17 resultados para CRUD
Resumo:
Contient : « Regles sans lesquelles nul ne peut parvenir à la congnoissance du grand oeuvre » ; « Aultre traitté de la pierre des philosophes, en rime, par huitain »
Resumo:
Database schemas, in many organizations, are considered one of the critical assets to be protected. From database schemas, it is not only possible to infer the information being collected but also the way organizations manage their businesses and/or activities. One of the ways to disclose database schemas is through the Create, Read, Update and Delete (CRUD) expressions. In fact, their use can follow strict security rules or be unregulated by malicious users. In the first case, users are required to master database schemas. This can be critical when applications that access the database directly, which we call database interface applications (DIA), are developed by third party organizations via outsourcing. In the second case, users can disclose partially or totally database schemas following malicious algorithms based on CRUD expressions. To overcome this vulnerability, we propose a new technique where CRUD expressions cannot be directly manipulated by DIAs any more. Whenever a DIA starts-up, the associated database server generates a random codified token for each CRUD expression and sends it to the DIA that the database servers can use to execute the correspondent CRUD expression. In order to validate our proposal, we present a conceptual architectural model and a proof of concept.
Resumo:
Gli obiettivi di questi tesi sono lo studio comparativo di alcuni DBMS non relazionali e il confronto di diverse soluzioni di modellazione logica e fisica per database non relazionali. Utilizzando come sistemi di gestione due DBMS Document-based non relazionali, MongoDB e CouchDB, ed un DBMS relazionale, Oracle, sarà effettuata un’analisi di diverse soluzione di modellazione logica dei dati in database documentali e uno studio mirato alla scelta degli attributi sui quali costruire indici. In primo luogo verrà definito un semplice caso di studio su cui effettuare i confronto, basato su due entità in relazione 1:N, sulle quali sarà costruito un opportuno carico di lavoro. Idatabase non relazionali sono schema-less, senza schema fisso, ed esiste una libertà maggiore di modellazione. In questo lavoro di tesi i dati verranno modellati secondo le tecniche del Referencing ed Embedding che consistono rispettivamente nell’inserimento di una chiave (riferimento) oppure di un intero sotto-documento (embedding) all’interno di un documento per poter esprimere il concetto di relazione tra diverse entità. Per studiare l’opportunità di indicizzare un attributo, ciascuna entità sarà poi composta da due triplette uguali di attributi definiti con differenti livelli di selettività, con la differenza che su ciascun attributo della seconda sarà costruito un indice. Il carico di lavoro sarà costituito da query definite in modo da poter testare le diverse modellazioni includendo anche predicati di join che non sono solitamente contemplati in modelli documentali. Per ogni tipo di database verranno eseguite le query e registrati i tempi, in modo da poter confrontare le performance dei diversi DBMS sulla base delle operazioni CRUD.
Resumo:
O problema dos sistemas de software legados sem documentação ou com documentação obsoleta, continua a ser uma realidade no mundo empresarial. O progressivo aumento da dimensão e complexidade dos sistemas desenvolvidos vem aumentar a necessidade de existirem mecanismos de modelação e documentação de apoio às actividades de manutenção e teste. Apesar da investigação que tem sido levada a cabo para tentar apresentar cada vez melhores abordagens à resolução deste problema,o seu uso no mundo empresarial ainda é muito esparso. Tal deve-se, pelo menos em parte, ao facto de muitas das abordagens propostas acabarem por representar um acrescento do esforço e do tempo, que as organizações não estão em condições de disponibilizar. Esta dissertação contribui com uma abordagem automatizada de suporte às actividades de documentação de sistemas, de manutenção e de testes. Para demonstrar a aplicabilidade e usabilidade da abordagem, propõe-se a implementação de uma ferramenta de apoio. A abordagem proposta baseia-se em técnicas já existentes e consolidadas, mas propõe extensões que permitem melhorar a sua integração,usabilidade e eficiência na sua aplicação. O problema fulcral aqui tratado é a inexistência ou insuficiência de documentação sobre os sistemas desenvolvidos. De modo a mitigar este problema, é apresentado um mecanismo de recuperação da modelação dinâmica de sistemas legados e respectiva geração de artefactos documentais,nomeadamente diagramas de sequência (UML), cartões CRC e matrizes de CRUD. Finalmente, introduzem-se técnicas de rastreabilidade e de apoio a testes de qualidade e cobertura para os sistemas construídos, usando uma metáfora de coloração de diagramas UML.
