15 resultados para Airworthiness certificates.
em Universidad Politécnica de Madrid
Resumo:
Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certifícate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixedpoint) abstraction to the code consumer is that its validity is checked in a single pass of an abstract interpretation-based checker. A main challenge is to reduce the size of certificates as much as possible while at the same time not increasing checking time. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certifícate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. We also provide a correct checking algorithm together with sufficient conditions for ensuring its completeness. The experimental results within the CiaoPP system show that our proposal is able to greatly reduce the size of certificates in practice.
Resumo:
Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certifícate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixedpoint) abstraction to the code consumer is that its validity is checked in a single pass of an abstract interpretation-based checker. A main challenge is to reduce the size of certificates as much as possible while at the same time not increasing checking time. In this paper, we first introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certifícate in a single pass. Based on this notion, we then instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker.
Resumo:
Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certifícate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible while at the same time not increasing checking time. The intuitive idea is to only include in the certifícate information that the checker is unable to reproduce without iterating. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certifícate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify information which can be reconstructed by the single-pass checker. Finally, we study what the effects of reduced certificates are on the correctness and completeness of the checking process. We provide a correct checking algorithm together with sufficient conditions for ensuring its completeness. Our ideas are illustrated through a running example, implemented in the context of constraint logic programs, which shows that our approach improves state-of-the-art techniques for reducing the size of certificates.
Resumo:
La estrategia i2010 de la UE tiene como objetivo garantizar el liderazgo europeo en materia de TIC y poner los beneficios de la Sociedad de la Información al servicio de la economía, la sociedad y la calidad de vida personal, teniendo presente que los éxitos de Europa hasta la fecha se han basado en favorecer la competencia leal en los mercados de las telecomunicaciones y crear un mercado sin fronteras para contenidos y medios de comunicación digitales. En esta línea, la Comisión Europea ha establecido que los distintos estados miembros deben contribuir activamente al desarrollo y uso seguro de los servicios telemáticos entre sus ciudadanos. Más concretamente, atribuye a las Administraciones Públicas, tanto a nivel nacional, regional como local, un papel dinamizador de la Sociedad de la Información que les obliga a ofrecer paulatinamente todos los actos administrativos a los ciudadanos a través de Internet. Como primer paso para el uso seguro de los servicios telemáticos que ofrecen las instituciones públicas se hace preciso dotar a los ciudadanos de una identidad digital que les permita identificarse ante un Proveedor de Servicio o ante otros ciudadanos de manera inequívoca. Por esta razón, la mayoría de países europeos – y otros en el resto del mundo – están promoviendo, sistemas fiables de gestión de identidad electrónica (eIDM), de tal manera que los ciudadanos, las empresas y departamentos gubernamentales (incluso en Estados miembros diferentes) pueden identificar y certificar sus operaciones con precisión, rapidez y sencillez. Sin embargo, la gestión de esta identidad por las Administraciones Públicas supone un importante desafío, acentuado cuando se hace necesaria la interoperabilidad entre Administraciones de diferentes países, puesto que personas y entidades tienen credenciales de identificación diferentes en función de su propio marco jurídico nacional. Consciente del problema, en la Unión Europea se han puesto en marcha una serie de proyectos con el objetivo de conseguir la interoperabilidad de los eIDMs entre las instituciones públicas de diferentes Estados miembros. A pesar de ello, las soluciones adoptadas hasta la fecha son insuficientes porque no prevén todos los posibles casos de interacción del usuario con las instituciones. En concreto, no tienen en cuenta un aspecto muy importante que se ofrece en los distintos sistemas jurídicos nacionales, a saber, la delegación de la identidad, mediante la cual un ciudadano puede autorizar a otro para que actúe en su nombre para acceder a determinados servicios prestados por las instituciones públicas. En esta tesis se realizan un conjunto de aportaciones que dan solución a distintos aspectos de los problemas planteados y que, de forma conjunta, permiten la interoperabilidad y la delegación de identidad en determinados Sistemas de Gestión de Identidad aplicados al entorno de las Administraciones Públicas. En el caso de la delegación, se ha definido un sistema de delegación dinámica de identidad entre dos entidades genéricas que permite solucionar el problema del acceso delegado a los servicios telemáticos ofrecidos por las Administraciones Públicas. La solución propuesta se basa en la generación de un token de delegación, constituido a partir de un Certificado Proxy, que permite a la entidad que delega establecer la delegación de identidad en otra entidad en base a un subconjunto de sus atributos como delegador, estableciendo además, en el propio token de delegación, restricciones en el conjunto de servicios accesibles a la entidad delegada y el tiempo de validez de la delegación. Adicionalmente, se presentan los mecanismos necesarios tanto para poder revocar un token de delegación como para comprobar sin un token de delegación ha sido o no revocado. Para ello se propone una solución para la identificación unívoca de tokens de delegación y la creación de una nueva entidad denominada Autoridad de Revocación de Tokens de Delegación. Entre las características del sistema de delegación propuesto destaca el que es lo suficientemente seguro como para ser utilizado en el entorno de la Administración Pública, que no requiere el uso de mecanismos off‐line para la generación de la delegación y que se puede realizar la delegación de forma instantánea y sin la necesidad de trámites complejos o la participación de un elevado número de entidades. Adicionalmente, el