colors that define the extremes for each opponent channel are called unique hues, as opposed to composite (mixed) hues. Ewald Hering first defined the unique hues as red, green, blue, and yellow, and based them on the concept that these colors could not be simultaneously perceived. For example, a color cannot appear both red and green. These definitions have been experimentally refined and are represented today by average hue angles of 353° (carmine red), 128° (cobalt green), 228° (cobalt blue), 58° (yellow). The unique hues are a defining feature of many psychological color spaces, but there is substantial evidence showing that the unique hues are not hard wired in the nervous system, contrary to the stipulations of Hering's Opponent Colors Theory. Unique hues can differ between individuals and are often used in psychophysical research to measure variations in color perception due to color-vision deficiencies or color adaptation. While there is considerable inter-subject variability when defining unique hues experimentally, an individual's unique hues are very consistent, to within a few nanometers of wavelength. == Physiological basis == === Relation to LMS color space === The trichromatic theory is in conflict with Hering's Opponent Colors Theory, although it is compatible with a physiological opponent process that compares the outputs of the different classes of cone types. The poles of these cone opponent mechanisms do not correspond to the unique hues of Hering's Opponent Colors Theory and unlike the unique hues, have no privilege in color perception. Most humans have three different cone cells in their retinas that facilitate trichromatic color vision. Colors are determined by the proportional excitation of these three cone types, i.e. their quantum catch. The levels of excitation of each cone type are the parameters that define LMS color space. To calculate the opponent process tristimulus values from the LMS color space, the cone excitations must be compared: The luminous (achromatic) opponent channel is a weighted sum of all three cone cells (plus the rod cells in some conditions). The red–green opponent channel is equal to the difference of the L- and M-cones. The blue–yellow opponent channel is equal to the difference of the S-cone and the average/weighted sum of the L- and M-cones. Most mammals have no L cone (the primate L cone arose from a gene duplication of the M cone opsin gene). These mammals still show two kinds of opponent channels in their retinal ganglion cells: the achromatic channel and the blue-yellow opponency channel. === Cone opponent mechanisms are encoded in the retina === The output of different types of cones are compared by cells in the retina including retina bipolar cells (which compare signals from L and M cones) and bistratified retinal ganglion cells (which compare S cone signals with L and M cone signals). The output of bipolar cells is relayed to the visual cortex by the retinal ganglion cells (RGCs) by way of a thalamic relay station called the lateral geniculate nucleus (LGN) of the thalamus. Much of the scientific knowledge of retinal ganglion cell physiology was obtained by neural recordings of cells in the LGN. The cone-opponent mechanisms in the retina and LGN represent a fundamental physiological opponent process but do not represent the unique hues (or Hering's Opponent Colors Theory). For example, the colors that best elicit responses of the bistratified S-(L+M)-opponent neurons are best described as purplish (or lavender) and lime-green, not "blue" and "yellow". The neurons are sometimes referred to as "blue–yellow" neurons, but this is a historical artifact dating to the time when it was thought that Hering's Opponent Colors Theory was hardwired by the retina and the mismatch between the colors to which they are optimally tuned and Hering's Opponent Colors was overlooked. Cone opponent mechanisms exist in the retinas of many mammals, including monkeys, mice, and cats. In primates, the LGN contains three major classes of layers: Magnocellular layers (M, large-cell) – responsible largely for the luminance channel Parvocellular layers (P, small-cell) – responsible largely for red–green opponency Koniocellular layers (K) – responsible largely for blue–yellow opponency, poor spatial resolution, long latency Other mammals such as cats also have three cell types denoted as X (magno), Y (parvo), and W (konio). The W type is beyond most doubt homologous to the primate K type. There are some subtle differences between the M and X types as well as the Y and P types to make the correspondence unclear. === Advantage === Transmitting information in opponent-channel color space could be advantageous over transmitting it in LMS color space ("raw" signals from each cone type). There is some overlap in the wavelengths of light to which the three types of cones (L for long-wave, M for medium-wave, and S for short-wave light) respond, so it is more efficient for the visual system (from a perspective of