53 resultados para bare public-key model
em Doria (National Library of Finland DSpace Services) - National Library of Finland, Finland
Resumo:
Arvokasta tai luottamuksellista tietoa käsittelevien palveluiden, kuten pankki- ja kauppa-palveluiden, tarjoaminen julkisessa Internet-verkossa on synnyttänyt tarpeen vahvalle todennukselle, eli käyttäjien tunnistuksen varmistamiselle. Vahvassa todennuksessa käytetään salaus-menetelmien tarjoamia keinoja todennus-tapahtuman tieto-turvan parantamiseen heikkoihin todennusmenetelmiin nähden. Todennusta käyttäjätunnus-salasana-yhdistelmällä voidaan pitää heikkona menetelmänä. Julkisen avaimen järjestelmän varmenteita voidaan käyttää WWW-ympäristössä toimivissa palveluissa yhteyden osapuolten todentamiseen. Tässä työssä suunniteltiin vahva käyttäjän todennus julkisen avaimen järjestelmällä WWW-ympäristössä tarjottavalle palvelulle ja toteutettiin palvelun tarjoavan sovelluksen komponentiksi soveltuva yksinkertainen varmentaja OpenSSL-salaustyökalupaketin avulla. Työssä käydään läpi myös salauksen perusteet, julkisen avaimen järjestelmä ja esitellään olemassaolevia varmentajatoteutuksia ja mahdollisia tieto-turva-uhkia Vahva todennus tulee suunnitella siten, että palvelun käyttäjä ymmärtää, mikä tarkoitus hänen toimillaan on ja miten ne edistävät tietoturvaa. Internet-palveluissa käyttäjän vahva todennus ei ole yleistynyt huonon käytettävyyden vuoksi.
Resumo:
Lyhyen kantaman radiotekniikoiden hyödyntäminen mahdollistaa uudenlaisten paikallisten palveluiden käytön ja vanhojen palveluiden kehittämisen. Kulunvalvonta on päivittäisenä palveluna valittu työn esimerkkisovellukseksi. Useita tunnistus- ja valtuutustapoja tutkitaan, ja julkisen avaimen infrastruktuuri on esitellään tarkemmin. Langattomat tekniikat Bluetooth, Zigbee, RFID ja IrDA esitellän yleisellä tasolla langattomat tekniikat –luvussa. Bluetooth-tekniikan rakennetta, mukaan lukien sen tietoturva-arkkitehtuuria, tutkitaan tarkemmin. Bluetooth-tekniikkaa käytetään työssä suunnitellun langattoman kulunvalvontajärjestelmän tietojen siirtoon. Kannettava päätelaite toimii käyttäjän henkilökohtaisena luotettuna laitteena, jota voi käyttää avaimena. Käyttäjän tunnistaminen ja valtuuttaminen perustuu julkisen avaimen infrastruktuuriin. Ylläpidon allekirjoittamat varmenteet sisältävät käyttäjän julkisen avaimen lisäksi tietoa hänestä ja hänen oikeuksistaan. Käyttäjän tunnistaminen kulunvalvontapisteissä tehdään julkisen ja salaisen avaimen käyttöön perustuvalla haaste-vastaus-menetelmällä. Lyhyesti, järjestelmässä käytetään Bluetooth-päätelaitteita langattomina avaimina.
