960 resultados para Generic Security Services Application Program Interface (GSS-API)
Resumo:
Dissertação de mestrado integrado em Engenharia Civil
Resumo:
Although the ASP model has been around for over a decade, it has not achieved the expected high level of market uptake. This research project examines the past and present state of ASP adoption and identifies security as a primary factor influencing the uptake of the model. The early chapters of this document examine the ASP model and ASP security in particular. Specifically, the literature and technology review chapter analyses ASP literature, security technologies and best practices with respect to system security in general. Based on this investigation, a prototype to illustrate the range and types of technologies that encompass a security framework was developed and is described in detail. The latter chapters of this document evaluate the practical implementation of system security in an ASP environment. Finally, this document outlines the research outputs, including the conclusions drawn and recommendations with respect to system security in an ASP environment. The primary research output is the recommendation that by following best practices with respect to security, an ASP application can provide the same level of security one would expect from any other n-tier client-server application. In addition, a security evaluation matrix, which could be used to evaluate not only the security of ASP applications but the security of any n-tier application, was developed by the author. This thesis shows that perceptions with regard to fears of inadequate security of ASP solutions and solution data are misguided. Finally, based on the research conducted, the author recommends that ASP solutions should be developed and deployed on tried, tested and trusted infrastructure. Existing Application Programming Interfaces (APIs) should be used where possible and security best practices should be adhered to where feasible.
Resumo:
The purpose of Title II, The Adult Education and Family Literacy Act (AEFLA) of the Workforce Investment Act of 1998, is to create a partnership among the federal government, states, and localities to provide, on a voluntary basis, adult basic education and literacy services.
Resumo:
The purpose of Title II, The Adult Education and Family Literacy Act (AEFLA) of the Workforce Investment Act of 1998, is to create a partnership among the federal government, states, and localities to provide, on a voluntary basis, adult basic education and literacy services.
Resumo:
Työssä esitellään yleiseurooppalaisen GSM-matkapuhelinjärjestelmän verkkoelementtejä ja perehdytään niiden väliseen standardoituun merkinantoprotokollaan. Lisäksi tarkastellaan protokollan lyhytsanomien välitykseen liittyviä operaatioita ja niissä tapahtunutta kehitystä standardoinnin eri vaiheissa. Tavoitteena oli toteuttaa GSM-matkapuhelinverkon merkinantoprotokollaan perustuva ohjelma, jonka tehtävänä on välittää lyhytsanomia matkapuhelin- ja lyhytsanomakeskuksen välillä. Matkapuhelimeen päättyvän lyhytsanoman välitykseen liittyy lisäksi reititystiedon hakeminen vastaanottajan kotirekisteristä. Toteutuksessa on ohjelmointirajapinta, joka helpottaa matkapuhelinverkon uusien palvelusovellusten kehittämistä. Toteutus testattiin standardoituja testitapauksia soveltaen. Yhdenmukaisuustestauksessa käytettiin apuna merkinantoanalysaattoria. Testauksessa tarkastettiin, että protokolla toimii loogisesti oikein. Suorituskykyä ei ole voitu testata todellisessa testiympäristössä, mutta ohjelmallisesti toteutettujen simulaattoreiden avulla on saatu hyviä tuloksia.
Resumo:
Diplomityössä tutkitaan, kuinka Symbian-sovelluskehitystä voitaisiin tehostaa. Työssä esitellään Symbian-käyttöjärjestelmä, sekä pohditaan haasteita ja rajoitteita joita Symbian sovelluskehityksessä kohdataan. Myöskin jo olemassa olevia kehitystapoja pohditaan työn tavoitteen kannalta. Symbian-sovelluskehityksessä tehdään toistuvasti samoja asioita. Koska Symbian on avoin käyttöjärjestelmä, sovelluskehittäjiä on paljon. Tehokkaamman kehitystavan löytäminen säästäisi paljon resursseja. Tällä hetkellä perinteiset ohjelmointitavat näyttävät olevan suosituin tapa kehittää sovelluksia. Kuitenkin on jo olemassa useita ratkaisuja, jotka pyrkivät tehostamaan sovelluskehitystä, mikä todistaa tarpeen kehittää tehokkuutta. Työssä toteutettu systeemi ajaa Symbian sovelluksia XML-määrityksen pohjalta. Kun käytetään XML-määritystä C++-koodin sijasta, sovelluskehitys muuttuu. Näiden muutosten täytyy kuitenkin olla myönteisiä, eivätkä ne saa haitata ohjelmiston laatua tai käytettävyyttä.