dynamic range) to record differences between the responses of cones, rather than each type of cone's individual response. Hurvich and Jameson argued that the use of opponent-channel color space would increase color contrast, making the information easier to process by later stages of vision. === Color blindness === Color blindness can be classified by the cone cell that is affected (protan, deutan, tritan) or by the opponent channel that is affected (red–green or blue–yellow). In either case, the channel can either be inactive (in the case of dichromacy) or have a lower dynamic range (in the case of anomalous trichromacy). For example, individuals with deuteranopia see little difference between the red and green unique hues. == History == Johann Wolfgang von Goethe first studied the physiological effect of opposed colors in his Theory of Colours in 1810. Goethe arranged his color wheel symmetrically "for the colours diametrically opposed to each other in this diagram are those which reciprocally evoke each other in the eye. Thus, yellow demands purple; orange, blue; red, green; and vice versa: Thus again all intermediate gradations reciprocally evoke each other." Ewald Hering proposed opponent color theory in 1892. He thought that the colors red, yellow, green, and blue are special in that any other color can be described as a mix of them, and that they exist in opposite pairs. That is, either red or green is perceived and never greenish-red: Even though yellow is a mixture of red and green in the RGB color theory, humans
Randomized rounding
In computer science and operations research, randomized rounding is a widely used approach for designing and analyzing approximation algorithms. Many combinatorial optimization problems are computationally intractable to solve exactly (to optimality). For such problems, randomized rounding can be used to design fast (polynomial time) approximation algorithms—that is, algorithms that are guaranteed to return an approximately optimal solution given any input. The basic idea of randomized rounding is to convert an optimal solution of a relaxation of the problem into an approximately-optimal solution to the original problem. The resulting algorithm is usually analyzed using the probabilistic method. == Overview == The basic approach has three steps: Formulate the problem to be solved as an integer linear program (ILP). Compute an optimal fractional solution x {\displaystyle x} to the linear programming relaxation (LP) of the ILP. Round the fractional solution x {\displaystyle x} of the LP to an integer solution x ′ {\displaystyle x'} of the ILP. (Although the approach is most commonly applied with linear programs, other kinds of relaxations are sometimes used. For example, see Goemans' and Williamson's semidefinite programming-based Max-Cut approximation algorithm.) In the first step, the challenge is to choose a suitable integer linear program. Familiarity with linear programming, in particular modelling using linear programs and integer linear programs, is required. For many problems, there is a natural integer linear program that works well, such as in the Set Cover example below. (The integer linear program should have a small integrality gap; indeed randomized rounding is often used to prove bounds on integrality gaps.) In the second step, the optimal fractional solution can typically be computed in polynomial time using any standard linear programming algorithm. In the third step, the fractional solution must be converted into an integer solution (and thus a solution to the original problem). This is called rounding the fractional solution. The resulting integer solution should (provably) have cost not much larger than the cost of the fractional solution. This will ensure that the cost of the integer solution is not much larger than the cost of the optimal integer solution. The main technique used to do the third step (rounding) is to use randomization, and then to use probabilistic arguments to bound the increase in cost due to the rounding (following the probabilistic method from combinatorics). Therein, probabilistic arguments are used to show the existence of discrete structures with desired properties. In this context, one uses such arguments to show the following: Given any fractional solution x {\displaystyle x} of the LP, with positive probability the randomized rounding process produces an integer solution x ′ {\displaystyle x'} that approximates x {\displaystyle x} according to some desired criterion. Finally, to make the third step computationally efficient, one either shows that x ′ {\displaystyle x'} approximates x {\displaystyle x} with high probability (so that the step can remain randomized) or one derandomizes the rounding step, typically using the method of conditional probabilities. The latter method converts the randomized rounding process into an efficient deterministic process that is guaranteed to reach a good outcome. == Example: the set cover problem == The following