Resumo:
The basic goal of this study is to extend old and propose new ways to generate knapsack sets suitable for use in public key cryptography. The knapsack problem and its cryptographic use are reviewed in the introductory chapter. Terminology is based on common cryptographic vocabulary. For example, solving the knapsack problem (which is here a subset sum problem) is termed decipherment. Chapter 1 also reviews the most famous knapsack cryptosystem, the Merkle Hellman system. It is based on a superincreasing knapsack and uses modular multiplication as a trapdoor transformation. The insecurity caused by these two properties exemplifies the two general categories of attacks against knapsack systems. These categories provide the motivation for Chapters 2 and 4. Chapter 2 discusses the density of a knapsack and the dangers of having a low density. Chapter 3 interrupts for a while the more abstract treatment by showing examples of small injective knapsacks and extrapolating conjectures on some characteristics of knapsacks of larger size, especially their density and number. The most common trapdoor technique, modular multiplication, is likely to cause insecurity, but as argued in Chapter 4, it is difficult to find any other simple trapdoor techniques. This discussion also provides a basis for the introduction of various categories of non injectivity in Chapter 5. Besides general ideas of non injectivity of knapsack systems, Chapter 5 introduces and evaluates several ways to construct such systems, most notably the "exceptional blocks" in superincreasing knapsacks and the usage of "too small" a modulus in the modular multiplication as a trapdoor technique. The author believes that non injectivity is the most promising direction for development of knapsack cryptosystema. Chapter 6 modifies two well known knapsack schemes, the Merkle Hellman multiplicative trapdoor knapsack and the Graham Shamir knapsack. The main interest is in aspects other than non injectivity, although that is also exploited. In the end of the chapter, constructions proposed by Desmedt et. al. are presented to serve as a comparison for the developments of the subsequent three chapters. Chapter 7 provides a general framework for the iterative construction of injective knapsacks from smaller knapsacks, together with a simple example, the "three elements" system. In Chapters 8 and 9 the general framework is put into practice in two different ways. Modularly injective small knapsacks are used in Chapter 9 to construct a large knapsack, which is called the congruential knapsack. The addends of a subset sum can be found by decrementing the sum iteratively by using each of the small knapsacks and their moduli in turn. The construction is also generalized to the non injective case, which can lead to especially good results in the density, without complicating the deciphering process too much. Chapter 9 presents three related ways to realize the general framework of Chapter 7. The main idea is to join iteratively small knapsacks, each element of which would satisfy the superincreasing condition. As a whole, none of these systems need become superincreasing, though the development of density is not better than that. The new knapsack systems are injective but they can be deciphered with the same searching method as the non injective knapsacks with the "exceptional blocks" in Chapter 5. The final Chapter 10 first reviews the Chor Rivest knapsack system, which has withstood all cryptanalytic attacks. A couple of modifications to the use of this system are presented in order to further increase the security or make the construction easier. The latter goal is attempted by reducing the size of the Chor Rivest knapsack embedded in the modified system. '
Resumo:
Tämä työ tehtiin globaaliin elektroniikka-alan yritykseen. Diplomityö liittyy haasteeseen, jonka lisääntynyt globalisaatio ja kiristyvä kilpailu ovat luoneet: case yrityksen on selvitettävä kuinka se voi saavuttaa kasvutavoitteet myös tulevaisuudessa hankkimalla uusia asiakkaita ja olemalla yhä enenevissä määrin maailmanlaajuisesti läsnä. Tutkimuksen tavoite oli löytää sopiva malli potentiaalisten avainasiakkaiden identifiointiin ja valintaan, sekä testata ja modifioida valittua mallia case yrityksen tarpeiden mukaisesti. Erityisesti raakadatan kerääminen, asiakkaiden houkuttelevuuskriteerit ja kohdemarkkinarako olivat asioita, jotka tarvitsivat tutkimuksessa huomiota. Kirjallisuuskatsauksessa keskityttiin yritysmarkkinoihin, eri asiakassuhteenhallinnan lähestymistapoihin ja avainasiakkaiden määrittämiseen. CRM:n, KAM:n ja Customer Insight-ajattelun perusteet esiteltiin yhdessä eri avainasiakkaiden identifiointimallien kanssa. Valittua Chevertonin mallia testattiin ja muokattiin työn empiirisessä osassa. Tutkimuksen empiirinen kontribuutio on modifioitu malli potentiaalisten avainasiakkaiden identifiointiin. Se auttaa päätöksentekijöitä etenemään systemaattisesti ja organisoidusti askel askeleelta kohti potentiaalisten asiakkaiden listaa tietyltä markkina-alueelta. Työ tarjoaa työkalun tähän prosessiin sekä luo pohjaa tulevaisuuden tutkimukselle ja toimenpiteille.