Resumo:
Dissertação de mestrado integrado em Engenharia de Gestão e Sistemas de Informação
Resumo:
A web service is a software system that provides a machine-processable interface to the other machines over the network using different Internet protocols. They are being increasingly used in the industry in order to automate different tasks and offer services to a wider audience. The REST architectural style aims at producing scalable and extensible web services using technologies that play well with the existing tools and infrastructure of the web. It provides a uniform set of operation that can be used to invoke a CRUD interface (create, retrieve, update and delete) of a web service. The stateless behavior of the service interface requires that every request to a resource is independent of the previous ones facilitating scalability. Automated systems, e.g., hotel reservation systems, provide advanced scenarios for stateful services that require a certain sequence of requests that must be followed in order to fulfill the service goals. Designing and developing such services for advanced scenarios with REST constraints require rigorous approaches that are capable of creating web services that can be trusted for their behavior. Systems that can be trusted for their behavior can be termed as dependable systems. This thesis presents an integrated design, analysis and validation approach that facilitates the service developer to create dependable and stateful REST web services. The main contribution of this thesis is that we provide a novel model-driven methodology to design behavioral REST web service interfaces and their compositions. The behavioral interfaces provide information on what methods can be invoked on a service and the pre- and post-conditions of these methods. The methodology uses Unified Modeling Language (UML), as the modeling language, which has a wide user base and has mature tools that are continuously evolving. We have used UML class diagram and UML state machine diagram with additional design constraints to provide resource and behavioral models, respectively, for designing REST web service interfaces. These service design models serve as a specification document and the information presented in them have manifold applications. The service design models also contain information about the time and domain requirements of the service that can help in requirement traceability which is an important part of our approach. Requirement traceability helps in capturing faults in the design models and other elements of software development environment by tracing back and forth the unfulfilled requirements of the service. The information about service actors is also included in the design models which is required for authenticating the service requests by authorized actors since not all types of users have access to all the resources. In addition, following our design approach, the service developer can ensure that the designed web service interfaces will be REST compliant. The second contribution of this thesis is consistency analysis of the behavioral REST interfaces. To overcome the inconsistency problem and design errors in our service models, we have used semantic technologies. The REST interfaces are represented in web ontology language, OWL2, that can be part of the semantic web. These interfaces are used with OWL 2 reasoners to check unsatisfiable concepts which result in implementations that fail. This work is fully automated thanks to the implemented translation tool and the existing OWL 2 reasoners. The third contribution of this thesis is the verification and validation of REST web services. We have used model checking techniques with UPPAAL model checker for this purpose. The timed automata of UML based service design models are generated with our transformation tool that are verified for their basic characteristics like deadlock freedom, liveness, reachability and safety. The implementation of a web service is tested using a black-box testing approach. Test cases are generated from the UPPAAL timed automata and using the online testing tool, UPPAAL TRON, the service implementation is validated at runtime against its specifications. Requirement traceability is also addressed in our validation approach with which we can see what service goals are met and trace back the unfulfilled service goals to detect the faults in the design models. A final contribution of the thesis is an implementation of behavioral REST interfaces and service monitors from the service design models. The partial code generation tool creates code skeletons of REST web services with method pre and post-conditions. The preconditions of methods constrain the user to invoke the stateful REST service under the right conditions and the post condition constraint the service developer to implement the right functionality. The details of the methods can be manually inserted by the developer as required. We do not target complete automation because we focus only on the interface aspects of the web service. The applicability of the approach is demonstrated with a pedagogical example of a hotel room booking service and a relatively complex worked example of holiday booking service taken from the industrial context. The former example presents a simple explanation of the approach and the later worked example shows how stateful and timed web services offering complex scenarios and involving other web services can be constructed using our approach.