Resumo:
Unified Threat Management or UTM-devices have created a new way to implement security solutions for different customer needs and segments. Customer and business traffic is more and more Web and application based when security is needed to that level as well. Thesis focuses to explore what opportunities UTM-devices provides for operator acting as a managed security service provider and how to succeed better in the markets. Markets are explored both in the customer interface what customers are expecting form the managed service provides and from technology provider interface what kind of products and services they have for different implementations. Theoretical background is taken from product strategy, networking and product development. These are taken into account when developed and explored opportunities an operator has in managed security business with UTM-devices. In the thesis four main recognized technology vendors and their product and services are compared against operator managed security services needs. Based on the explorations of theory, customer needs and technology a product strategy is proposed for operator acting as a managed security provider.
Resumo:
The use of domain-specific languages (DSLs) has been proposed as an approach to cost-e ectively develop families of software systems in a restricted application domain. Domain-specific languages in combination with the accumulated knowledge and experience of previous implementations, can in turn be used to generate new applications with unique sets of requirements. For this reason, DSLs are considered to be an important approach for software reuse. However, the toolset supporting a particular domain-specific language is also domain-specific and is per definition not reusable. Therefore, creating and maintaining a DSL requires additional resources that could be even larger than the savings associated with using them. As a solution, di erent tool frameworks have been proposed to simplify and reduce the cost of developments of DSLs. Developers of tool support for DSLs need to instantiate, customize or configure the framework for a particular DSL. There are di erent approaches for this. An approach is to use an application programming interface (API) and to extend the basic framework using an imperative programming language. An example of a tools which is based on this approach is Eclipse GEF. Another approach is to configure the framework using declarative languages that are independent of the underlying framework implementation. We believe this second approach can bring important benefits as this brings focus to specifying what should the tool be like instead of writing a program specifying how the tool achieves this functionality. In this thesis we explore this second approach. We use graph transformation as the basic approach to customize a domain-specific modeling (DSM) tool framework. The contributions of this thesis includes a comparison of di erent approaches for defining, representing and interchanging software modeling languages and models and a tool architecture for an open domain-specific modeling framework that e ciently integrates several model transformation components and visual editors. We also present several specific algorithms and tool components for DSM framework. These include an approach for graph query based on region operators and the star operator and an approach for reconciling models and diagrams after executing model transformation programs. We exemplify our approach with two case studies MICAS and EFCO. In these studies we show how our experimental modeling tool framework has been used to define tool environments for domain-specific languages.
Resumo:
The forthcoming media revolution of exchanging paper documents to digital media in construction engineering requires new tools to be developed. The basis of this bachelor’s thesis was to explore the preliminary possibilities of exporting imagery from a Building Information Modelling –software to a mobile phone on a construction yard. This was done by producing a Web Service which uses the design software’s Application Programming Interface to interact with a structures model in order to produce the requested imagery. While mobile phones were found lacking as client devices, because of limited processing power and small displays, the implementation showed that the Tekla Structures API can be used to automatically produce various types of imagery. Web Services can be used to transfer this data to the client. Before further development the needs of the contractor, benefits for the building master and inspector and the full potential of the BIM-software need to be mapped out with surveys.
