一個有延展性的動畫劇本描述語言 / A Scripting Language for Extensible Animation

廖茂詠, Liao,Mao-Yung

Unknown Date

在目前3D虛擬環境中，虛擬人物的動作多半是以動作抓取等離線方式錄製後，再以罐裝動作的方式呈現。該動作經過編碼後會以固定的格式進行傳送，然後由客戶端撥放該動畫內容。通常而言，固定的格式規範會限制電腦動畫表現與延展的能力。這篇論文我們提出了一套以XML為基礎的動畫語言，稱為eXtensible Animation Markup Language(XAML)來解決這樣的問題。這套語言設計的目的是為了讓開發者能夠彈性地選擇不同層次的指定方式來產生虛擬演員的動畫；同時使用者可以藉由已經定義好的動畫合成新的動畫內容，或是更改已定義動畫的部分內容來產生一套新的動畫。除此之外，XAML為客製化腳本語言提供延展擴充的機制，開發者可以透過plug-in、內嵌XAML引擎或轉換腳本等方式達到擴充XAML的目的。我們同時使用JAVA實作了一套能夠解譯XAML的動畫引擎，使用者不但可以利用XAML腳本命令產生相對應的3D動畫顯示，也可以透過該動畫引擎所提供的函式庫對場景中的3D物件進行控制。另外，我們也設計了一個具語音對話功能的多人虛擬環境系統，以驗證XAML語言的可行性及有效性。 / Character animations on most virtual environment systems are canned motions created off-line through motion capture techniques. The motions are then en-coded and transmitted with a fixed format and played at the client side. The rigid specification format for computer animation and multimedia presentation in general has greatly affected the development of 3D contents. In this thesis, we propose an XML-based scripting language, called eXtensible Animation Markup Language (XAML). The language is designed to describe character animations at various command levels and to compose a new animation from existing ani-mation clips. Furthermore, one can use plug-in, embeding or translation to in-corporate other customized scripting languages or new functions into XAML. We have implemented an animation engine in Java that can interpret the script-ing language and render 3D animations based on the user’s interactive XAML commands or the provided application programming interface. In addition, we have designed a speech-enabled multi-user virtual environment system based on XAML to verify the feasibility and effectiveness of such a language.

動畫

腳本語言

虛擬環境

animation

scripting language

Vitual Environment

詐騙集團是說故事高手？－從敘事理論解構詐騙集團的教戰手冊 / Fraud group is expert of storyteller?To interpret the scam guideline of fraud group by narrative theory

何瑞玲

Unknown Date

在近幾年的台灣社會中，民眾對詐騙已經不再陌生了，政府除了成立165反詐騙專線之外，還砸下許多經費對民眾進行反詐騙的宣傳，但卻仍有上百億元的金錢被騙走，被害人除了有知識水準不高的民眾之外更不乏有高社經地位的科技新貴或是退休公務員等，可見詐騙案件與受害者的背景與教育程度無關。難道詐騙集團真的具有某種特殊能力，能讓受害者毫無警覺的付出大筆金錢?他們是如何突破受害者的心防，能夠不著痕跡的讓受害者越陷越深? 綜觀所有的詐騙案件，其實詐騙集團都有一本"教戰手冊"來做為詐騙成員和受害者聯繫的劇本，當我們將這本手冊視為一份故事腳本，透過敘事理論來分析這本"教戰手冊"，我們可以發現最後讓故事產生說服效果的其實是受害者本身的經驗投射，以及當下被詐騙集團所阻絕的情境所衍生出的結果，在這樣的狀況下，即便是政府在反詐騙文宣中極力宣導"檢察官不會監管帳戶或存款"或是"警察不會派人保管民眾的金錢"，由於受害者已經深深的陷入了詐騙情境，很難清楚的思考事件的真假...，在這樣的狀態下，反詐騙的宣傳之所以沒有對受害者產生效應就不難理解了。 政府要讓反詐騙宣傳有效果應改變方式，除了讓民眾能夠辨識事件真假之外，也應讓民眾知道當民眾捲入不法事件時可有哪些措施，同時再透過宣導短片將檢察官或是警察的辦案方式與正式流程讓民眾了解，不會因無知而繼續受騙，這樣才能真正的落實對民眾反詐騙的宣導 / People in Taiwan no longer a stranger on the scam in recent years, the government not only set the 165 anti-fraud hotline, but spent a lot of money for anti-fraud publicity, there are still hundreds of billions of dollars to be cheated. Victims include people who have different degrees of the knowledge and socioeconomic status, e.g. labor, retired civil servants…etc. It seems the occurrences of scam case have nothing to do with the background or education level of victims according to above facts. We may doubt does the fraud gang have the special ability to make people pay large sums of money without alert? How do they bewitch victims and go deeper for more money from victims? Looking at all of the scam cases, we’ve found that there is a “Scam Guideline“ to be the script for communicating between impostor and victim. We finally find the cause to affect the script is actually by the reflection of personal experience from victim as well as the isolated scenario created by fraud gang when we take the script as an appealing story and analyze it with narrative theory. In such circumstances, even though people receive the anti-fraud propaganda from government by strongly deliver "the prosecutors will not manage people’s account" or “the police will not guarantee people’s money” has not so workable; it still hard to distinguish the true or false events for victims due to they have already involved into the storyline. Government should adjust its strategy to implement the anti-fraud propaganda, besides to help people know how to tell the genuineness of the event, government also need to educate people to understand the correct methods they could take when they are related in criminal incidents, meanwhile, try to reveal the standard procedure of investigation by prosecutor or police to people via video clips, thus, people won’t be cheated with their naïve sense and the anti-fraud propaganda could be effective on the public advocacy.