Resumo:
The objective of the dissertation is to examine organizational responses of public actors to customer requirements which drive the transformation of value networks and promote public-private partnership in the electricity distribution industry and elderly care sectors. The research bridges the concept of offering to value networks where capabilities can be acquired for novel product concepts. The research contributes to recent literature, re-examining theories on interactions of customer requirements and supply management. A critical realist case study approach is applied to this abductive the research which directs to describe causalities in the analyzed phenomena. The presented evidence is based on three sources, which are in-depth interviews, archival analysis and the Delphi method. Service provision requires awareness on technology and functionalities of offering. Moreover, service provision includes interactions of multiple partners, which suggests the importance of the co-operative orientation of actors. According to the findings,portfolio management has a key role when intelligent solutions are implemented in public service provision because its concepts involve a variety of resources from multiple suppliers. However, emergent networks are not functional if they lack leaders who have access to the customer interface, have power to steer networks and a capability to build offerings. Public procurement policies were recognized to focus on a narrow scope in which price is a key factor in decisions. In the future, the public sector has to implement technology strategies and portfolio management, which mean longterm platform development and commitment to partnerships. On the other hand, the service providers should also be more aware of offerings into which their products will be integrated in the future. This requires making the customer’s voice in product development and co-operation in order to increase the interconnectivity of products.
Resumo:
Phenomena in cyber domain, especially threats to security and privacy, have proven an increasingly heated topic addressed by different writers and scholars at an increasing pace – both nationally and internationally. However little public research has been done on the subject of cyber intelligence. The main research question of the thesis was: To what extent is the applicability of cyber intelligence acquisition methods circumstantial? The study was conducted in sequential a manner, starting with defining the concept of intelligence in cyber domain and identifying its key attributes, followed by identifying the range of intelligence methods in cyber domain, criteria influencing their applicability, and types of operatives utilizing cyber intelligence. The methods and criteria were refined into a hierarchical model. The existing conceptions of cyber intelligence were mapped through an extensive literature study on a wide variety of sources. The established understanding was further developed through 15 semi-structured interviews with experts of different backgrounds, whose wide range of points of view proved to substantially enhance the perspective on the subject. Four of the interviewed experts participated in a relatively extensive survey based on the constructed hierarchical model on cyber intelligence that was formulated in to an AHP hierarchy and executed in the Expert Choice Comparion online application. It was concluded that Intelligence in cyber domain is an endorsing, cross-cutting intelligence discipline that adds value to all aspects of conventional intelligence and furthermore that it bears a substantial amount of characteristic traits – both advantageous and disadvantageous – and furthermore that the applicability of cyber intelligence methods is partly circumstantially limited.
Resumo:
The investments have always been considered as an essential backbone and so-called ‘locomotive’ for the competitive economies. However, in various countries, the state has been put under tight budget constraints for the investments in capital intensive projects. In response to this situation, the cooperation between public and private sector has grown based on public-private mechanism. The promotion of favorable arrangement for collaboration between public and private sectors for the provision of policies, services, and infrastructure in Russia can help to address the problems of dry ports development that neither municipalities nor the private sector can solve alone. Especially, the stimulation of public-private collaboration is significant under the exposure to externalities that affect the magnitude of the risks during all phases of project realization. In these circumstances, the risk in the projects also is becoming increasingly a part of joint research and risk management practice, which is viewed as a key approach, aiming to take active actions on existing global and specific factors of uncertainties. Meanwhile, a relatively little progress has been made on the inclusion of the resilience aspects into the planning process of a dry ports construction that would instruct the capacity planner, on how to mitigate the occurrence of disruptions that may lead to million dollars of losses due to the deviation of the future cash flows from the expected financial flows on the project. The current experience shows that the existing methodological base is developed fragmentary within separate steps of supply chain risk management (SCRM) processes: risk identification, risk evaluation, risk mitigation, risk monitoring and control phases. The lack of the systematic approach hinders the solution of the problem of risk management processes of dry port implementation. Therefore, management of various risks during the investments phases of dry port projects still presents a considerable challenge from the practical and theoretical points of view. In this regard, the given research became a logical continuation of fundamental research, existing in the financial models and theories (e.g., capital asset pricing model and real option theory), as well as provided a complementation for the portfolio theory. The goal of the current study is in the design of methods and models for the facilitation of dry port implementation through the mechanism of public-private partnership on the national market that implies the necessity to mitigate, first and foremost, the shortage of the investments and consequences of risks. The problem of the research was formulated on the ground of the identified contradictions. They rose as a continuation of the trade-off between the opportunities that the investors can gain from the development of terminal business