example illustrates how randomized rounding can be used to design an approximation algorithm for the set cover problem. Fix any instance ⟨ c , S ⟩ {\displaystyle \langle c,{\mathcal {S}}\rangle } of set cover over a universe U {\displaystyle {\mathcal {U}}} . === Computing the fractional solution === For step 1, let IP be the standard integer linear program for set cover for this instance. For step 2, let LP be the linear programming relaxation of IP, and compute an optimal solution x ∗ {\displaystyle x^{}} to LP using any standard linear programming algorithm. This takes time polynomial in the input size. The feasible solutions to LP are the vectors x {\displaystyle x} that assign each set s ∈ S {\displaystyle s\in {\mathcal {S}}} a non-negative weight x s {\displaystyle x_{s}} , such that, for each element e ∈ U {\displaystyle e\in {\mathcal {U}}} , x ′ {\displaystyle x'} covers e {\displaystyle e} —the total weight assigned to the sets containing e {\displaystyle e} is at least 1, that is, ∑ s ∋ e x s ≥ 1. {\displaystyle \sum _{s\ni e}x_{s}\geq 1.} The optimal solution x ∗ {\displaystyle x^{}} is a feasible solution whose cost ∑ s ∈ S c ( S ) x s ∗ {\displaystyle \sum _{s\in {\mathcal {S}}}c(S)x_{s}^{}} is as small as possible. Note that any set cover C {\displaystyle {\mathcal {C}}} for S {\displaystyle {\mathcal {S}}} gives a feasible solution x {\displaystyle x} (where x s = 1 {\displaystyle x_{s}=1} for s ∈ C {\displaystyle s\in {\mathcal {C}}} , x s = 0 {\displaystyle x_{s}=0} otherwise). The cost of this C {\displaystyle {\mathcal {C}}} equals the cost of x {\displaystyle x} , that is, ∑ s ∈ C c ( s ) = ∑ s ∈ S c ( s ) x s . {\displaystyle \sum _{s\in {\mathcal {C}}}c(s)=\sum _{s\in {\mathcal {S}}}c(s)x_{s}.} In other words, the linear program LP is a relaxation of the given set-cover problem. Since x ∗ {\displaystyle x^{}} has minimum cost among feasible solutions to the LP, the cost of x ∗ {\displaystyle x^{}} is a lower bound on the cost of the optimal set cover. === Randomized rounding step === In step 3, we must convert the minimum-cost fractional set cover x ∗ {\displaystyle x^{}} into a feasible integer solution x ′ {\displaystyle x'} (corresponding to a true set cover). The rounding step should produce an x ′ {\displaystyle x'} that, with positive probability, has cost within a small factor of the cost of x ∗ {\displaystyle x^{}} .Then (since the cost of x ∗ {\displaystyle x^{}} is a lower bound on the cost of the optimal set cover), the cost of x ′ {\displaystyle x'} will be within a small factor of the optimal cost. As a starting point, consider the most natural rounding scheme: For each set s ∈ S {\displaystyle s\in {\mathcal {S}}} in turn, take x s ′ = 1 {\displaystyle x'_{s}=1} with probability min ( 1 , x s ∗ ) {\displaystyle \min(1,x_{s}^{})} , otherwise take x s ′ = 0 {\displaystyle x'_{s}=0} . With this rounding scheme, the expected cost of the chosen sets is at most ∑ s c ( s ) x s ∗ {\displaystyle \sum _{s}c(s)x_{s}^{}} , the cost of the fractional cover. This is good. Unfortunately the coverage is not good. When the variables x s ∗ {\displaystyle x_{s}^{}} are small, the probability that an element e {\displaystyle e} is not covered is about ∏ s ∋ e 1 − x s ∗ ≈ ∏ s ∋ e exp ( − x s ∗ ) = exp ( − ∑ s ∋ e x s ∗ ) ≈ exp ( − 1 ) . {\displaystyle \prod _{s\ni e}1-x_{s}^{}\approx \prod _{s\ni e}\exp(-x_{s}^{})=\exp {\Big (}-\sum _{s\ni e}x_{s}^{}{\Big )}\approx \exp(-1).} So only a constant fraction of the elements will be covered in expectation. To make x ′ {\displaystyle x'} cover every element with high probability, the standard rounding scheme first scales up the rounding probabilities by an appropriate factor λ > 1 {\displaystyle \lambda >1} . Here is the standard rounding scheme: Fix a parameter λ ≥ 1 {\displaystyle \lambda \geq 1} . For each set s ∈ S {\displaystyle s\in {\mathcal {S}}} in turn, take x s ′ = 1 {\displaystyle x'_{s}=1} with probability min ( λ x s ∗ , 1 ) {\displaystyle \min(\lambda x_{s}^{},1)} , otherwise take x s ′ = 0 {\displaystyle x'_{s}=0} . Scaling the probabilities up by λ {\displaystyle \lambda } increases the expected cost by λ {\displaystyle \lambda } , but makes coverage of all elements likely. The idea is to choose λ {\displaystyle \lambda } as small as possible so that all elements are provably covered with non-zero probability. Here is a detailed analysis. ==== Lemma (approximation guarantee for rounding scheme) ==== Fix λ = ln ( 2 | U | ) {\displaystyle \lambda =\ln(2|{\mathcal {U}}|)} . With positive probability, the rounding scheme returns a set cover x ′ {\displaystyle x'} of cost at most 2 ln ( 2 | U | ) c ⋅ x ∗ {\displaystyle 2\ln(2|{\mathcal {U}}|)c\cdot x^{}} (and thus of cost O ( log | U | ) {\displaystyle O(\log |{\mathcal {U}}|)} times the cost of the optimal set cover). (Note: with care the O ( log | U | ) {\displaystyle O(\log |{\mathcal {U}}|)} can be reduced to ln ( | U | ) + O ( log log | U | ) {\displaystyle \ln(|{\mathcal {U}}|)+O(\log \log |{\mathcal {U}}|)} .) ==== Proof ==== The output x ′ {\displaystyle x'} of the random rounding scheme has the desired properties as long as none of the following "bad" events occur: the cost c ⋅ x ′ {\displaystyle c\cdot x'} of x ′ {\displaystyle x'} exceeds 2 λ c ⋅ x ∗ {\displaystyle 2\lambda c\cdot x^{}} , or for some element e {\displaystyle e} , x ′ {\displaystyle x'} fails to cover e {\displaystyle e} . The expectation of each x s ′ {\displaystyle x'_{s}} is at most λ x s ∗ {\displaystyle \lambda x_{s