詐騙

反詐騙

教戰手冊

腳本

fraud

anti-fraud

scam guideline

script

超媒體文件運算結構之設計與建置研究

張聖武

Unknown Date

目前以HTML所編輯出的超媒體文件對於多媒體資料在時空關係上缺少提供給文件設計者的精確性及相依性描述，提供給讀者的互動效果也有不足處。為了彌補上述的缺憾，本研究提出超媒體文件的運算結構來處理多媒體物件在時空關係上的描述以及與使用者互動的議題，以物件導向設計方法設計出運算環境類別、一元運算功能類別與多元運算功能類別，並利用Java語言建置出一套腳本描述語言工具來輔助HTML的展現效果。

超媒體文件

運算結構

時空關係

使用者互動

腳本描述語言

推廣型使用者的社會創新：常民專家如何改寫台灣衛生棉條科技的社會腳本 / Social innovations of promoter-users: How lay-experts rewrite the social scripts of tampon technology in Taiwan

吳文欣, Wu, Wen Hsin

Unknown Date

本研究以台灣衛生棉條科技網絡的開展為例，目的在於探討使用者的力量如何帶動一個社會技術網絡的擴充。衛生棉條引進台灣已逾30年，但卻因為台灣社會文化脈絡中根深蒂固的價值觀腳本，再加上法令、市場與知識等結構性障礙的阻力，讓衛生棉條這項技術物與使用衛生棉條的價值觀無法順利擴散。當政府當局與權力宰制都間接「不鼓勵」使用衛生棉條，台灣的生理用品市場現況與價值觀腳本又阻礙著衛生棉條科技網絡的開展時，推廣型使用者選擇從台灣主流的經期處理中方式出走，藉由推動生理教育與傳遞相關知識來打破傳統的價值觀腳本，利用創造多元選擇與開拓流通管道來掙脫台灣限縮的衛生棉條市場。台灣衛生棉條科技網絡的開展以「使用者」作為主要行動者，打破專家知識由上而下的擴散模式，創造出使用者主導的社會結構模型。當社會環境與市場機制處於「獨占」的情況，再加上傳統主導創新擴散的權威機構都處在反對的角色時，實際使用產品與經歷生理期的使用者為了追求更佳的身體經驗與取得產品的管道，便發揮她們改變社會技術環境的能動性並進行社會創新。性別結構的鬆動與新式觀念的出現也幫助推廣型使用者改寫台灣衛生棉條科技的社會腳本，台灣近年來開拓女性身體的潮流與社會價值觀漸趨開放的訊號，讓社會創新與社會文化風氣的轉變相輔相成，再加上網際網路所帶動的多元知識生產與資訊流通的跨國性質，讓推廣型使用者成功帶動一個日常生活科技的知識革命。凡妮莎等推廣型使用者的出現也型塑出新的常民專家文化，開啟另一種呈現社會技術網絡擴充的方式。本研究期望藉由使用者為衛生棉條科技網絡開展所作的努力，提供政府政策、教育單位、醫療權威與所有台灣民眾一個認識衛生棉條的機會與反思的空間，希望透過友善的政策環境與生理教育的配合，能夠成功改寫台灣女性的經期處理習慣與傳統的價值觀腳本。 / The purpose of this case study “Network of Tampon Technology in Taiwan” is to explore how users can do to expand a social-technical network. Tampon has been introduced to Taiwan over 30 years. However, this technical object and tampon usage cannot be spread successfully because of the deep-rooted script of values and the structural barriers of law, market and knowledge. As government and authority discourage indirectly from tampon usage, the restricted feminine hygiene products market and the script of values both disadvantage expansion of tampon technology, Promoter-Users choose to run away from the main menstrual management. They break the traditional script of values by strengthening physical education and delivering relevant knowledge, free themselves from the restricted tampon market by creating multiple choices and developing commodity circulation channels. “Users” are primary actors in network of tampon technology in Taiwan. They break the expert-oriented distribution model and create another user-driven structural model. As social environment and market mechanism are both monopolized, plus traditional authority in charge of distributing innovations is on the opposite side, users who use products and experience menstruation can still show their agencies and promote social innovations in order to pursue better body experiences and commodity channels. Loosening of gender structure and emergence of modern values help Promoter-Users rewrite the social scripts of tampon technology in Taiwan. Liberation of female body and unrestricted social climate make social-cultural transformation complement social innovations well. Diversified knowledge and international communication allow Promoter-Users to advocate a revolution of everyday-life technology. Promoter-Users such as Vanessa also initiate a new culture of lay-experts and offer another way of expanding a social-technical network. This study expects to provide governmental policy, educational organization, medical authority and the pubic an opportunity to know more about tampon and a space for introspection by introducing Promoter-Users’ efforts. We look forward to a more friendly policy environment and better physical education in order to rewrite the fixed menstrual management and the traditional script of values.