in Russia (i.e. dry port implementation) and risks. As a rule, the higher the investment risk, the greater should be their expected return. However, investors have a different tolerance for the risks. That is why it would be advisable to find an optimum investment. In the given study, the optimum relates to the search for the efficient portfolio, which can provide satisfaction to the investor, depending on its degree of risk aversion. There are many theories and methods in finance, concerning investment choices. Nevertheless, the appropriateness and effectiveness of particular methods should be considered with the allowance of the specifics of the investment projects. For example, the investments in dry ports imply not only the lump sum of financial inflows, but also the long-term payback periods. As a result, capital intensity and longevity of their construction determine the necessity from investors to ensure the return on investment (profitability), along with the rapid return on investment (liquidity), without precluding the fact that the stochastic nature of the project environment is hardly described by the formula-based approach. The current theoretical base for the economic appraisals of the dry port projects more often perceives net present value (NPV) as a technique superior to other decision-making criteria. For example, the portfolio theory, which considers different risk preference of an investor and structures of utility, defines net present value as a better criterion of project appraisal than discounted payback period (DPP). Meanwhile, in business practice, the DPP is more popular. Knowing that the NPV is based on the assumptions of certainty of project life, it cannot be an accurate appraisal approach alone to determine whether or not the project should be accepted for the approval in the environment that is not without of uncertainties. In order to reflect the period or the project’s useful life that is exposed to risks due to changes in political, operational, and financial factors, the second capital budgeting criterion – discounted payback period is profoundly important, particularly for the Russian environment. Those statements represent contradictions that exist in the theory and practice of the applied science. Therefore, it would be desirable to relax the assumptions of portfolio theory and regard DPP as not fewer relevant appraisal approach for the assessment of the investment and risk measure. At the same time, the rationality of the use of both project performance criteria depends on the methods and models, with the help of which these appraisal approaches are calculated in feasibility studies. The deterministic methods cannot ensure the required precision of the results, while the stochastic models guarantee the sufficient level of the accuracy and reliability of the obtained results, providing that the risks are properly identified, evaluated, and mitigated. Otherwise, the project performance indicators may not be confirmed during the phase of project realization. For instance, the economic and political instability can result in the undoing of hard-earned gains, leading to the need for the attraction of the additional finances for the project. The sources of the alternative investments, as well as supportive mitigation strategies, can be studied during the initial phases of project development. During this period, the effectiveness of the investments undertakings can also be improved by the inclusion of the various investors, e.g. Russian Railways’ enterprises and other private companies in the dry port projects. However, the evaluation of the effectiveness of the participation of different investors in the project lack the methods and models that would permit doing the particular feasibility study, foreseeing the quantitative characteristics of risks and their mitigation strategies, which can meet the tolerance of the investors to the risks. For this reason, the research proposes a combination of Monte Carlo method, discounted cash flow technique, the theory of real options, and portfolio theory via a system dynamics simulation approach. The use of this methodology allows for comprehensive risk management process of dry port development to cover all aspects of risk identification, risk evaluation, risk mitigation, risk monitoring, and control phases. A designed system dynamics model can be recommended for the decision-makers on the dry port projects that are financed via a public-private partnership. It permits investors to make a decision appraisal based on random variables of net present value and discounted payback period, depending on different risks factors, e.g. revenue risks, land acquisition risks, traffic volume risks, construction hazards, and political risks. In this case, the statistical mean is used for the explication of the expected value of the DPP and NPV; the standard deviation is proposed as a characteristic of risks, while the elasticity coefficient is applied for rating of risks. Additionally, the risk of failure of project investments and guaranteed recoupment of capital investment can be considered with the help of the model. On the whole, the application of these modern methods of simulation creates preconditions for the controlling of the process of dry port development, i.e. making managerial changes and identifying the most stable parameters that contribute to the optimal alternative scenarios of the project realization in the uncertain environment. System dynamics model allows analyzing the interactions in the most complex mechanism of risk management process of the dry ports development and making proposals for the improvement of the effectiveness of the investments via an estimation of different risk management strategies. For the comparison and ranking of these alternatives in their order of preference to the investor, the proposed indicators of the efficiency of the investments, concerning the NPV, DPP, and coefficient of variation, can be used. Thus, rational investors, who averse to taking increased risks unless they are compensated by the commensurate increase in the expected utility of a risky prospect of dry port development, can be guided by the deduced marginal utility of investments. It is computed on the ground of the results from the system dynamics model. In conclusion, the outlined theoretical and practical implications for the management of risks, which are the key characteristics of public-private partnerships, can help analysts and planning managers in budget decision-making, substantially alleviating the effect from various risks and avoiding unnecessary cost overruns in dry port projects.