token de delegación propuesto es perfectamente integrable en las infraestructura de clave pública actual lo que hace que, dado que gran parte de las Administraciones Públicas europeas basan sus sistemas de identidad digital en el uso de la PKI y certificados de identidad X.509, la solución pueda ser puesta en marcha en un entorno real sin necesidad de grandes cambios o modificaciones de comportamiento. En lo referente a la interoperabilidad, se realiza un análisis exhaustivo y la correspondiente evaluación de las principales propuestas de Sistemas de Gestión de Identidad orientados a conseguir la interoperabilidad realizadas hasta la fecha en el marco de la Unión Europea y se propone, a alto nivel, una arquitectura de interoperabilidad para la gestión de identidad en las Administraciones Públicas. Dicha arquitectura es lo suficientemente genérica como para poder ser aplicada tanto en el entorno pan‐Europeo como en los entornos nacionales, autonómicos y locales, de tal forma que la interoperabilidad en la gestión de la identidad esté garantizada en todos los niveles de la Administración Pública. Por último, mediante la integración de la solución de delegación dinámica de identidad y la arquitectura de interoperabilidad propuestas se presenta una solución al problema de la delegación en un escenario pan‐Europeo de gestión de identidad, dando lugar a una arquitectura global de interoperabilidad pan‐Europea con soporte a la delegación de identidad. SUMMARY The i2010 European Union Plan aims to ensure European leadership in ICT and to promote the positive contribution that information and communication technologies can make to the economic, social and personal quality of life, bearing in mind that, to date, success in Europe has been based on promoting fair competition in telecommunications markets and on creating a borderless market for contents and digital media. In this line, the European Commission has established that the different member states should contribute actively to the development and secure use of telematic services among their citizens. More specifically, it is attributed to national, regional and local Public Administrations to have a supportive role of the Information Society, requiring them to gradually provide the citizens with Internet‐based access to all administrative procedures acts. As a first step for the secure use of telematic services offered by public institutions, it is necessary to provide the citizens with a digital identity to enable them to identify themselves unequivocally to a Service Provider or to other citizens. For this reason, most European countries ‐ and others in the rest of the world ‐ are promoting reliable systems for managing electronic identity (eIDM), so that citizens, businesses and government departments (even in different Member States) can identify and certify their operations with precision, speed and simplicity. However, the identity management by Public Administrations is a major challenge that becomes more difficult when interoperability between administrations of different countries is needed, due to the fact that individuals and entities have different identification credentials according to their own national legal framework. Aware of the problem, the European Union has launched a series of projects with the aim of achieving interoperability of eIDMs between public institutions of different Member States. However, the solutions adopted to date are insufficient because they do not foresee all possible cases of user interaction with the institutions. In particular, solutions do not take into account a very important aspect that is offered in different national legal systems, namely, the delegation of identity, by which a citizen can authorize another to act on his/her behalf to access certain services provided by public institutions. In this thesis a collection of contributions that provide solution to different aspects of the aforementioned problems are carried out. The solutions, in global, enable interoperability and identity delegation in some of the Identity Management Systems applied to Public Administration environment. In the case of delegation, a dynamic identity delegation system between generic entities is defined. This system makes it possible to solve the problem of delegated access to telematic services offered by Public Administrations. The proposed solution is based on the generation of a piece of information called delegation token. This delegation token, derived from a Proxy Certificate, allows the establishment of identity delegation by an entity that delegates (delegator) in other entity (delegatee) making use of a subset of delegator attributes. It also establishes restrictions on services that can be used by the delegated entity and the expiry date of delegation. In addition to this, the mechanisms necessary to revoke and check the revocation status of a delegation token are presented. To do this, a solution to univocally identify delegation tokens and the creation of a completely new entity, called Token Delegation Revocation Authority, are proposed. The most remarkable characteristics of the proposed delegation system are its security, enough for it to be used in the Public Administration environment, the fact that it does not require off‐line processes in order to generate the delegation, and the possibility of performing the delegation instantaneously and without neither complex processes nor the intervention of a large number of entities. The proposed delegation token can be completely incorporated into current Public Key Infrastructure (PKI). Thus, since most of the European Public Administrations base their digital identity systems on PKI and X.509 identity certificates, the solution can be adopted in a real environment without great changes or performance modifications. Regarding interoperability, an exhaustive analysis and evaluation of most significant proposals on Identity Management Systems that aim to achieve interoperability carried out in the European Union framework until now are performed. A high level identity management interoperability architecture for Public Administrations is also proposed. This architecture is sufficiently generic to be applied to both pan‐European environment and national, regional or local environments, thus interoperability in identity management at all Public Administration levels is guaranteed. Finally, through the integration of the proposed dynamic identity delegation solution and the high level interoperability architecture, a solution to the problem of identity delegation in a pan‐European identity management environment is suggested, leading to a pan‐European global interoperability architecture with identity delegation support.