Resumo:
Internet today has become a vital part of day to day life, owing to the revolutionary changes it has brought about in various fields. Dependence on the Internet as an information highway and knowledge bank is exponentially increasing so that a going back is beyond imagination. Transfer of critical information is also being carried out through the Internet. This widespread use of the Internet coupled with the tremendous growth in e-commerce and m-commerce has created a vital need for infonnation security.Internet has also become an active field of crackers and intruders. The whole development in this area can become null and void if fool-proof security of the data is not ensured without a chance of being adulterated. It is, hence a challenge before the professional community to develop systems to ensure security of the data sent through the Internet.Stream ciphers, hash functions and message authentication codes play vital roles in providing security services like confidentiality, integrity and authentication of the data sent through the Internet. There are several ·such popular and dependable techniques, which have been in use widely, for quite a long time. This long term exposure makes them vulnerable to successful or near successful attempts for attacks. Hence it is the need of the hour to develop new algorithms with better security.Hence studies were conducted on various types of algorithms being used in this area. Focus was given to identify the properties imparting security at this stage. By making use of a perception derived from these studies, new algorithms were designed. Performances of these algorithms were then studied followed by necessary modifications to yield an improved system consisting of a new stream cipher algorithm MAJE4, a new hash code JERIM- 320 and a new message authentication code MACJER-320. Detailed analysis and comparison with the existing popular schemes were also carried out to establish the security levels.The Secure Socket Layer (SSL) I Transport Layer Security (TLS) protocol is one of the most widely used security protocols in Internet. The cryptographic algorithms RC4 and HMAC have been in use for achieving security services like confidentiality and authentication in the SSL I TLS. But recent attacks on RC4 and HMAC have raised questions about the reliability of these algorithms. Hence MAJE4 and MACJER-320 have been proposed as substitutes for them. Detailed studies on the performance of these new algorithms were carried out; it has been observed that they are dependable alternatives.
Resumo:
Customer satisfaction and retention are key issues for organizations in today’s competitive market place. As such, much research and revenue has been invested in developing accurate ways of assessing consumer satisfaction at both the macro (national) and micro (organizational) level, facilitating comparisons in performance both within and between industries. Since the instigation of the national customer satisfaction indices (CSI), partial least squares (PLS) has been used to estimate the CSI models in preference to structural equation models (SEM) because they do not rely on strict assumptions about the data. However, this choice was based upon some misconceptions about the use of SEM’s and does not take into consideration more recent advances in SEM, including estimation methods that are robust to non-normality and missing data. In this paper, both SEM and PLS approaches were compared by evaluating perceptions of the Isle of Man Post Office Products and Customer service using a CSI format. The new robust SEM procedures were found to be advantageous over PLS. Product quality was found to be the only driver of customer satisfaction, while image and satisfaction were the only predictors of loyalty, thus arguing for the specificity of postal services
Resumo:
Esta tesis pretende describir la situación actual del sector de seguridad privada, al implementar y adoptar estrategias de CRM. Con una revisión confiable y el estudio de casos relacionados con el tema, lo cual permitirá constatar la realidad en cuanto la aplicación del modelo, en el sector de seguridad privada, según lo planteado por diversos autores. Los resultados obtenidos permitirán, de este modo, al sector y a sus gerentes, desarrollar estrategias que ayuden a la satisfacción de sus clientes y a la prestación de un mejor servicio. En el campo académico, este estudio servirá como guía teórico-práctica para estudiantes y profesores, de modo que permitirá afianzar conocimientos en cuanto al CRM, al marketing relacional y su uso en el sector de seguridad privada. Según este modelo la información acerca de los clientes, es una información estratégica vital para las organizaciones que ayuda a la toma de decisiones, pronosticar cambios en cuanto a demanda, además de establecer control sobre procesos en los que se involucre el cliente; de modo que la adopción e implementación de CRM, ayude a la empresa, en este caso a las del sector de seguridad privada, a estar atentos a la manera como se interactúa con el cliente y por ende mejorar el servicio, lo que tendrá repercusión en la percepción que tenga de la organización el cliente. De este modo, se ve como en la actualidad las estrategias de CRM definen el rumbo de una empresa, ayudando atraer nuevos clientes y además de esto, ayuda de igual modo a mantener felices a los clientes actuales; lo cual repercute en la demanda o el requerimiento del servicio, y así en una mejor rentabilidad para las empresas del sector. Razones por las que el sector de vigilancia se verá beneficiado por medio de las estrategias del CRM, lo que lo llevara a ofrecer mejores servicios a sus clientes.