Resumo:
The purpose of the study was to explore how a public, IT services transferor, organization, comprised of autonomous entities, can effectively develop and organize its data center cost recovery mechanisms in a fair manner. The lack of a well-defined model for charges and a cost recovery scheme could cause various problems. For example one entity may be subsidizing the costs of another entity(s). Transfer pricing is in the best interest of each autonomous entity in a CCA. While transfer pricing plays a pivotal role in the price settings of services and intangible assets, TCE focuses on the arrangement at the boundary between entities. TCE is concerned with the costs, autonomy, and cooperation issues of an organization. The theory is concern with the factors that influence intra-firm transaction costs and attempting to manifest the problems involved in the determination of the charges or prices of the transactions. This study was carried out, as a single case study, in a public organization. The organization intended to transfer the IT services of its own affiliated public entities and was in the process of establishing a municipal-joint data center. Nine semi-structured interviews, including two pilot interviews, were conducted with the experts and managers of the case company and its affiliating entities. The purpose of these interviews was to explore the charging and pricing issues of the intra-firm transactions. In order to process and summarize the findings, this study employed qualitative techniques with the multiple methods of data collection. The study, by reviewing the TCE theory and a sample of transfer pricing literature, created an IT services pricing framework as a conceptual tool for illustrating the structure of transferring costs. Antecedents and consequences of the transfer price based on TCE were developed. An explanatory fair charging model was eventually developed and suggested. The findings of the study suggested that the Chargeback system was inappropriate scheme for an organization with affiliated autonomous entities. The main contribution of the study was the application of TP methodologies in the public sphere with no tax issues consideration.
Resumo:
Tämän diplomityön tavoitteena oli selvittää arvoketjuanalyysin avulla toiminnot, joilla voittoatavoittelemattoman, julkisen osakeyhtiön toimintaa voitaisiin kuvata. Tarkoituksena oli selvittää mainitut toiminnot yleisesti ja luoda malli kohdeyrityksen arvoketjusta ja sen toiminnoista. Tutkielma jakautuu teoreettiseen ja empiiriseen osaan. Ensimmäinen pohjautuu aikaisempaan tutkimukseen ja kirjallisuuteen sidosryhmistä, arvon muodostumisesta ja arvoketjuanalyysistä. Jälkimmäinen on laadullista tapaustutkimusta. Empiriassa mallinnettiin Lappeenranta Innovation Oy:nsisäisiä toimintoja ja sidosryhmien odotuksia. Empiirinen tutkimus perustui kohdeyrityksen omistajille ja henkilöstölle tehtyihin haastatteluihin sekä yrityksen toiminnan päivittäiseen seurantaan. Johtopäätöksenätodettiin, että julkisen, voittoa tavoittelemattoman yrityksen toiminnot on mahdollista kuvata arvoketjuanalyysin avulla. Alan ja yrityksen asettamat erityispiirteet toivat haasteita määrittelylle, mutta silti arvoketju antoi selkeän tavan kohdeyrityksen toimintojen mallintamiselle.
Resumo:
Työn tavoitteena oli kehittää metalliteollisuusyrityksen tarpeisiin menetelmä jolla alihankintaa kehitetään kustannustehokkuustavoitteita vastaavaksi. Selkeillä ja avoimilla toimintaperiaatteilla pyritään luomaan edellytykset alihankintaverkoston yritysten kehitykselle ja tehokkaalle osto- ja tuotantopäätöstoiminnalle. Tarve kehittää konepajayrityksen alihankintana teetettävää osavalmistusta on syntynyt kasvu- ja tulostavoitteista. Työn toimeksiantaja, metsäteollisuuden koneenrakennuksen lopputuotevalmistaja, pyrkii selkeyttämään sisäistä tuotantoaan ja nostamaan kapasiteettiaan valmiiden tuotteiden osalta. Näihin tavoitteisiin olennaisena osana kuuluu ydinosaamiseen keskittyminen ja alihankinnan suhteellinen lisääminen. Näin ollen alihankintaprosesseja on kehitettävä toimiviksi ja tehokkaiksi. Työssä on laadittu yrityksen tarpeisiin soveltuva toimintamalli, tavoiteasetannan mukaiseen alihankinnan kehittämiseen. Alihankinnan keskittäminen tuoteryhmittäin on pitkällä aikavälillä molempia osapuolia hyödyttävä valinta. Mallin toimenpiteiden avulla alihankinnan keskittämisellä saavutetaan etuja kustannustehokkuudessa, joustavuudessa sekä alihankintakentän selkeytymisessä.