Resumo:
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certifícate (or proof). The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both to prove programs correct and to replace a costly verification process by an efñcient checking procedure on the consumer side. In this work we propose Abstraction-Carrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argüe that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safety policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certifícate. The validity of the abstraction on the consumer side is checked in a single-pass by a very efficient and specialized abstract-interpreter. We believe that ACC brings the expressiveness, flexibility and automation which is inherent in abstract interpretation techniques to the área of mobile code safety. We have implemented and benchmarked ACC within the Ciao system preprocessor. The experimental results show that the checking phase is indeed faster than the proof generation phase, and that the sizes of certificates are reasonable.
Resumo:
Current approaches to mobile code safety – inspired by the technique of Proof-Carrying Code (PCC) [4] – associate safety information (in the form of a certificate) to programs. The certificate (or proof) is created by the code supplier at compile time, and packaged along with the untrusted code. The consumer who receives the code+certificate package can then run a checker which, by a straightforward inspection of the code and the certificate, is able to verify the validity of the certificate and thus compliance with the safety policy. The main practical difficulty of PCC techniques is in generating safety certificates which at the same time: i) allow expressing interesting safety properties, ii) can be generated automatically and, iii) are easy and efficient to check.
Resumo:
Abstraction-Carrying Code (ACC) is a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible, while at the same time not increasing checking time. Intuitively, we only include in the certificate the information which the checker is unable to reproduce without iterating. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certificate in a single pass. Based on this notion, we show how to instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker.
Resumo:
CiaoPP is the abstract interpretation-based preprocessor of the Ciao multi-paradigm (Constraint) Logic Programming system. It uses modular, incremental abstract interpretation as a fundamental tool to obtain information about programs. In CiaoPP, the semantic approximations thus produced have been applied to perform high- and low-level optimizations during program compilation, including transformations such as múltiple abstract specialization, parallelization, partial evaluation, resource usage control, and program verification. More recently, novel and promising applications of such semantic approximations are being applied in the more general context of program development such as program verification. In this work, we describe our extensión of the system to incorpórate Abstraction-Carrying Code (ACC), a novel approach to mobile code safety. ACC follows the standard strategy of associating safety certificates to programs, originally proposed in Proof Carrying- Code. A distinguishing feature of ACC is that we use an abstraction (or abstract model) of the program computed by standard static analyzers as a certifícate. The validity of the abstraction on the consumer side is checked in a single-pass by a very efficient and specialized abstractinterpreter. We have implemented and benchmarked ACC within CiaoPP. The experimental results show that the checking phase is indeed faster than the proof generation phase, and that the sizes of certificates are reasonable. Moreover, the preprocessor is based on compile-time (and run-time) tools for the certification of CLP programs with resource consumption assurances.