衛生棉條

使用者

社會創新

社會腳本

常民專家

凡妮莎

tampon

user

social innovation

social script

lay-expert

Vanessa

鄉民全都「讚」出來：初探反國光石化運動的青年網路實踐 / Everybody "Like": Exploring internet practices in youth in Anti Guo-Kuang Petroleum Plant social movement

盧沛樺

Unknown Date

評估探究網路社運的研究結果紛雜，與其說結果歧出，不如重新檢視用以分析的路徑。我認為著眼於技術形式的分析路徑可能有所不足，因此，本研究切換視角，自科技與社會研究中汲取養分，從使用中科技（technology in-use）的角度切入，藉機勾勒數位科技在善於把玩者手中所形成的各色風貌，及其打造有別於傳統社運的抗爭戲碼。文中便整理多樣數位科技在社會運動中快或慢地跳脫原先功能與使用方式的情形，突顯全青盟成員是以長期的網路使用經驗為基礎，才能深具創意地將特定科技依運動階段轉換角色，或是有技巧地應運動階段帶進不同的科技，並在多元的科技間加以協調、組合，或是勝任翻譯者的角色，在運動的聲援者與網路使用者之間快速轉換，將嚴肅的運動資訊應數位平台的特色與文化裁剪為引人共鳴的文本。簡言之，用於加強社交的強勢腳本已在愛用且善用的使用者手中退位，數位科技重新以社會運動科技的姿態登場。事實上，這正反映網路世代對社會運動的想像與行動已難排除長期耽溺的網路經驗，於是，無論是社會對話、群眾串聯、組織形式均深受數位參與文化的潛移默化，開創有別於傳統的社運圖像。 / The findings of cyber activism research that focus on technical forms are diverse and confusing. Thus, I believe it is better to reexamine the way of analysis. The article uses the perspective of technology in-use which draws from Society, Technology, and Science (STS) approach to trace the dynamic of young activists using digital technologies in social movement, as well as the characteristics of contemporary internet-embedded social movements beyond traditional ones. The study shows that digital technologies have departed from original scripts in different degrees. Based on the long-term experiences of using internet, members of National Youth Alliance Against KuoKuang Petrochemical Project creatively changed roles of technologies and tactically composed multiple technologies according to the stages of movement. Moreover, they successfully reedited the campaigns which widely disseminated in digital environment based on their capacity for switching identities between activists and internet users. In short, digital technologies were originally used to strengthen human relations. The skilled users/activists of digital technologies have, however, utilized these technologies to promote social movements. In fact, as mentioned above, it also reveals that the imagination and actions of social movements by net generation cannot exclude their long-term experiences of internet use. Therefore, regardless of social dialogue, mobilization and organization structure which are critical elements of social movement, they all have been deeply influenced by digital participatory culture.