Resumo:
Valtionhallinnon muutosprosessissa on huomattu tulosohjaukseen liittyvät rakenteelliset ongelmat. 2000-luvun puolivälissä prosessiajattelu nousee uudelleen esiin. Sitä esitetään aidosti ratkaisumalliksi julkisten palvelujen järjestämiseen. Prosessit ovattulleet ajankohtaisiksi. Tutkielman päätavoitteena oli prosessijohtamisen ja muutosjohtamisen lähtökohtien syventäminen. Alatavoitteina olivat prosessien suoritusmittarit ja onnistuneen muutoshallinnan avaintekijät. Tutkimus perustuu lähdekirjallisuuteen ja asiantuntijoiden haastatteluihin. Prosessilähtöisyys valtionhallinnossa on huomion kiinnittämistä ulkoisen asiakkaan tarpeiden tyydyttämiseen sekä yhteiskunnallisten vaikuttavuustavoitteiden saavuttamiseen. Muutos vaatiinimenomaan johtamista sekä sitkeyttä ja vastarinnan sietämistä. Lisäksi se vaatii johdon sitoutumista ja määrätietoista työtä tavoitteiden saavuttamiseksi. Rohkeus ja avoimuus uusille asioille ovat myös tärkeitä. Valtionhallinnon organisaatioissa tarvitaan lähitulevaisuudessa entistä enemmän muutosagentteja, muutosjohtajia ja uudenlaista osaamista.
Resumo:
Perustaen tutkimuksen kansainvälisen sopeutumisen teoreettiselle rungolle täydentäen sitä sosiaalisen pääoman teorialla, tämä tutkielma tutkii kuinka johtoasemassa oleva ulkosuomalainen luo hyvin toimivan sosiaalisen verkoston hong kongilaisella työpaikallansa. Tutkielma lähestyy aihetta Nahapietin ja Ghoshalin (1998) kehittämän sosiaalisen pääoman kolmen ulottuvuuden mallin avulla. Tutkielmassa kirjallisuudesta haettua teoriaa käytetään tutkimustavarten tehtyjen haastattelujen analysointiapuna. Tutkimalla sosiaalista pääomaa, kansainvälisen sopeutumisen kirjallisuutta, ekspatriootin perinteisiä menestystekijöitä ja guanxia (kiinalaisten henkilökohtaisia siteitä) tämän tutkimuksen teoriaosuus implikoi, että sosiaalisella pääomalla tulisi olla täydentävä rooli kansainvälisen sopeutumisen kirjallisuudessa. Sosiaalisen pääoman kolmen ulottuvuuden mallia käytetään pohjana empiirisen datan analysointiin. Tutkielman empiiriset tulokset osoittavat, että työpaikan sosiaaliseen verkostoon sopeutuminen liittyy exspatriootin kykyyn käsitellä estäviä ja mahdollistajia sosiaalisen pääoman luontiin vaikuttavia tekijöitä. Lisäksi sopeutuminen vaatii exspatriootin tunnistavan kohdemaalle tyypillisiä exspatriootin menestystekijöitä ja ekspatriootinomia tärkeitä henkilökohtaisia ominaisuuksia.
