A social contract with business as the basis for a postmodern MBA in a world order of inclusive globalisation : a critical metasynthesis

Coetzee, Josef Jooste

11 1900

This thesis addresses the paradigm shift required for an MBA qualification in a world order of inclusive globalisation (WOIG) – where humankind‟s security is assured, and where global poverty has been eradicated. A new research methodology, termed critical metasynthesis, which is the enrichment of critical management research with metasynthesis and Socrates‟ dialectic method of systematic inquiry has been used. The critical metasynthesis derives its outcome from the insights of global leaders from the developed and developing world, refuted by Nobel Laureates from the past decade. From the Socratic dialogue an end-purpose Statement of Visions for a new world order, society, business, business leadership, and the postmodern MBA emerged, namely: to deliver a WOIG; requiring a society that finds its greatness in protecting both its humanity and its economy as a whole; requiring world-class businesses – financially robust across business cycles, with global stewardship as the dominant business logic; requiring global business leaders with an ability to envision the WOIG, and then to lead thereto in an entrepreneurial and path-breaking manner exerting leadership qualities associated with the golden Rule of Humanity; requiring an MBA that educates and inspires the business leader to lead (and, to co-lead with societal and political leaders) the planetary turn-around to a WOIG. For this, a fundamental change of paradigm for the MBA emerged as a prerequisite. The first prerequisite is a Social Contract with Business as a trichotomy of global business responsibility towards society, politics and the Earth. This, becomes the raison d‟être of the postmodern MBA. The second prerequisite is an educational context aligned with the values and aspirations of a WOIG society. The outcome of the postmodern MBA is a fundamental personal re-orientation as thé kairos moment - through holistic critical reasoning excellence and achieving a WOIG mindset. Flowing from this to craft, build and to manage enterprises for the turn-around from today‟s world order of destructive globalisation to a WOIG. The thesis contributes a new educational context, vocabulary, and guidelines for a new canon of MBA knowledge. The thesis concludes by describing new vistas of follow-up research in four interlocking priorities for the professoriate, namely: discovering, integrating, applying and teaching a postmodern MBA in a WOIG – to deliver MBA graduates who can lead any business in any industry sector in any country towards positive sustained results for all stakeholders. / Business Leadership / D.B.L.

Postmodern

Social contract with business

Dominant business logic

Social responsibility

Critical management research

Metasynthesis

Kairos

Stewardship

Global business leaders

658.0490710218

Globalization -- Education -- Standards

Využití PDA pro distribuci informací v rámci uzavřených sítí / Usage of PDA for Distribution of Information in Closed Net

Ryšánek, Vojtěch

Unknown Date

The task of this project is to build application for managing of multimedia data in enclosed wireless networks and to present this data to the user. In model case it can be for example city guide - on position given by GPS are presented information about surrounding scene. Application must be capable of downloading data into Pocket PC - PDA and present them to the user as user friendly application.

Static Analysis Of Client-Side JavaScript Code To Detect Server-Side Business Logic Vulnerabilities / Statisk analys av JavaScript-kod på klientsidan för att upptäcka sårbarheter i affärslogiken på serversidan