Resumo:
Presentation at Open Repositories 2014, Helsinki, Finland, June 9-13, 2014
Resumo:
[ES]Desarrollo de una aplicación online para gestionar exposiciones caninas mediante el framework Ruby on Rails para la construcción de un portal web completo, dedicado al sector de las exposiciones caninas de belleza. Se utiliza la metodología de desarrollo ágil eXtreme Programmin, ha sido un desarrollo guiado por pruebas de aceptación (ATDD). Para las pruebas se ha utilizado Rspec y Cucumber. Está incluida información respecto al esquema jerárquico de las razas según la FCI y tenemos la posibilidad de administrar exposiciones caninas de belleza. Como administradores tenemos capacidades CRUD sobre ellas. Como usuarios podemos consultar la información que hay en el sistema respecto a las exposiciones, e inscribir a nuestros perros a las mismas.
Resumo:
Este proyecto se centra en la construcción de una herramienta para la gestión de contenidos de muy diversos tipos, siendo fácilmente adaptable a cada uno de los contextos. Permite guardar los contenidos necesarios gracias a un formulario previamente personalizado, de este modo hay un editor que se dedica solamente a la introducción de los contenidos y un administrador que personaliza los campos del formulario según los contenidos. En esencia la herramienta sirve de apoyo a dos tipos de usuario, desarrolladores (administrador) y redactores (editor), a los primeros les simplifica las tareas de conceptualización de las estructuras de datos de las que se desea tener persistencia y sirve como base para construir los editores que usan los redactores, por otro lado proporciona un API sencillo, potente y ágil para recuperar los datos introducidos por los redactores. La herramienta a su vez está pensada para ser interoperable, es decir, no obliga a usar un tipo de almacenamiento persistente concreto. Puede utilizar desde los sencillos archivos de texto, con lo que puede desplegarse en servidores treméndamente básicos. Por otro lado, si se necesita potencia en las búsquedas, nada debe impedir el uso de bases de datos relacionales como MySql. O incluso si se quiere dar un paso más y se quiere aprovechar la flexibilidad, potencia y maleabilidad de las bases de datos NoSql (como MongoDB) no es costoso, lo que hay que hacer es implementar una nueva clase de tipo PersistentManager y desarrollar los tipos de búsqueda y recuperación de contenidos que se necesiten. En la versión inicial de la herramienta se han implementado estos tres tipos de almacenes, nada impide usar sólo alguno de ellos y desechar el resto o implementar uno nuevo. Desde el punto de vista de los redactores, les ofrece un entorno sencillo y potente para poder realizar las tareas típicas denominadas CRUD (Create Read Update Delete, Crear Leer Actualizar y Borrar), un redactor podrá crear, buscar, re-aprovechar e incluso planificar publicación de contenidos en el tiempo. ABSTRACT This project focuses on building a tool for content management of many types, being easily adaptable to each context. Saves the necessary content through a previously designed form, thus there will be an editor working only on the introduction of the contents and there will be an administrator to customize the form fields as contents. Essentially the tool provides support for two types of users, developers (administrator) and editors, the first will have simplified the tasks of conceptualization of data structures which are desired to be persistent and serve as the basis for building the structures that will be used by editors, on the other hand provides a simple, powerful and agile API to retrieve the data entered by the editors. The tool must also be designed to be interoperable, which means not to be bound by the use of a particular type of persistent storage. You can use simple text files, which can be deployed in extremely basic servers. On the other hand, if power is needed in searches, nothing should prevent the use of relational databases such as MySQL. Or even if you want to go a step further and want to take advantage of the flexibility, power and malleability of NoSQL databases (such as MongoDB) it will not be difficult, you will only need to implement a new class of PersistentManager type and develop the type of search and query of content as needed. In the initial version of the tool these three types of storage have been implemented, it will be entitled to use only one of them and discard the rest or implement a new one. From the point of view of the editors, it offers a simple and powerful environment to perform the typical tasks called CRUD (Create Read Update Delete), an editor can create, search, re-use and even plan publishing content in time.