網路社運

科技與社會

數位原民

媒體素養

參與文化

腳本

cyber activism

Society, Technology, and Science

digital native

media literacy

participatory culture

script

運用使用者輸入欄位屬性偵測防禦資料隱碼攻擊 / Preventing SQL Injection Attacks Using the Field Attributes of User Input

賴淑美, Lai, Shu Mei

Unknown Date

在網路的應用蓬勃發展與上網使用人口不斷遞增的情況之下，透過網路提供客戶服務及從事商業行為已經是趨勢與熱潮，而伴隨而來的風險也逐步顯現。在一個無國界的網路世界，威脅來自四面八方，隨著科技進步，攻擊手法也隨之加速且廣泛。網頁攻擊防範作法的演進似乎也只能一直追隨著攻擊手法而不斷改進。但最根本的方法應為回歸原始的程式設計，網頁欄位輸入資料的檢核。確實做好欄位內容檢核並遵守網頁安全設計原則，嚴謹的資料庫存取授權才能安心杜絕不斷變化的攻擊。但因既有系統對於輸入欄位內容，並無確切根據應輸入的欄位長度及屬性或是特殊表示式進行檢核，以致造成類似Injection Flaws[1]及部分XSS（Cross Site Scripting）[2]攻擊的形成。 面對不斷變化的網站攻擊，大都以系統原始碼重覆修改、透過滲透測試服務檢視漏洞及購買偵測防禦設備防堵威脅。因原始碼重覆修改工作繁重，滲透測試也不能經常施行，購買偵測防禦設備也相當昂貴。 本研究回歸網頁資料輸入檢核，根據輸入資料的長度及屬性或是特殊的表示式進行檢核，若能堅守此項原則應可抵禦大部分的攻擊。但因既有系統程式龐大，若要重新檢視所有輸入欄位屬性及進行修改恐為曠日費時。本文中研究以側錄分析、資料庫SCHEMA的結合及方便的欄位屬性定義等功能，自動化的處理流程，快速產生輸入欄位的檢核依據。再以網站動態欄位檢核的方式，於網站接收使用者需求，且應用程式尚未處理前攔截網頁輸入資料，根據事先明確定義的網站欄位屬性及長度進行資料檢核，如此既有系統即無須修改，能在最低的成本下達到有效防禦的目的。 / With the dynamic development of network application and the increasing population of using internet, providing customer service and making business through network has been a prevalent trend recently. However, the risk appears with this trend. In a borderless net world, threaten comes from all directions. With the progress of information technology, the technique of network attack becomes timeless and widespread. It seems that defense methods have to develop against these attack techniques. But the root of all should regress on the original program design – check the input data of data fields. The prevention of unceasing network attack is precisely check the content of data field and adhere to the webpage security design on principle, furthermore, the authority to access database is essential. Since most existing systems do not have exactly checkpoints of those data fields such as the length, the data type, and the data format, as a result, those conditions resulted in several network attacks like Injection Flaws and XSS. In response to various website attack constantly, the majority remodify the system source code, inspect vulnerabilities by the service of penetration test, and purchase the equipment of Intrusion Prevention Systems(IPS). However, several limitations influence the performance, such as the massive workload of remodify source code, the difficulty to implement the daily penetration test, and the costly expenses of IPS equipment. The fundamental method of this research is to check the input data of data fields which bases on the length, the data type and the data format to check input data. The hypothesis is that to implement the original design principle should prevent most website attacks. Unfortunately, most legacy system programs are massive and numerous. It is time-consuming to review and remodify all the data fields. This research investigates the analysis of network interception, integrates with the database schema and the easy-defined data type, to automatically process these procedures and rapidly generates the checklist of input data. Then, using the method of website dynamic captures technique to receive user request first and webpage input data before the system application commences to process it. According to those input data can be checked by the predefined data filed type and the length, there is no necessary to modify existing systems and can achieve the goal to prevent web attack with the minimum cost.

跨站腳本攻擊

注入弱點

網站攻擊

動態攔截檢核

檢查網頁輸入資料

Injection Flaws

Cross Site Scripting

website attack

website dynamic captures technique

check the input data of data fields