van der Windt, Frederick

January 2023

In the real world, web applications are crucial in various domains, from e-commerce to finance and healthcare. However, these applications are not immune to vulnerabilities, particularly in business logic. Detecting such vulnerabilities can be challenging due to the complexity and diversity of application functionality. Consequently, there is a growing need for automated tools and techniques to aid in identifying business logic vulnerabilities. This research study investigates the efficacy of static analysis techniques in detecting server-side business logic vulnerabilities through the analysis of client-side JavaScript code. The study explores various analysis techniques, including code parsing, data flow analysis as detection methods, and their application in identifying potential vulnerabilities. This thesis also identifies common flaws contributing to business logic vulnerabilities, such as insufficient input validation, insecure access controls, and flawed decision-making logic. The effectiveness of static analysis techniques in pinpointing server-side business logic vulnerabilities is evaluated, revealing promising results, particularly in detecting parameter manipulation vulnerabilities. Notably, the study discovered vulnerabilities in two live applications that could lead to severe financial problems, underscoring the real-world implications of these vulnerabilities. However, challenges such as false positives and the need for manual verification are also acknowledged. The study concludes by proposing improvements and future research directions, including exploring advanced techniques like machine learning and natural language processing and integrating dynamic analysis and real-world testing scenarios to enhance the accuracy and efficiency of static analysis. The findings contribute to the understanding of utilizing static analysis techniques for detecting server-side business logic vulnerabilities, offering insights for developing more robust and efficient vulnerability detection tools. / I den verkliga världen är webbapplikationer avgörande inom olika områden, från e-handel till finans och sjukvård. Dessa applikationer är dock inte immuna mot sårbarheter, särskilt inte i affärslogiken. Att upptäcka sådana sårbarheter kan vara en utmaning på grund av komplexiteten och mångfalden i applikationernas funktionalitet. Därför finns det ett växande behov av automatiserade verktyg och tekniker som kan hjälpa till att identifiera sårbarheter i affärslogiken. Denna forskningsstudie undersöker hur effektiva statiska analystekniker är för att upptäcka sårbarheter i affärslogiken på serversidan genom analys av JavaScript-kod på klientsidan. Studien utforskar olika analystekniker, inklusive kodparsing, dataflödesanalys som detektionsmetoder, och deras tillämpning för att identifiera potentiella sårbarheter. Avhandlingen identifierar också vanliga brister som bidrar till sårbarheter i affärslogiken, såsom otillräcklig validering av indata, osäkra åtkomstkontroller och bristfällig logik för beslutsfattande. Effektiviteten hos statiska analystekniker för att hitta sårbarheter i affärslogiken på serversidan utvärderas och visar på lovande resultat, särskilt när det gäller att upptäcka sårbarheter i parametermanipulation. I studien upptäcktes sårbarheter i två live-applikationer som kan leda till allvarliga ekonomiska problem, vilket understryker de verkliga konsekvenserna av dessa sårbarheter. Utmaningar som falska positiva resultat och behovet av manuell verifiering erkänns dock också. Studien avslutas med förslag på förbättringar och framtida forskningsinriktningar, inklusive utforskning av avancerade tekniker som maskininlärning och naturlig språkbehandling och integrering av dynamisk analys och verkliga testscenarier för att förbättra noggrannheten och effektiviteten hos statisk analys. Resultaten bidrar till förståelsen för att använda statiska analystekniker för att upptäcka sårbarheter i affärslogik på serversidan, och ger insikter för att utveckla mer robusta och effektiva verktyg för sårbarhetsdetektering.

JavaScript

Static Analysis

Business Logic Vulnerabilities

Client-side

Fuzzing

Black-box

JavaScript

statisk analys

sårbarheter i affärslogiken

klientsidan

Fuzzing

Black-box

Computer Sciences

Datavetenskap (datalogi)

Computer Engineering

Datorteknik

Computer and Information Sciences

Data- och informationsvetenskap

COBOL-skills, Where art Thou? : An assessment of future COBOL needs at Handelsbanken