Resumo:
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which the code supplier augments the program with a certifícate (or proof). The intended benefit is that the program consumer can locally validate the certifícate w.r.t. the "untrusted" program by means of a certifícate checker—a process which should be much simpler, eíñcient, and automatic than generating the original proof. Abstraction Carrying Code (ACC) is an enabling technology for PCC in which an abstract model of the program plays the role of certifícate. The generation of the certifícate, Le., the abstraction, is automatically carried out by an abstract interpretation-based analysis engine, which is parametric w.r.t. different abstract domains. While the analyzer on the producer side typically has to compute a semantic fixpoint in a complex, iterative process, on the receiver it is only necessary to check that the certifícate is indeed a fixpoint of the abstract semantics equations representing the program. This is done in a single pass in a much more efficient process. ACC addresses the fundamental issues in PCC and opens the door to the applicability of the large body of frameworks and domains based on abstract interpretation as enabling technology for PCC. We present an overview of ACC and we describe in a tutorial fashion an application to the problem of resource-aware security in mobile code. Essentially the information computed by a cost analyzer is used to genérate cost certificates which attest a safe and efficient use of a mobile code. A receiving side can then reject code which brings cost certificates (which it cannot validate or) which have too large cost requirements in terms of computing resources (in time and/or space) and accept mobile code which meets the established requirements.
Resumo:
Distributed parallel execution systems speed up applications by splitting tasks into processes whose execution is assigned to different receiving nodes in a high-bandwidth network. On the distributing side, a fundamental problem is grouping and scheduling such tasks such that each one involves sufñcient computational cost when compared to the task creation and communication costs and other such practical overheads. On the receiving side, an important issue is to have some assurance of the correctness and characteristics of the code received and also of the kind of load the particular task is going to pose, which can be specified by means of certificates. In this paper we present in a tutorial way a number of general solutions to these problems, and illustrate them through their implementation in the Ciao multi-paradigm language and program development environment. This system includes facilities for parallel and distributed execution, an assertion language for specifying complex programs properties (including safety and resource-related properties), and compile-time and run-time tools for performing automated parallelization and resource control, as well as certification of programs with resource consumption assurances and efñcient checking of such certificates.
Resumo:
Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixpoint analyzer. The advantage of providing a (fixpoint) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible while at the same time not increasing checking time. The intuitive idea is to only include in the certificate information that the checker is unable to reproduce without iterating. We introduce the notion of reduced certificate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the fall certificate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. Interestingly, the fact that the reduced certificate omits (parts of) the abstraction has implications in the design of the checker. We provide the sufficient conditions which allow us to ensure that 1) if the checker succeeds in validating the certificate, then the certificate is valid for the program (correctness) and 2) the checker will succeed for any reduced certificate which is valid (completeness). Our approach has been implemented and benchmarked within the CiaoPP system. The experimental results show t h a t our proposal is able to greatly reduce the size of certificates in practice. To appear in Theory and Practice of Logic Programming (TPLP).
Resumo:
This paper presents the results obtained with a new agent-based computer model that can simulate the evacuation of narrow-body transport airplanes in the conditions prescribed by the airworthiness regulations for certification. The model, described in detail in a former paper, has been verified with real data of narrow-body certification demonstrations. Numerical simulations of around 20 narrow-body aircraft, representative of current designs in various market segments, show the capabilities of the model and provide relevant information on the relationship between cabin features and emergency evacuation. The longitudinal location of emergency exits seems to be even more important than their size or the overall margin with respect to the prescribed number and type of exits indicated by the airworthiness requirements
Resumo:
