Abstract
The choice of password composition policy to enforce on a password-protected system represents a critical security decision, and has been shown to significantly affect the vulnerability of user-chosen passwords to guessing attacks. In practice, however, this choice is not usually rigorous or justifiable, with a tendency for system administrators to choose password composition policies based on intuition alone. In this work, we propose a novel methodology that draws on password probability distributions constructed from large sets of real-world password data which have been filtered according to various password composition policies. Password probabilities are then redistributed to simulate different user password reselection behaviours in order to automatically determine the password composition policy that will induce the distribution of user-chosen passwords with the greatest uniformity, a metric which we show to be a useful proxy to measure overall resistance to password guessing attacks. Further, we show that by fitting power-law equations to the password probability distributions we generate, we can justify our choice of password composition policy without any direct access to user password data. Finally, we present Skeptic - -a software toolkit that implements this methodology, including a DSL to enable system administrators with no background in password security to compare and rank password composition policies without resorting to expensive and time-consuming user studies. Drawing on 205,176,321 passwords across 3 datasets, we lend validity to our approach by demonstrating that the results we obtain align closely with findings from a previous empirical study into password composition policy effectiveness. © 2020 ACM.

Abstract
Nowadays the use of container technologies is ubiquitous and thus the need to make them secure arises. Container technologies such as Docker provide several options to better improve container security, one of those is the use of a Seccomp profile. A major problem with these profiles is that they are hard to maintain because of two different factors: they need to be updated quite often and present a complex and time consuming task to determine exactly what to update, therefore not many people use them. The research goal of this paper is to make Seccomp profiles a viable technique in a production environment by proposing a reliable method to generate custom Seccomp profiles for arbitrary containerized application. This research focused on developing a solution with few requirements allowing for an easy integration with any environment with no human intervention. Results show that using a custom Seccomp profile can mitigate several attacks and even some zero day vulnerabilities on containerized applications. This represents a big step forward on using Seccomp in a production environment, which would benefit users worldwide.

Abstract
The collaboration between humans and machines, where humans can share the same work environment without safety equipment due to the collision avoidance characteristic is one of the research topics for the Industry 4.0. This work proposes a system that acquires the space of the environment through an RGB-Depth sensor, verifies the free spaces in the created Point Cloud and executes the trajectory of the collaborative manipulator avoiding collisions. It is demonstrated a simulated environment before the system in real situations, in which the movements of pick-and-place tasks are defined, diverting from virtual obstacles with the RGB-Depth sensor. It is possible to apply this system in real situations with obstacles and humans, due to the results obtained in the simulation. The basic structure of the system is supported by the ROS software, in particular, the MoveIt! and Rviz. These tools serve both for simulations and for real applications. The obtained results allow to validate the system using the algorithms PRM and RRT, chosen for being commonly used in the field of robot path planning.

Abstract

Abstract
The purpose of this article is to describe the process of forming intersectoral partnerships in social innovation initiatives in Portugal. The methodological approach used was the qualitative study of multiple cases through a triangulated analysis of the data. This resulted in a set of interrelated categories explaining the formation process of the partnerships: formation of the partners, means of identification, motivation of the partners to form the partnership, criteria for forming the partnership, determining factors, facilitators, and training process. We discuss the implications of this process and foment some strategies to support the development of intersectoral partnerships for social innovation initiatives.

Abstract
Office buildings consume a significant amount of energy that can be reduced through behavioral change. Gamification offers the means to influence the energy consumption related to the activities of the office users. This paper presents a new mobile gamification platform to foster the adoption of energy efficient behaviors in office buildings. The gamification platform is a mobile application with multiple types of dashboards, such as (1) an information dashboard to increase the awareness of the users about their energy consumption and footprint, (2) a gaming dashboard to engage users in real-time energy efficiency competitions, (3) a leaderboard to promote peer competition and comparison, and (4) a message dashboard to send tailor-made messages about energy efficiency opportunities. The engagement and gamification strategies embedded in these dashboards exploit economic, environmental, and social motivations to stimulate office users to adopt energy efficient behaviors without compromising their comfort and autonomy levels. The gamification platform was demonstrated in an office building environment. The results suggest electricity savings of 20%. © 2020 Elsevier B.V.