Resumo:
1. Introduction "The one that has compiled ... a database, the collection, securing the validity or presentation of which has required an essential investment, has the sole right to control the content over the whole work or over either a qualitatively or quantitatively substantial part of the work both by means of reproduction and by making them available to the public", Finnish Copyright Act, section 49.1 These are the laconic words that implemented the much-awaited and hotly debated European Community Directive on the legal protection of databases,2 the EDD, into Finnish Copyright legislation in 1998. Now in the year 2005, after more than half a decade of the domestic implementation it is yet uncertain as to the proper meaning and construction of the convoluted qualitative criteria the current legislation employs as a prerequisite for the database protection both in Finland and within the European Union. Further, this opaque Pan-European instrument has the potential of bringing about a number of far-reaching economic and cultural ramifications, which have remained largely uncharted or unobserved. Thus the task of understanding this particular and currently peculiarly European new intellectual property regime is twofold: first, to understand the mechanics and functioning of the EDD and second, to realise the potential and risks inherent in the new legislation in economic, cultural and societal dimensions. 2. Subject-matter of the study: basic issues The first part of the task mentioned above is straightforward: questions such as what is meant by the key concepts triggering the functioning of the EDD such as presentation of independent information, what constitutes an essential investment in acquiring data and when the reproduction of a given database reaches either qualitatively or quantitatively the threshold of substantiality before the right-holder of a database can avail himself of the remedies provided by the statutory framework remain unclear and call for a careful analysis. As for second task, it is already obvious that the practical importance of the legal protection providedby the database right is in the rapid increase. The accelerating transformationof information into digital form is an existing fact, not merely a reflection of a shape of things to come in the future. To take a simple example, the digitisation of a map, traditionally in paper format and protected by copyright, can provide the consumer a markedly easier and faster access to the wanted material and the price can be, depending on the current state of the marketplace, cheaper than that of the traditional form or even free by means of public lending libraries providing access to the information online. This also renders it possible for authors and publishers to make available and sell their products to markedly larger, international markets while the production and distribution costs can be kept at minimum due to the new electronic production, marketing and distributionmechanisms to mention a few. The troublesome side is for authors and publishers the vastly enhanced potential for illegal copying by electronic means, producing numerous virtually identical copies at speed. The fear of illegal copying canlead to stark technical protection that in turn can dampen down the demand for information goods and services and furthermore, efficiently hamper the right of access to the materials available lawfully in electronic form and thus weaken the possibility of access to information, education and the cultural heritage of anation or nations, a condition precedent for a functioning democracy. 3. Particular issues in Digital Economy and Information Networks All what is said above applies a fortiori to the databases. As a result of the ubiquity of the Internet and the pending breakthrough of Mobile Internet, peer-to-peer Networks, Localand Wide Local Area Networks, a rapidly increasing amount of information not protected by traditional copyright, such as various lists, catalogues and tables,3previously protected partially by the old section 49 of the Finnish Copyright act are available free or for consideration in the Internet, and by the same token importantly, numerous databases are collected in order to enable the marketing, tendering and selling products and services in above mentioned networks. Databases and the information embedded therein constitutes a pivotal element in virtually any commercial operation including product and service development, scientific research and education. A poignant but not instantaneously an obvious example of this is a database consisting of physical coordinates of a certain selected group of customers for marketing purposes through cellular phones, laptops and several handheld or vehicle-based devices connected online. These practical needs call for answer to a plethora of questions already outlined above: Has thecollection and securing the validity of this information required an essential input? What qualifies as a quantitatively or qualitatively significant investment? According to the Directive, the database comprises works, information and other independent materials, which are arranged in systematic or methodical way andare individually accessible by electronic or other means. Under what circumstances then, are the materials regarded as arranged in systematic or methodical way? Only when the protected elements of a database are established, the question concerning the scope of protection becomes acute. In digital context, the traditional notions of reproduction and making available to the public of digital materials seem to fit ill or lead into interpretations that are at variance with analogous domain as regards the lawful and illegal uses of information. This may well interfere with or rework the way in which the commercial and other operators have to establish themselves and function in the existing value networks of information products and services. 