El uso de Internet por parte de los ciudadanos para relacionarse con las Administraciones Públicas o en relación con actividades de comercio electrónico crece día a día. Así lo evidencian los diferentes estudios realizados en esta materia, como los que lleva a cabo el Observatorio Nacional de las Telecomunicaciones y la Sociedad de la Información (http://www.ontsi.red.es/ontsi/). Se hace necesario, por tanto, identificar a las partes intervinientes en estas transacciones, además de dotarlas de la confidencialidad necesaria y garantizar el no repudio. Uno de los elementos que, junto con los mecanismos criptográficos apropiados, proporcionan estos requisitos, son los certificados electrónicos de servidor web. Existen numerosas publicaciones dedicadas a analizar esos mecanismos criptográficos y numerosos estudios de seguridad relacionados con los algoritmos de cifrado, simétrico y asimétrico, y el tamaño de las claves criptográficas. Sin embargo, la seguridad relacionada con el uso de los protocolos de seguridad SSL/TLS está estrechamente ligada a dos aspectos menos conocidos: el grado de seguridad con el que se emiten los certificados electrónicos de servidor que permiten implementar dichos protocolos; y el uso que hacen las aplicaciones software, y en especial los navegadores web, de los campos que contiene el perfil de dichos certificados. Por tanto, diferentes perfiles de certificados electrónicos de servidor y diferentes niveles de seguridad asociados al procedimiento de emisión de los mismos, dan lugar a diferentes tipos de certificados electrónicos. Si además se considera el marco jurídico que afecta a cada uno de ellos, se puede concluir que existe una tipología de certificados de servidor, con diferentes grados de seguridad o de confianza. Adicionalmente, existen otros requisitos que también pueden pasar desapercibidos tanto a los titulares de los certificados como a los usuarios de los servicios de comercio electrónico y administración electrónica. Por ejemplo, el grado de confianza que otorgan los navegadores web a las Autoridades de Certificación emisoras de los certificados y cómo estas adquieren tal condición, o la posibilidad de poder verificar el estado de revocación del certificado electrónico. El presente trabajo analiza todos estos requisitos y establece, en función de los mismos, la correspondiente tipología de certificados electrónicos de servidor web. Concretamente, las características a analizar para cada tipo de certificado son las siguientes: Seguridad jurídica. Normas técnicas. Garantías sobre la verdadera identidad del dominio. Verificación del estado de revocación. Requisitos del Prestador de Servicios de Certificación. Los tipos de certificados electrónicos a analizar son: Certificados de servidor web: Certificados autofirmados y certificados emitidos por un Prestador de Servicios de Certificación. Certificados de dominio simple y certificados multidominio (wildcard y SAN) Certificados de validación extendida. Certificados de sede electrónica. ABSTRACT Internet use by citizens to interact with government or with e-commerce activities is growing daily. This topic is evidenced by different studies in this area, such as those undertaken by the Observatorio Nacional de las Telecomunicaciones y la Sociedad de la Información (http://www.ontsi.red.es/ontsi/ ). Therefore, it is necessary to identify the parties involved in these transactions, as well as provide guaranties such as confidentiality and non-repudiation. One instrument which, together with appropriate cryptographic mechanisms, provides these requirements is SSL electronic certificate. There are numerous publications devoted to analyzing these cryptographic mechanisms and many studies related security encryption algorithms, symmetric and asymmetric, and the size of the cryptographic keys. However, the safety related to the use of security protocols SSL / TLS is closely linked to two lesser known aspects: the degree of security used in issuing the SSL electronic certificates; and the way software applications, especially web Internet browsers, work with the fields of the SSL certificates profiles. Therefore, the diversity of profiles and security levels of issuing SSL electronic certificates give rise to different types of certificates. Besides, some of these electronic certificates are affected by a specific legal framework. Consequently, it can be concluded that there are different types of SSL certificates, with different degrees of security or trustworthiness. Additionally, there are other requirements that may go unnoticed both certificate holders and users of e-commerce services and e-Government. For example, the degree of trustworthiness of the Certification Authorities and how they acquire such a condition by suppliers of Internet browsers, or the possibility to verify the revocation status of the SSL electronic certificate. This paper discusses these requirements and sets, according to them, the type of SSL electronic certificates. Specifically, the characteristics analyzed for each type of certificate are the following: Legal security. Technical standards. Guarantees to the real identity of the domain. Check the revocation status. Requirements of the Certification Services Providers. The types of electronic certificates to be analyzed are the following: SSL electronic certificates: Self-signed certificates and certificates issued by a Certification Service Provider. Single-domain certificates and multi-domain certificates (wildcard and SAN) Extended Validation Certificates. “Sede electrónica” certificates (specific certificates for web sites of Spanish Public Administrations).
