Säkerhetstestning av webbapplikationer och CMS plattformen EPiServer

Arbetet behandlar säkerhetstestning av webbapplikationer och CMS plattformen EPiServer. För att Know IT Dalarna ska kunna fortsätta leverera säkra webblösningar efterfrågar de en säkerhetsanalys över plattformen EPiServer men även över sina egenutvecklade applikationer. Syftet med arbetet var att höja säkerheten kring Know ITs webbaserade projekt och samtidigt göra utvecklarna mer medvetna om säkerheten vid utvecklingsfasen. Resultatet var att EPiServer som plattformen tillhandahåller en fullgod säkerhet. De direkta brister som identifierades var upp till antingen Know IT eller kunden att åtgärda och ansvaret lades på den som hade hand om driften av webbplatsen. Säkerhetstesterna som utfördes var bland annat tester emot åtkomsthantering, avlyssningsattacker, lösenordsattacker, SQL-injections och XSS-attacker.För att förenkla säkerhetstestningen skapades en checklista innehållandes steg för steg för att göra en grundläggande säkerhetstestning. Den innehöll även rekommendationer till Know IT Dalarna på områden som ska belysas och undersökas i framtiden. Checklistan kan användas av utvecklarna för att säkerställa att ett pågående projekt håller en bra nivå säkerhetsmässigt. Listan måste i framtiden uppdateras och hållas i fas med den ständiga tekniska utvecklingen som sker på området.

Prandial subcutaneous injections of glucagon-like peptide-1 cause weight loss in obese human subjects

Recombinant glucagon-like peptide-1 (7–36)amide (rGLP-1) was recently shown to cause significant weight loss in type 2 diabetics when administered for 6 weeks as a continuous subcutaneous infusion. The mechanisms responsible for the weight loss are not clarified. In the present study, rGLP-1 was given for 5d by prandial subcutaneous injections (PSI) (76nmol 30min before meals, four times daily; a total of 302·4nmol/24h) or by continuous subcutaneous infusion (CSI) (12·7nmol/h; a total of 304·8nmol/24h). This was performed in nineteen healthy obese subjects (mean age 44·2 (sem 2·5) years; BMI 39·0 (sem 1·2)kg/m2) in a prospective randomised, double-blind, placebo-controlled, cross-over study. Compared with the placebo, rGLP-1 administered as PSI and by CSI generated a 15% reduction in mean food intake per meal (P=0·02) after 5d treatment. A weight loss of 0·55 (sem 0·2) kg (P<0·05) was registered after 5d with PSI of rGLP-1. Gastric emptying rate was reduced during both PSI (P<0·001) and CSI (P<0·05) treatment, but more rapidly and to a greater extent with PSI of rGLP-1. To conclude, a 5d treatment of rGLP-1 at high doses by PSI, but not CSI, promptly slowed gastric emptying as a probable mechanism of action of increased satiety, decreased hunger and, hence, reduced food intake with an ensuing weight loss.

Robust heuristics for scalable optimization of complex SQL queries

Modern database systems incorporate a query optimizer to identify the most efficient "query execution plan" for executing the declarative SQL queries submitted by users. A dynamic-programming-based approach is used to exhaustively enumerate the combinatorially large search space of plan alternatives and, using a cost model, to identify the optimal choice. While dynamic programming (DP) works very well for moderately complex queries with up to around a dozen base relations, it usually fails to scale beyond this stage due to its inherent exponential space and time complexity. Therefore, DP becomes practically infeasible for complex queries with a large number of base relations, such as those found in current decision-support and enterprise management applications. To address the above problem, a variety of approaches have been proposed in the literature. Some completely jettison the DP approach and resort to alternative techniques such as randomized algorithms, whereas others have retained DP by using heuristics to prune the search space to computationally manageable levels. In the latter class, a well-known strategy is "iterative dynamic programming" (IDP) wherein DP is employed bottom-up until it hits its feasibility limit, and then iteratively restarted with a significantly reduced subset of the execution plans currently under consideration. The experimental evaluation of IDP indicated that by appropriate choice of algorithmic parameters, it was possible to almost always obtain "good" (within a factor of twice of the optimal) plans, and in the few remaining cases, mostly "acceptable" (within an order of magnitude of the optimal) plans, and rarely, a "bad" plan. While IDP is certainly an innovative and powerful approach, we have found that there are a variety of common query frameworks wherein it can fail to consistently produce good plans, let alone the optimal choice. This is especially so when star or clique components are present, increasing the complexity of th- e join graphs. Worse, this shortcoming is exacerbated when the number of relations participating in the query is scaled upwards.

Stepwise Crystallization: Illustrative Examples of the Use of Metalloligands Cu-6(mna)(6)](6-) and (Ag-6(Hmna)(2)(mna)(4)](4-) (H(2)mna=2-Mercapto Nicotinic Acid) in the Formation of Heterometallic Two- and Three-Dimensional Assemblies with brucite, pcu, and sql Topologies