Magic Quadrant
Magic Quadrant (MQ) is a series of market research reports published by research and advisory firm Gartner that rely on proprietary qualitative data analysis methods to demonstrate market trends, such as direction, maturity, and participants. Their analyses are conducted for several specific technology industries and are updated every 1–2 years: once an updated report has been published, its predecessor is "retired". == Rating == Gartner rates vendors upon two criteria: completeness of vision and ability to execute. Completeness of vision – Reflects the vendor's innovation, and whether the vendor drives or follows the market. Ability to execute – Summarizes factors such as the vendor's financial viability, market responsiveness, product development, sales channels and customer base. The two component scores lead to a vendor position in one of four quadrants: === Leaders === Vendors in the "Leaders" quadrant have the highest composite scores for their completeness of vision and ability to execute. A vendor in the Leaders quadrant has the market share, credibility, and marketing & sales capabilities needed to drive the acceptance of new technologies. These vendors demonstrate a clear understanding of market needs, they are innovators and thought leaders, and they have well-articulated plans that customers and prospects can use when designing their infrastructures and strategies. In addition, they have a presence in the five major geographical regions, consistent financial performance, and broad platform support. === Challengers === Vendors in the "Challengers" quadrant have high scores mainly for their ability to execute. They both participate in the market and execute well enough to be a serious threat to vendors in the "Leaders" quadrant. They have strong products, as well as sufficiently credible market position and resources to sustain continued growth. Financial viability is not an issue for vendors in the "Challengers" quadrant, but they lack the size and influence of vendors in the "Leaders" quadrant due to their relative lack of vision. === Visionaries === Vendors in the "Visionaries" quadrant have high scores mainly for their completeness of vision. They deliver innovative products that address operationally or financially important end-user problems at a broad scale, but have not yet demonstrated the ability to capture market share or maintain sustainable levels of profitability. Visionary vendors are frequently privately held companies and acquisition targets for larger, established companies. The likelihood of acquisition often reduces the risks associated with installing their systems. === Niche Players === Vendors in the "Niche Players" quadrant have relatively low scores for both their ability to execute and their completeness of vision. They are often narrowly focused on specific market or vertical segments. This quadrant often also includes vendors that are adapting their existing products to enter the market under consideration, or larger vendors having difficulty developing and executing on their vision. == Gartner Critical Capabilities == Gartner Critical Capabilities complement Magic Quadrant analysis to offer deeper insight into the products and services offered by multiple vendors by a comparative analysis that scores competing products or services against a set of critical differentiators identified by Gartner. Gartner has periodically ended Magic Quadrant listings for IT Service Management, Web Content Management, and other industries as those markets have fully matured or other factors rendered the analytic framework inapplicable. == Criticism == The Magic Quadrant, and analysts in general, skew the market: according to research, by applying their methodologies to describe a market, they change that marketplace to fit their tools. Another criticism is that open source vendors are not considered sufficiently by analysts like Gartner, as has been published in an online discussion between a VP from Talend and a German Research VP from Gartner. On May 29, 2009 (2009-05-29), software vendor ZL Technologies filed a federal lawsuit against Gartner that challenged the "legitimacy" of Gartner's Magic Quadrant rating system. Gartner filed a motion to dismiss by claiming First Amendment protection since it contends that its MQ reports contain "pure opinion", which legally means opinions that are not based on fact. The court threw out the ZL case because it lacked a specific complaint. The decision was upheld on appeal.