Resumo:
La progresiva internacionalización de las universidades españolas convierte a estas organizaciones en escenarios plurilingües. El español convive en ellos con otras lenguas, en especial el inglés, como vehículo de acceso y transmisión de conocimiento especializado. Esto requiere un proceso de alfabetización académica en lengua extranjera que tendrían que asumir las universidades de acogida, con objeto de preservar a los alumnos de los fracasos en los programas internacionales. Por el momento, en España, los programas de grado o de posgrado no establecen filtros con umbrales lingüísticos mínimos de acceso, a excepción de algunas universidades que se limitan a requerir certificados de grado de dominio del español general. No existen exámenes públicos de ingreso, o exámenes propios de postadmisión, que evalúen la habilidad lingüística comunicativa en contextos académicos. En este trabajo, se parte de la hipótesis de que los exámenes que certifican un grado de dominio de español general no sirven al propósito de discriminar a los alumnos capaces de seguir con éxito los programas de las universidades. Para verificarla, se desarrolla una prueba de examen específica que mida la capacidad de emplear el español en contextos académicos. La prueba se centra en las tareas que se revelan, en una primera fase exploratoria de la investigación, como más necesarias en lo que se refiere al uso del español como lengua vehicular: las clases magistrales. Una vez pilotada, se administró junto con otras destinadas a evaluar el grado de dominio de la lengua en contextos generales. Los resultados obtenidos del contraste de estas mediciones y de diversos análisis de los datos arrojan evidencias de que este tipo de prueba mide un constructo específico: la habilidad de uso del español en contextos académicos. ABSTRACT The progressive internationalization of Spanish universities has transformed these organizations into plurilingual scenarios. Spanish lives in them sharing the stage with other languages, especially English, as a means of access and transmission of expert knowledge. This requires a process of academic literacy in foreign language that host universities should assume, in order to safeguard students from failures in international programs. At the moment, in Spain, undergraduate or graduate programs do not set filters with minimum language requirements to gain access, except for some universities that merely require certificates of general Spanish. There are no Spanish language public admission exams, or post-enrollment tests of their own, to assess the communicative language ability of foreign students in academic contexts. In this dissertation, we start from the hypothesis that those tests that certify the student degree of mastery of the Spanish language do not serve the purpose of discriminating against students capable of successfully pursuing university programs. To prove it, a specific test that measures the ability to use Spanish in academic contexts was developed. This language test focused on the tasks associated with the most common genre, which revealed prominent in a first exploratory phase of the investigation, related to the use of Spanish as a means of instruction: university lectures. Once piloted, the test was administered along with others designed to assess the degree of mastery of the language in general contexts. Contrast results of these measurements and various analyzes of the data showed evidence that this type of test measures a specific construct: the ability to use Spanish in academic contexts.
Resumo:
La propuesta del trabajo de fin de grado escogida por el autor del proyecto se basa en la continuación del proyecto comenzado durante la asignatura de Prácticum del pasado semestre. El nacimiento del mismo se gestó en una pequeña empresa de consultoría llamada ‘Grupo Develop’ (en la sección ‘Entidad colaboradora y ubicación’ se describe más detalladamente la organización) situada al este de Madrid, una organización con carácter de fundación y dedicada, esencialmente, al sector de la consultoría en el sector de la calidad. Grupo Develop necesitaba aprovechar la utilidad de las nuevas tecnologías para ofrecer un nuevo y mejor servicio para sus clientes mediante un proyecto que fuera dirigido y llevado a cabo por un ingeniero informático. Partiendo de este contexto se vislumbró un proyecto consistente en diseñar, desplegar, programar y mantener una plataforma-sistema informático capaz de ayudar a las organizaciones (en este caso particular la mayoría son organizaciones sin ánimo de lucro) a gestionarse mejor de acuerdo a distintos modelos de calidad como pueden ser el EFQM1 o ISO. Además, la certificación en ambos modelos son cada vez más demandados como garantía de calidad por organismos públicos y privados e incluso por los clientes. Por lo tanto, este programa debe llegar a ser una herramienta que realmente apoye a cada entidad a elaborar un diagnóstico de su gestión y, por supuesto, debe conseguir acercar a estas empresas a los certificados más prestigiosos. Desde el punto de vista de un profesional del sector de la informática, el proyecto se estructura de una forma clara en una arquitectura cliente-servidor clásica donde todas las entidades (de momento 15) han participado de forma activa y paralela al desarrollo del proyecto. Si bien es cierto que esto ha ralentizado notablemente el desarrollo del proyecto y ha requerido una sincronización entre dos proyectos paralelos (uno para el despliegue y otro para el desarrollo).---ABSTRACT---The proposal of my graduation work is a continuation of the project that I already started in the Practicum subject the first part of the academic year. The birth of that project arose in a small consulting firm (Grupo Develop) in the east of Madrid, an organization that at the same time is incorporated as a Foundation. This organization works with different NGO´s and their work covers the Quality Consulting Sector. Grupo Develop needed to use new technologies to give a new and best service to our customers through a project managed by a person trained in the computer science area. Starting from this context, Grupo Develop saw a new opportunity to create a project to design, deploy and maintain a platform-system that can help our customers (in this case the organizations are often organizations from the Third Sector) to get a best management in some Norms or Models like ISO or EFQM. Also in some cases the Certifications of any of these models are increasingly demanded as quality assurance by public entities, privates and even by clients. Therefore, this program should be a tool that helps to any organization to make a diagnosis of their management and, of course, should close to these companies to the most prestigious Certificates. From a point of view of a computer science student, the software project has a defined structure in a classic client-server model where all the organizations (15) have actively participated in parallel mode to the development of the project. It is true that the involvement of the organizations has slowed the development of the project so I had to create two projects (one for the different organizations and the other one to develop the major improvements).