4. International sphere After the expiry of the implementation period for the European Community Directive on legal protection of databases, the goals of the Directive must have been consolidated into the domestic legislations of the current twenty-five Member States within the European Union. On one hand, these fundamental questions readily imply that the problemsrelated to correct construction of the Directive underlying the domestic legislation transpire the national boundaries. On the other hand, the disputes arisingon account of the implementation and interpretation of the Directive on the European level attract significance domestically. Consequently, the guidelines on correct interpretation of the Directive importing the practical, business-oriented solutions may well have application on European level. This underlines the exigency for a thorough analysis on the implications of the meaning and potential scope of Database protection in Finland and the European Union. This position hasto be contrasted with the larger, international sphere, which in early 2005 does differ markedly from European Union stance, directly having a negative effect on international trade particularly in digital content. A particular case in point is the USA, a database producer primus inter pares, not at least yet having aSui Generis database regime or its kin, while both the political and academic discourse on the matter abounds. 5. The objectives of the study The above mentioned background with its several open issues calls for the detailed study of thefollowing questions: -What is a database-at-law and when is a database protected by intellectual property rights, particularly by the European database regime?What is the international situation? -How is a database protected and what is its relation with other intellectual property regimes, particularly in the Digital context? -The opportunities and threats provided by current protection to creators, users and the society as a whole, including the commercial and cultural implications? -The difficult question on relation of the Database protection and protection of factual information as such. 6. Dsiposition The Study, in purporting to analyse and cast light on the questions above, is divided into three mainparts. The first part has the purpose of introducing the political and rationalbackground and subsequent legislative evolution path of the European database protection, reflected against the international backdrop on the issue. An introduction to databases, originally a vehicle of modern computing and information andcommunication technology, is also incorporated. The second part sets out the chosen and existing two-tier model of the database protection, reviewing both itscopyright and Sui Generis right facets in detail together with the emergent application of the machinery in real-life societal and particularly commercial context. Furthermore, a general outline of copyright, relevant in context of copyright databases is provided. For purposes of further comparison, a chapter on the precursor of Sui Generi, database right, the Nordic catalogue rule also ensues. The third and final part analyses the positive and negative impact of the database protection system and attempts to scrutinize the implications further in the future with some caveats and tentative recommendations, in particular as regards the convoluted issue concerning the IPR protection of information per se, a new tenet in the domain of copyright and related rights.
Resumo:
Key management has a fundamental role in secure communications. Designing and testing of key management protocols is tricky. These protocols must work flawlessly despite of any abuse. The main objective of this work was to design and implement a tool that helps to specify the protocol and makes it possible to test the protocol while it is still under development. This tool generates compile-ready java code from a key management protocol model. A modelling method for these protocols, which uses Unified Modeling Language (UML) was also developed. The protocol is modelled, exported as an XMI and read by the code generator tool. The code generator generates java code that is immediately executable with a test software after compilation.
Resumo:
Tutkimuksen tavoitteina oli rakentaa pelastuslaitoksen tuloksellisuuden arvioimiseen tasapainotettu mittaristo sekä valita mittareita, joiden avulla voidaan vertailla pelastuslaitoksia keskenään. Tutkimuksessa selvitetään, miten julkisen sektorin palveluiden tuloksellisuutta arvioidaan erityisesti kuntasektorilla, mitä tarkoitukseen soveltuvia mittausjärjestelmiä on olemassa, miten tasapainotetun mittausjärjestelmän rakentamisprosessi etenee, miten henkilöstön aikaansaannoskyky voidaan ottaa huomioon kuntien tuloksellisuuden arvioinnissa, minkälaisilla mittareilla voidaan parhaiten arvioida pelastuslaitoksen toimintaa ja mitkä mittareista soveltuvat pelastuslaitosten vertailuun. Teoriaosuudessa käsitellään julkisten palvelujen erityispiirteitä, suositusta kunnallisten palvelujen tuloksellisuuden arvioimisesta sekä henkilöstön aikaansaannoskyvyn mittaamista. Työssä esitellään joitakin tasapainotetun mittaamisen malleja sekä kuvataan mittariston rakentamisprosessin vaiheita. Teorian pohjalta rakennettiin tasapainotettu tunnuslukujärjestelmä Etelä-Karjalan pelastuslaitokselle. Kunnalliselle organisaatiolle voidaan rakentaa tasapainotettu mittaristo, mutta yksittäisen pelastuslaitoksen osalta on lähdettävä sen omista kriittisistä menestystekijöistä ja noudatettava kunnallisen sektorin suosituksia. Yhteisiä mittareita pelastuslaitosten käyttöön löytyy, mutta pääosin yksikön tuloksellisuutta ohjaavat mittarit soveltuvat vain sisäiseen käyttöön.