Pseudonymization
Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing. Pseudonymization (or pseudonymisation, the spelling under European guidelines) is one way to comply with the European Union's General Data Protection Regulation (GDPR) demands for secure data storage of personal information. Pseudonymized data can be restored to its original state with the addition of information which allows individuals to be re-identified. In contrast, anonymization is intended to prevent re-identification of individuals within the dataset. Clause 18, Module Four, footnote 2 of the Adoption by the European Commission of the Implementing Decisions (EU) 2021/914 "requires rendering the data anonymous in such a way that the individual is no longer identifiable by anyone ... and that this process is irreversible." == Impact of Schrems II ruling == The European Data Protection Supervisor (EDPS) on 9 December 2021 highlighted pseudonymization as the top technical supplementary measure for Schrems II compliance. Less than two weeks later, the EU Commission highlighted pseudonymization as an essential element of the equivalency decision for South Korea, which is the status that was lost by the United States under the Schrems II ruling by the Court of Justice of the European Union (CJEU). The importance of GDPR-compliant pseudonymization increased dramatically in June 2021 when the European Data Protection Board (EDPB) and the European Commission highlighted GDPR-compliant pseudonymization as the state-of-the-art technical supplementary measure for the ongoing lawful use of EU personal data when using third country (i.e., non-EU) cloud processors or remote service providers under the "Schrems II" ruling by the CJEU. Under the GDPR and final EDPB Schrems II Guidance, the term pseudonymization requires a new protected "state" of data, producing a protected outcome that: Protects direct, indirect, and quasi-identifiers, together with characteristics and behaviors; Protects at the record and data set level versus only the field level so that the protection travels wherever the data goes, including when it is in use; and Protects against unauthorized re-identification via the mosaic effect by generating high entropy (uncertainty) levels by dynamically assigning different tokens at different times for various purposes. The combination of these protections is necessary to prevent the re-identification of data subjects without the use of additional information kept separately, as required under GDPR Article 4(5) and as further underscored by paragraph 85(4) of the final EDPB Schrems II guidance: Article 4(5) "Definitions" of the GDPR defines pseudonymization as "the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person." "Use Case 2: Transfer of pseudonymised Data Paragraph 85(4)" of the final EDPB Schrems II Guidance requires that “the controller has established by means of a thorough analysis of the data in question – taking into account any information that the public authorities of the recipient country may be expected to possess and use – that the pseudonymised personal data cannot be attributed to an identified or identifiable natural person even if cross-referenced with such information." GDPR-compliant pseudonymization requires that data is "anonymous" in the strictest EU sense of the word – globally anonymous – but for the additional information held separately and made available under controlled conditions as authorized by the data controller for permitted re-identification of individual data subjects. Clause 18, Module Four, footnote 2 of the Adoption by the European Commission of the Implementing Decision (EU) 2021/914 "requires rendering the data anonymous in such a way that the individual is no longer identifiable by anyone, in line with recital 26 of Regulation (EU) 2016/679, and that this process is irreversible." Before the Schrems II ruling, pseudonymization was a technique used by security experts or government officials to hide personally identifiable information to maintain data structure and privacy of information. Some common examples of sensitive information include postal code, location of individuals, names of individuals, race and gender, etc. After the Schrems II ruling, GDPR-compliant pseudonymization must satisfy the above-noted elements as an "outcome" versus merely a technique. == Data fields == The choice of which data fields are to be pseudonymized is partly subjective. Less selective fields, such as birth date or postal code are often also included because they are usually available from other sources and therefore make a record easier to identify. Pseudonymizing these less identifying fields removes most of their analytic value and is therefore normally accompanied by the introduction of new derived and less identifying forms, such as year of birth or a larger postal code region. Data fields that are less identifying, such as date of attendance, are usually not pseudonymized. This is because too much statistical utility is lost in doing so, not because the data