Resumo:
Mode of access: Internet.
Resumo:
In this study the relationship between heterogeneous nucleate boiling surfaces and deposition of suspended metallic colloidal particles, popularly known as crud or corrosion products in process industries, on those heterogeneous sites is investigated. Various researchers have reported that hematite is a major constituent of crud which makes it the primary material of interest; however the models developed in this work are irrespective of material choice. Qualitative hypotheses on the deposition process under boiling as proposed by previous researchers have been tested, which fail to provide explanations for several physical mechanisms observed and analyzed. In this study a quantitative model of deposition rate has been developed on the basis of bubble dynamics and colloid-surface interaction potential. Boiling from a heating surface aids in aggregation of the metallic particulates viz. nano-particles, crud particulate, etc. suspended in a liquid, which helps in transporting them to heating surfaces. Consequently, clusters of particles deposit onto the heating surfaces due to various interactive forces, resulting in formation of porous or impervious layers. The deposit layer grows or recedes depending upon variations in interparticle and surface forces, fluid shear, fluid chemistry, etc. This deposit layer in turn affects the rate of bubble generation, formation of porous chimneys, critical heat flux (CHF) of surfaces, activation and deactivation of nucleation sites on the heating surfaces. Several problems are posed due to the effect of boiling on colloidal deposition, which range from research initiatives involving nano-fluids as a heat transfer medium to industrial applications such as light water nuclear reactors. In this study, it is attempted to integrate colloid and surface science with vapor bubble dynamics, boiling heat transfer and evaporation rate. Pool boiling experiments with dilute metallic colloids have been conducted to investigate several parameters impacting the system. The experimental data available in the literature is obtained by flow experiments, which do not help in correlating boiling mechanism with the deposition amount or structure. With the help of experimental evidences and analysis, previously proposed hypothesis for particle transport to the contact line due to hydrophobicity has been challenged. The experimental observations suggest that deposition occurs around the bubble surface contact line and extends underneath area of the bubble microlayer as well. During the evaporation the concentration gradient of a non-volatile species is created, which induces osmotic pressure. The osmotic pressure developed inside the microlayer draws more particles inside the microlayer region or towards contact line. The colloidal escape time is slower than the evaporation time, which leads to the aggregation of particles in the evaporating micro-layer. These aggregated particles deposit onto or are removed from the heating surface, depending upon their total interaction potential. Interaction potential has been computed with the help of surface charge and van der Waals potential for the materials in aqueous solutions. Based upon the interaction-force boundary layer thickness, which is governed by debye radius (or ionic concentration and pH), a simplified quantitative model for the attachment kinetics is proposed. This attachment kinetics model gives reasonable results in predicting attachment rate against data reported by previous researchers. The attachment kinetics study has been done for different pH levels and particle sizes for hematite particles. Quantification of colloidal transport under boiling scenarios is done with the help of overall average evaporation rates because generally waiting times for bubbles at the same position is much larger than growth times. In other words, from a larger measurable scale perspective, frequency of bubbles dictates the rate of collection of particles rather than evaporation rate during micro-layer evaporation of one bubble. The combination of attachment kinetics and colloidal transport kinetics has been used to make a consolidated model for prediction of the amount of deposition and is validated with the help of high fidelity experimental data. In an attempt to understand and explain boiling characteristics, high speed visualization of bubble dynamics from a single artificial large cavity and multiple naturally occurring cavities is conducted. A bubble growth and departure dynamics model is developed for artificial active sites and is validated with the experimental data. The variation of bubble departure diameter with wall temperature is analyzed with experimental results and shows coherence with earlier studies. However, deposit traces after boiling experiments show that bubble contact diameter is essential to predict bubble departure dynamics, which has been ignored previously by various researchers. The relationship between porosity of colloid deposits and bubbles under the influence of Jakob number, sub-cooling and particle size has been developed. This also can be further utilized in variational wettability of the surface. Designing porous surfaces can having vast range of applications varying from high wettability, such as high critical heat flux boilers, to low wettability, such as efficient condensers.
Resumo:
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
Resumo:
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
