DFMA- Analysis and Aspects of Applying Internet Based Collaborative Design for Axial Eccentric Oil-Pump Design

The integrated system of design for manufacturing and assembly (DFMA) and internet based collaborative design are presented to support product design, manufacturing process, and assembly planning for axial eccentric oil-pump design. The presented system manages and schedules group oriented collaborative activities. The design guidelines of internet based collaborative design & DFMA are expressed. The components and the manufacturing stages of axial eccentric oil-pump are expressed in detail. The file formats of the presented system include the data types of collaborative design of the product, assembly design, assembly planning and assembly system design. Product design and assembly planning can be operated synchronously and intelligently and they are integrated under the condition of internet based collaborative design and DFMA. The technologies of collaborative modelling, collaborative manufacturing, and internet based collaborative assembly for the specific pump construction are developed. A seven-security level is presented to ensure the security of the internet based collaborative design system.

Uudet Internet -kehitysvälineet.

Diplomityön tavoitteena on tutkia uusia Internet-kehitysvälineitä ja arvioida näiden soveltuvuutta eri käyttötarkoituksiin. Tarkasteltavana ja testattavana on kaksi hieman erilaista välinettä, SilverStream ja WebSphere. Kehitysvälineitä arvioidaan työssä käyttämällä mm. seuraavia kriteereitä: skaalautuvuus, tietoturva, teknologiaratkaisut, avoimuus, hallittavuus ja suorituskyky. Lisäksi työn lopussa verrataan välineitä keskenään saatujen tulosten perusteella.

Internet-palveluntarjoajan tietoturva

Internet on levinnyt viime vuosina voimakkaasti ja samalla sen tietoturvallisuus on noussut erittäin tärkeäksi tekijäksi. Olen tietoturvallisuuteen liittyvien työtehtävieni ohessa kirjoittanut keräämääni teoriatietoa ja tekemiäni toimenpiteitä diplomityön muotoon. Diplomityön tavoitteena on antaa yleiskuva internet-palveluntarjoajan tietoturvallisuudesta ja sen hallinnasta. Työssä käsitellään tietoturvallisuuskäsitettä, hallinnollista ja teknistä tietoturvallisuutta sekä tietoturvallisuuden taloudellisia vaikutuksia. Tietoturvallisuus on yrityksen henkilökunnan ja teknisten ratkaisujen yhteistoimintaa yrityksen tietojen turvaamiseksi sekä yrityksen sisäisten että yrityksen ulkopuolisten uhkien varalta. Tietoturvallisuus on niin vahva kuin sen heikoin lenkki, joten tietoturvallisuuden huolehtimiseen tarvitaan koko yrityksen henkilöstön panosta. Työn tavoitteena on parantaa kohdeyrityksen tietoturvallisuutta ja tuoda esiin ne heikot kohdat, joiden parantamiseen täytyy saada yrityksen johdolta lisää resursseja. Aukotonta turvallisuutta ei kannata tavoitella, vaan yrityksen tulee pyrkiä minimoimaan tietoturvallisuuden kokonaiskustannukset.

Security in multicast communication

Multicast is one method to transfer information in IPv4 based communication. Other methods are unicast and broadcast. Multicast is based on the group concept where data is sent from one point to a group of receivers and this remarkably saves bandwidth. Group members express an interest to receive data by using Internet Group Management Protocol and traffic is received by only those receivers who want it. The most common multicast applications are media streaming applications, surveillance applications and data collection applications. There are many data security methods to protect unicast communication that is the most common transfer method in Internet. Popular data security methods are encryption, authentication, access control and firewalls. The characteristics of multicast such as dynamic membership cause that all these data security mechanisms can not be used to protect multicast traffic. Nowadays the protection of multicast traffic is possible via traffic restrictions where traffic is allowed to propagate only to certain areas. One way to implement this is packet filters. Methods tested in this thesis are MVR, IGMP Filtering and access control lists which worked as supposed. These methods restrict the propagation of multicast but are laborious to configure in a large scale. There are also a few manufacturerspecific products that make possible to encrypt multicast traffic. These separate products are expensive and mainly intended to protect video transmissions via satellite. Investigation of multicast security has taken place for several years and the security methods that will be the results of the investigation are getting ready. An IETF working group called MSEC is standardizing these security methods. The target of this working group is to standardize data security protocols for multicast during 2004.

Internet Turvallisuus ja GOST Algoritmit

Tämä tutkimus keskittyy Venäjän kryptografian standardeihin ja niiden toteutukseen sertifioiduissa tuotteissa. Tässä työssä myös pohditaan menetelmiä, jotka parantavat suorituskykyä. Tutkimus jatkuu turvallisuuspalveluiden toimittajien vertailulla niitten saadun sertifikaattimäärän perusteella. Tämä auttaa arvioimaan Venäjän nykyistä markkinatilannetta. Sen lisäksi työssä kuvataan venäläisten algoritmien integraatiota TLS-, PKI- ja IKEv1-protokolleihin. Tavoitteena on protokollien yhteensopivuus erilaisiin tuotteisiin. Diplomityötä jatketaan tutkimalla IKEv2-protokolan integroinnin vaatimuksia. Lopuksi diplomityössä todetaan, että venäläiset algoritmit ovat turvallisia ja standardisointi auttaa ulkomaisia yrityksiä saamaan tarvittavat sertifikaatit.

Implementing NX Remote Desktop technology in the LTSP system

This project focuses on studying and testing the benefits of the NX Remote Desktop technology in administrative use for Finnish Meteorological Institutes existing Linux Terminal Service Project environment. This was done due to the criticality of the system caused by growing number of users as the Linux Terminal Service Project system expands. Although many of the supporting tasks can be done via Secure Shell connection, testing graphical programs or desktop behaviour in such a way is impossible. At first basic technologies behind the NX Remote Desktop were studied, and after that started the testing of two possible programs, FreeNX and NoMachine NX server. Testing the functionality and bandwidth demands were first done in a closed local area network, and results were studied. The better candidate was then installed in a virtual server simulating actual Linux Terminal Service Project server at Finnish Meteorological Institute and connection from Internet was tested to see was there any problems with firewalls and security policies. The results are reported in this study. Studying and testing the two different candidates of NX Remote Desktop showed, that NoMachine NX Server provides better customer support and documentation. Security aspects of the Finnish Meteorological Institute had also to be considered, and since updates along with the new developing tools are announced in next version of the program, this version was the choice. Studies also show that even NoMachine promises a swift connection over an average of 20Kbit/s bandwidth, at least double of that is needed. This project gives an overview of available remote desktop products along their benefits. NX Remote Desktop technology is studied, and installation instructions are included. Testing is done in both, closed and the actual environment and problems and suggestions are studied and analyzed. The installation to the actual LTSP server is not yet made, but a virtual server is put up in the same place in the view of network topology. This ensures, that if the administrators are satisfied with the system, installation and setting up the system will go as described in this report.