cannot be identified. For example, given prior knowledge of a few attendance dates it is easy to identify someone's data in a pseudonymized dataset by selecting only those people with that pattern of dates. This is an example of an inference attack. The weakness of pre-GDPR pseudonymized data to inference attacks is commonly overlooked. A famous example is the AOL search data scandal. The AOL example of unauthorized re-identification did not require access to separately kept "additional information" that was under the control of the data controller as is now required for GDPR-compliant pseudonymization, outlined below under the section "New Definition for Pseudonymization Under GDPR". Protecting statistically useful pseudonymized data from re-identification requires: a sound information security base controlling the risk that the analysts, researchers or other data workers cause a privacy breach The pseudonym allows tracking back of data to its origins, which distinguishes pseudonymization from anonymization, where all person-related data that could allow backtracking has been purged. Pseudonymization is an issue in, for example, patient-related data that has to be passed on securely between clinical centers. The application of pseudonymization to e-health intends to preserve the patient's privacy and data confidentiality. It allows primary use of medical records by authorized health care providers and privacy preserving secondary use by researchers. In the US, HIPAA provides guidelines on how health care data must be handled and data de-identification or pseudonymization is one way to simplify HIPAA compliance. However, plain pseudonymization for privacy preservation often reaches its limits when genetic data are involved (see also genetic privacy). Due to the identifying nature of genetic data, depersonalization is often not sufficient to hide the corresponding person. Potential solutions are the combination of pseudonymization with fragmentation and encryption. An example of application of pseudonymization procedure is creation of datasets for de-identification research by replacing identifying words with words from the same category (e.g. replacing a name with a random name from the names dictionary), however, in this case it is in general not possible to track data back to its origins. == New definition under GDPR == Effective as of May 25, 2018, the EU General Data Protection Regulation (GDPR) defines pseudonymization for the very first time at the EU level in Article 4(5). Under Article 4(5) definitional requirements, data is pseudonymized if it cannot be attributed to a specific data subject without the use of separately kept "additional information". Pseudonymized data embodies the state of the art in Data Protection by Design and by Default because it requires protection of both direct and indirect identifiers (not just direct). GDPR Data Protection by Design and by Default principles as embodied in pseudonymization require protection of both direct and indirect identifiers so that personal data is not cross-referenceable (or re-identifiable) via the "mosaic effect" without access to "additional information" that is kept separately by the controller. Because access to separately kept "additional information" is required
G'MIC
G'MIC (GREYC's Magic for Image Computing) is a free and open-source framework for image processing. It defines a script language that allows the creation of complex macros. Originally usable only through a command line interface, it is currently mostly popular as a GIMP plugin, and is also included in Krita. G'MIC is dual-licensed under CECILL-2.1 or CECILL-C. == Features == G'MIC's graphical interface is notable for its noise removal filters, which came from an earlier project called GREYCstoration by the same authors. G'MIC offers many built-in commands for image processing, including basic mathematical manipulations, look up tables, and filtering operations. More complex macros and pipelines built out of those commands are defined in its library files. == Interpreters == === Command line === G'MIC is primarily a script language callable from a shell. For example, to display an image: This command displays the image contained in the file image.jpg and allows zooming in to examine values. Several filters can be applied in succession. For example, to crop and resize an image: === Graphical interface === G'MIC comes with a Qt-based graphical interface, which may be integrated as a Gimp or Krita plugin. It contains several hundred filters written in the G'MIC language, dynamically updated through an internet feed. The interface provides a preview and setting sliders for each filter. G'MIC is one of the most popular Gimp plugins. === G'MIC Online === Most of the filters available for the graphical interface are also available online. === ZArt === ZArt is a graphical interface for real-time manipulation of webcam images. === libgmic === Libgmic is a C++ library that can be linked to third-party applications. It sees integration in Flowblade and Veejay.