Three new inorganic coordination polymers, {Mn(H2O)(6)]-Mn-2(H2O)(6)](Cu-6(mna)(6)]center dot 6H(2)O}, 1, {Mn-4(OH)(2)(H2O)(10)] (Cu-6(mna)6]center dot 8H(2)O}, 2, and {Mn-2(H2O)(5)]Ag-6(Hmna)(2)(mna)(4)]center dot 20H(2)O}, 3, have been synthesized at room temperature through a sequential crystallization route. In addition, we have also prepared and characterized the molecular precursor Cu-6(Hmna)(6)]. Compounds 1 and 3 have a two-dimensional structure, whereas 2 has a three-dimensional structure. The formation of 2 has been achieved by minor modification in the synthetic composition, suggesting the subtle relationship between the reactant composition and the structure. The hexanudear copper and silver duster cores have Cu center dot center dot center dot Cu and Ag center dot center dot center dot Ag distances close to the sum of the van der Waals radii of Cu1+ and Ag1+, respectively. The connectivity between Cu-6(mna)(6)](6-) cluster units and Mn2+ ions gives rise to a brucite related layer in 1 and a pcu-net in 2. The Ag-6(Hmna)(2)(mna)(4)](4-) cluster in 3, on the other hand, forms a sql-net with Mn2+. Compound 1 exhibits an interesting and reversible hydrochromic behavior, changing from pale yellow to red, on heating at 70 degrees C or treatment under a vacuum. Electron paramagnetic resonance studies indicate no change in the valence states, suggesting the color change could be due to changes in the coordination environment only. The magnetic studies indicate weak antiferromagnetic behavior. Proton conductivity studies indicate moderate proton migrations in 1 and 3. The present study dearly establishes sequential crystallization as an important pathway for the synthesis of heterometallic coordination polymers.

Effects of exogenous hormone injections on milt consistency in newly caught, wild milkfish

A study was conducted to determine the effects of single injections of human chorionic gonadotropin (HCG) and Durandron Forte 250 on sperm motility, vitality and density and also on the consistency of milt in newly caught, wild, mature milkfish (Chanos chanos). In contrast to HCG, single injections of Durandron Forte 250 were effective not only in inducing spermiation but also in maintaining newly caught mature males in good running condition for a maximum of 7 days, despite daily handling and collection of approximately 3ml milt.

Experimental and numerical study of grout injections in silty soils

Compensation grouting is increasingly employed as a mitigation technique of settlements induced by tunnelling and its effectiveness both in clayey and sandy soils is reported in a wide number of case histories. However, the results are highly dependent on grout properties, injection characteristics and soil properties. An experimental study was conducted to investigate the parameters that control grout injections in silty soils. The results from one injection test in a large sample of silty soil show that the compensation efficiency, defined as the ratio of the volume of heave obtained at ground surface and the injected grout volume, is much lower than one and tends to decrease with time, while the initial volume of grout lost due to pressure filtration is small. Finally, results from finite elements back analyses of the laboratory test show that a good agreement with the experimental data can be obtained if the development of large strains is taken into account. © 2012 Taylor & Francis Group.

Real-Time SQL的设计与实现

实时数据库的结构化查询语言RTSQL(Real-Time SQL)是实时数据库研究的一项重要内容.论文详细论述了RTSQL的一种设计方法,即扩展SQL92标准以支持实时数据库的要求,构建RTSQL语言的方法.文章还介绍了RTSQL在Agilor实时数据库系统中的实现方式.在文章最后给出了RTSQL进一步研究的思路和建议。

Performance of supersonic model combustors with staged injections of supercritical aviation kerosene

Supersonic model combustors using two-stage injections of supercritical kerosene were experimentally investigated in both Mach 2.5 and 3.0 model combustors with stagnation temperatures of approximately 1,750 K. Supercritical kerosene of approximately 760 K was prepared and injected in the overall equivalence ratio range of 0.5-1.46. Two pairs of integrated injector/flameholder cavity modules in tandem were used to facilitate fuel-air mixing and stable combustion. For single-stage fuel injection at an upstream location, it was found that the boundary layer separation could propagate into the isolator with increasing fuel equivalence ratio due to excessive local heat release, which in turns changed the entry airflow conditions. Moving the fuel injection to a further downstream location could alleviate the problem, while it would result in a decrease in combustion efficiency due to shorter fuel residence time. With two-stage fuel injections the overall combustor performance was shown to be improved and kerosene injections at fuel rich conditions could be reached without the upstream propagation of the boundary layer separation into the isolator. Furthermore, effects of the entry Mach number and pilot hydrogen on combustion performance were also studied.

Funções analíticas da linguagem Sql do Oracle.

Funções analíticas do oracle. Função RANK. Função DENSE_RANK. Função RATIO_REPORT. Funções LAG e LEAD.

STAR 3 randomized controlled trial to compare sensor-augmented insulin pump therapy with multiple daily injections in the treatment of type 1 diabetes: research design, methods, and baseline characteristics of enrolled subjects.

BACKGROUND: Sensor-augmented pump therapy (SAPT) integrates real-time continuous glucose monitoring (RT-CGM) with continuous subcutaneous insulin infusion (CSII) and offers an alternative to multiple daily injections (MDI). Previous studies provide evidence that SAPT may improve clinical outcomes among people with type 1 diabetes. Sensor-Augmented Pump Therapy for A1c Reduction (STAR) 3 is a multicenter randomized controlled trial comparing the efficacy of SAPT to that of MDI in subjects with type 1 diabetes. METHODS: Subjects were randomized to either continue with MDI or transition to SAPT for 1 year. Subjects in the MDI cohort were allowed to transition to SAPT for 6 months after completion of the study. SAPT subjects who completed the study were also allowed to continue for 6 months. The primary end point was the difference between treatment groups in change in hemoglobin A1c (HbA1c) percentage from baseline to 1 year of treatment. Secondary end points included percentage of subjects with HbA1c < or =7% and without severe hypoglycemia, as well as area under the curve of time spent in normal glycemic ranges. Tertiary end points include percentage of subjects with HbA1c < or =7%, key safety end points, user satisfaction, and responses on standardized assessments. RESULTS: A total of 495 subjects were enrolled, and the baseline characteristics similar between the SAPT and MDI groups. Study completion is anticipated in June 2010. CONCLUSIONS: Results of this randomized controlled trial should help establish whether an integrated RT-CGM and CSII system benefits patients with type 1 diabetes more than MDI.