in the virtual extension
DOI: 10.1145/1941487.1941490

In the Virtual extension

To ensure the timely publication of articles, Communications created the Virtual Extension (VE) to expand the page limitations of the print edition by bringing readers the same high-quality articles in an online-only format. VE articles undergo the same rigorous review process as those in the print edition and are accepted for publication on merit. The following synopses are from articles now available in their entirety to ACM members via the Digital Library.

contributed article

DOI: 10.1145/1941487.1941515

Challenges and Business
models for mobile Location-based
services and advertising

Subhankar Dhar and Upkar Varshney

Location-based services have attracted considerable attention due to their potential to transform mobile communications and the potential for a range of highly personalized and context-aware services. Since the days of early location-tracking functionalities introduced in Japan in 2001 and in some U.S. networks, location-based services have made considerable progress.

The potential for location-based services is evident from powerful and ubiquitous wireless devices that are growing in popularity. Many surveys predict billions of dollars in revenues for mobile advertising. Mobile network operators are well positioned to take up a significant percentage of this advertising revenue as they negotiate deals with content providers. Recent deals between media companies, advertising agencies, and the Internet/software industry also demonstrate significant optimism for future growth.

However, there are many challenges that have slowed down the deployment, offering, and wide-scale adoption of location-based services. The challenges include emerging technologies, suitable applications, and business models. This article addresses both technical- and business-related challenges in location-based services, specifically in mobile advertising. The authors explore how location-based mobile advertising can generate revenues and sustain successful business models. However, they are quick to note that while mobile advertising will become more pervasive and profitable, it will not happen before key technical and business challenges are addressed.

contributed article

DOI: 10.1145/1941487.1941516

Is open source security a myth?

Guido Schryen

During the past few decades we became accustomed to acquiring software by procuring licenses for a proprietary or binary-only immaterial object. We regard software as a product we have to pay for, just as we would pay for material objects. However, in more recent years, this widely cultivated habit has begun to be accompanied by a software model characterized by software that comes with a compilable source code. This type of software is referred to as open source software (oSS).

While there is consensus that opening up source code to the public increases the number of reviewers, the impact of open source on software security remains controversial. While the security discussion is rife with beliefs and guesses, only a few quantitative models and some empirical studies appear in the literature; and most of those studies examine only one or a few packages.

This article presents a comprehensive empirical investigation of published vulnerabilities and patches of 17 widely deployed open source and closed source software packages. The empirical analysis uses comprehensive vulnerability data contained in the nIST national Vulnerability Database and a newly compiled data set of vulnerability patches. Based on these comprehensive data sets, this study is capable of providing empirical evidence that open source and closed source software development do not significantly differ in terms of vulnerability disclosure and vendors’ patching behavior—a phenomenon that has been widely assumed, but hardly investigated.

contributed article

DOI: 10.1145/1941487.1941517

Invisible Work in standard
Bibliometric evaluation
of Computer science

Jacques Wainer, Siome Goldenstein, and Cleo Billa

Multidisciplinary committees routinely make strategic decisions, rule on subjects ranging from faculty promotion to grant awards, and rank and compare scientists. Though they may use different criteria for evaluations in subjects as disparate as history and medicine, it seems logical for academic institutions to group together mathematics, computer science, and electrical engineering for comparative evaluation by these committees.

These evaluations will be more frequent as the number of scientists increases. Since the number of funding sources grows more slowly, and research practices vary among different subjects, using the same criteria in different areas may produce notable injustices. The ongoing discussion on CS research evaluation helps build the case for the CS community defending itself from expected injustices in future comparative evaluations.

Traditional assessment criteria are based on Thomson Reuters’ Web of Science (WoS) indexing service, quantifying the production and number of citations of individual scientists, university departments, whole universities, countries, and scientific areas.

Here, the authors provide some quantitative evidence of unfairness, defining researchers’ invisible work as an estimation of all their scientific publications not indexed by WoS or Scopus. Thus, the work is not counted as part of scientists’ standard bibliometric evaluations. To compare CS invisible work to that of physics, mathematics, and electrical engineering, they generated a controlled sample of 50 scientists from each of these fields and focused on the distribution of invisible work rate for each of them using statistical tests.