Software intelligence
Software intelligence is insight into the inner workings and structural condition of software assets produced by software designed to analyze database structure, software framework and source code to better understand and control complex software systems in information technology environments. Similarly to business intelligence (BI), software intelligence is produced by a set of software tools and techniques for the mining of data and the software's inner-structure. Results are automatically produced and feed a knowledge base containing technical documentation and blueprints of the innerworking of applications, and make it available to all to be used by business and software stakeholders to make informed decisions, measure the efficiency of software development organizations, communicate about the software health, prevent software catastrophes. == History == Software intelligence has been used by Kirk Paul Lafler, an American engineer, entrepreneur, and consultant, and founder of Software Intelligence Corporation in 1979. At that time, it was mainly related to SAS activities, in which he has been an expert since 1979. In the early 1980s, Victor R. Basili participated in different papers detailing a methodology for collecting valid software engineering data relating to software engineering, evaluation of software development, and variations. In 2004, different software vendors in software analysis started using the terms as part of their product naming and marketing strategy. Then in 2010, Ahmed E. Hassan and Tao Xie defined software intelligence as a "practice offering software practitioners up-to-date and pertinent information to support their daily decision-making processes and Software Intelligence should support decision-making processes throughout the lifetime of a software system". They go on by defining software intelligence as a "strong impact on modern software practice" for the upcoming decades. == Capabilities == Because of the complexity and wide range of components and subjects implied in software, software intelligence is derived from different aspects of software: Software composition is the construction of software application components. Components result from software coding, as well as the integration of the source code from external components: Open source, 3rd party components, or frameworks. Other components can be integrated using application programming interface call to libraries or services. Software architecture refers to the structure and organization of elements of a system, relations, and properties among them. Software flaws designate problems that can cause security, stability, resiliency, and unexpected results. There is no standard definition of software flaws but the most accepted is from The MITRE Corporation where common flaws are cataloged as Common Weakness Enumeration. Software grades assess attributes of the software. Historically, the classification and terminology of attributes have been derived from the ISO 9126-3 and the subsequent ISO 25000:2005 quality model. Software economics refers to the resource evaluation of software in the past, present, or future to make decisions and to govern. == Components == The capabilities of software intelligence platforms include an increasing number of components: Code analyzer to serve as an information basis for other software intelligence components identifying objects created by the programming language, external objects from Open source, third parties objects, frameworks, API, or services Graphical visualization and blueprinting of the inner structure of the software product or application considered including dependencies, from data acquisition (automated and real-time data capture, end-user entries) up to data storage, the different layers within the software, and the coupling between all elements. Navigation capabilities within components and impact analysis features List of flaws, architectural and coding violations, against standardized best practices, cloud blocker preventing migration to a Cloud environment, and rogue data-call entailing the security and integrity of software Grades or scores of the structural and software quality aligned with industry-standard like OMG, CISQ or SEI assessing the reliability, security, efficiency, maintainability, and scalability to cloud or other systems. Metrics quantifying and estimating software economics including work effort, sizing, and technical debt Industry references and benchmarking allowing comparisons between outputs of analysis and industry standards == User aspect == Some considerations must be made in order to successfully integrate the usage of software Intelligence systems in a company. Ultimately the software intelligence system must be accepted and utilized by the users in order for it to add value to the organization. If the system does not add value to the users' mission, they simply don't use it as stated by M. Storey in 2003. At the code level and system representation, software intelligence systems must provide a different level of abstractions: an abstract view for designing, explaining and documenting and a detailed view for understanding and analyzing the software system. At the governance level, the user acceptance for software intelligence covers different areas related to the inner functioning of the system as well as the output of the system. It encompasses these requirements: Comprehensive: missing information may lead to a wrong or inappropriate decision, as well as it is a factor influencing the user acceptance of a system. Accurate: accuracy depends on how the data is collected to ensure fair and indisputable opinion and judgment. Precise: precision is usually judged by comparing several measurements from the same or different sources. Scalable: lack of scalability in the software industry is a critical factor leading to failure. Credible: outputs must be trusted and believed. Deploy-able and usable. == Applications == Software intelligence has many applications in all businesses relating to the software environment, whether it is software for professionals, individuals, or embedded software. Depending on the association and the usage of the components, applications will relate to: Change and modernization: uniform documentation and blueprinting on all inner components, external code integrated, or call to internal or external components of the software Resiliency and security: measuring against industry standards to diagnose structural flaws in an IT environment. Compliance validation regarding security, specific regulations or technical matters. Decisions making and governance: Providing analytics about the software itself or stakeholders involved in the development of the software, e.g. productivity measurement to inform business and IT leaders about progress towards business goals. Assessment and Benchmarking to help business and IT leaders to make informed, fact-based decision about software. == Marketplace == Software intelligence is a high-level discipline and has been gradually growing covering the applications listed above. There are several markets driving the need for it: Application Portfolio Analysis (APA) aiming at improving the enterprise performance. Software Assessment for producing the software KPI and improving quality and productivity. Software security and resiliency measures and validation. Software evolution or legacy modernization, for which blueprinting the software systems are needed nor tools improving and facilitating modifications.