Resumo:
Allt eftersom utvecklingen går framåt inom applikationer och system så förändras också sättet på vilket vi interagerar med systemet på. Hittills har navigering och användning av applikationer och system mestadels skett med händerna och då genom mus och tangentbord. På senare tid så har navigering via touch-skärmar och rösten blivit allt mer vanligt. Då man ska styra en applikation med hjälp av rösten är det viktigt att vem som helst kan styra applikationen, oavsett vilken dialekt man har. För att kunna se hur korrekt ett röstigenkännings-API (Application Programming Interface) uppfattar svenska dialekter så initierades denna studie med dokumentstudier om dialekters kännetecken och ljudkombinationer. Dessa kännetecken och ljudkombinationer låg till grund för de ord vi valt ut till att testa API:et med. Varje dialekt fick alltså ett ord uppbyggt för att vara extra svårt för API:et att uppfatta när det uttalades av just den aktuella dialekten. Därefter utvecklades en prototyp, närmare bestämt en android-applikation som fungerade som ett verktyg i datainsamlingen. Då arbetet innehåller en prototyp och en undersökning så valdes Design and Creation Research som forskningsstrategi med datainsamlingsmetoderna dokumentstudier och observationer för att få önskat resultat. Data samlades in via observationer med prototypen som hjälpmedel och med hjälp av dokumentstudier. Det empiriska data som registrerats via observationerna och med hjälp av applikationen påvisade att vissa dialekter var lättare för API:et att uppfatta korrekt. I vissa fall var resultaten väntade då vissa ord uppbyggda av ljudkombinationer i enlighet med teorin skulle uttalas väldigt speciellt av en viss dialekt. Ibland blev det väldigt låga resultat på just dessa ord men i andra fall förvånansvärt höga. Slutsatsen vi drog av detta var att de ord vi valt ut med en baktanke om att de skulle få låga resultat för den speciella dialekten endast visade sig stämma vid två tillfällen. Det var istället det ord innehållande sje- och tje-ljud som enligt teorin var gemensamma kännetecken för alla dialekter som fick lägst resultat överlag.
Resumo:
Java Card technology allows the development and execution of small applications embedded in smart cards. A Java Card application is composed of an external card client and of an application in the card that implements the services available to the client by means of an Application Programming Interface (API). Usually, these applications manipulate and store important information, such as cash and confidential data of their owners. Thus, it is necessary to adopt rigor on developing a smart card application to improve its quality and trustworthiness. The use of formal methods on the development of these applications is a way to reach these quality requirements. The B method is one of the many formal methods for system specification. The development in B starts with the functional specification of the system, continues with the application of some optional refinements to the specification and, from the last level of refinement, it is possible to generate code for some programming language. The B formalism has a good tool support and its application to Java Card is adequate since the specification and development of APIs is one of the major applications of B. The BSmart method proposed here aims to promote the rigorous development of Java Card applications up to the generation of its code, based on the refinement of its formal specification described in the B notation. This development is supported by the BSmart tool, that is composed of some programs that automate each stage of the method; and by a library of B modules and Java Card classes that model primitive types, essential Java Card API classes and reusable data structures
Resumo:
Nel mondo della sicurezza informatica, le tecnologie si evolvono per far fronte alle minacce. Non è possibile prescindere dalla prevenzione, ma occorre accettare il fatto che nessuna barriera risulterà impenetrabile e che la rilevazione, unitamente ad una pronta risposta, rappresenta una linea estremamente critica di difesa, ma l’unica veramente attuabile per poter guadagnare più tempo possibile o per limitare i danni. Introdurremo quindi un nuovo modello operativo composto da procedure capaci di affrontare le nuove sfide che il malware costantemente offre e allo stesso tempo di sollevare i comparti IT da attività onerose e sempre più complesse, ottimizzandone il processo di comunicazione e di risposta.