Khatib, Samy

January 2016

The impending mass retirement of baby-boomer COBOL developers, has companies that wish to maintain their COBOL systems fearing a skill shortage. Due to the dominance of COBOL within the financial sector, COBOL will be continually developed over at least the coming decade. This thesis consists of two parts. The first part consists of a literature study of COBOL; both as a programming language and the skills required as a COBOL developer. Interviews were conducted with key Handelsbanken staff, regarding the current state of COBOL and the future of COBOL in Handelsbanken. The second part consists of a quantitative forecast of future COBOL workforce state in Handelsbanken. The forecast uses data that was gathered by sending out a questionnaire to all COBOL staff. The continued lack of COBOL developers entering the labor market may create a skill-shortage. It is crucial to gather the knowledge of the skilled developers before they retire, as changes in old COBOL systems may have gone undocumented, making it very hard for new developers to understand how the systems work without guidance. To mitigate the skill shortage and enable modernization, an extraction of the business knowledge from the systems should be done. Doing this before the current COBOL workforce retires will ease the understanding of the extracted data. The forecasts of Handelsbanken’s COBOL workforce are based on developer experience and hiring, averaged over the last five years. The forecasts take into consideration the age developers are hired, the age the developers exit, and their cumulative growing experience while in the skills pool. The state of COBOL in 2015 is used as a baseline of COBOL needs to forecast until 2060. I.e. the rate at which COBOL systems are developed stay the same. The forecasts show that if no developers are hired, most of their experienced developers will have left by 2030. To keep their current COBOL experience level, Handelsbanken needs to keep hiring over the coming 45 years. Handelsbanken has to hire on average 8.2 developers per year until 2030, and 6.5 developers per year until 2060. I.e. Handelsbanken has been able to keep a high average of 7.6 people per year for the last five years. / Organisationer som underhåller COBOL system är oroliga inför den åldrande COBOL-arbetskraftens pensionering. COBOLs dominans inom den finansiella sektorn leder till att COBOL kod kommer att fortsätta utvecklas i minst tio år till. Den här uppsatsen är uppdelad i två delar. Första delen är en litteraturstudie om COBOL som programmeringsspråk, samt kunskapsbehovet som COBOL utvecklare. Intervjuer gjordes med nyckelpersoner inom Handelsbanken, kring det nuvarande tillståndet av COBOL och COBOLs framtid i Handelsbanken. Den andra delen består av en kvantitativ prognos kring Handelsbankens behov av COBOL utvecklare i framtiden. Prognosen bygger på data som samlats genom att skicka ut en enkät till alla COBOL utvecklare. Den fortsatta bristen på nya COBOL utvecklare på arbetsmarknaden kan skapa en kompetensbrist. Det är viktigt att samla kunskapen som de pensionerande utvecklarna bär på, eftersom ändringarna i systemen kan ha gått odokumenterade, vilket gör det väldigt svårt för nya utvecklare att förstå systemen utan vägledning. För att minska kompetensbehovet och möjliggöra modernisering av systemen, bör en extraktion av affärskunskap göras ur systemen. Att ta hjälp av utvecklarna av systemen kan avsevärt förenkla förståelsen av den extraherade informationen. Prognoserna av Handelsbankens COBOL arbetskraft baseras på data om utvecklarerfarenhet och anställning över de senaste fem åren. Prognoserna tar hänsyn till åldern när utvecklarna anställs, åldern när utvecklarna slutar, och tillväxten av deras sammanlagda erfarenhet under tiden de jobbar. Prognosen använder COBOL erfarenhetsbehovet i 2015 som en bas för prognosen. Prognosen beräknar behoven fram till år 2060. Prognoserna visar att om inga nya tillskott av utvecklare görs, så kommer de flesta av Handelsbankens erfarna utvecklare ha slutat vid år 2030. För att behålla deras nuvarande erfarenhetsnivå, så kommer Handelsbanken behöva kontinuerligt anställa utvecklare över kommande 45 åren. Handelsbanken kommer behöva anställa i genomsnitt 8,2 utvecklare per år fram till 2030, och därefter 6,5 utvecklare per år fram till 2060. Handelsbanken har lyckats ha en hög genomsnittlig anställningstakt de senaste fem åren, 7,6 personer per år.

COBOL

IT

IT-skills

Aging Workforce

Knowledge Loss

Legacy system

Business software

Developer

ERP systems

Business Knowledge

Business Processes

Business Logic

COBOL

IT

IT-kompetens

utveckling

Pension

Gamla Anställda

Kunskapsförlust

COBOL kompetens

Affärssystem

Utvecklare

Affärslogik

Affärsprocess

Affärskunskap

Computer and Information Sciences

Data- och informationsvetenskap

Streamlining Certification Management with Automation and Certification Retrieval : System development using ABP Framework, Angular, and MongoDB / Effektivisering av certifikathantering med automatisering och certifikathämtning : Systemutveckling med ABP Framework, Angular och MongoDB

Hassan, Nour Al Dine

January 2024

This thesis examines the certification management challenge faced by Integrity360. The decentralized approach, characterized by manual processes and disparate data sources, leads to inefficient tracking of certification status and study progress. The main objective of this project was to construct a system that automates data retrieval, ensures a complete audit, and increases security and privacy.  Leveraging the ASP.NET Boilerplate (ABP) framework, Angular, and MongoDB, an efficient and scalable system was designed, developed, and built based on DDD (domain-driven design) principles for a modular and maintainable architecture. The implemented system automates data retrieval from the Credly API, tracks exam information, manages exam vouchers, and implements a credible authentication system with role-based access control.  With the time limitations behind the full-scale implementation of all the planned features, such as a dashboard with aggregated charts and automatic report generation, the platform significantly increases the efficiency and precision of employee certification management. Future work will include these advanced functionalities and integrations with external platforms to improve the system and increase its impact on operations in Integrity360.

Certification Management

Automation

Certification Retrieval

ABP Framework

Angular

MongoDB

Credly API

Exam Information

Exam Vouchers

Authentication

Role-Based Access Control

Data Retrieval

Audit

Security

Privacy

Efficiency

Accuracy

Scalability

Maintainability

Domain-Driven Design

Software Development

User Interface

Data Encryption

HTTPS

Input Validation

Identity Management

Audit Logging

Cybersecurity

Education

Training

Employee Certification

Study Progress

Centralized Platform

Data Integration

Consolidated View

Graphs

Bar Charts

Manual Data Entry

Information Silos

Decision Making

Compliance

Industry Standards

Partner Levels

Financial Penalties

Reputation Damage

Business Opportunities

NoSQL Database

Unstructured Data

Semi-structured Data

Software Architecture

Layered Architecture

Presentation Layer

Application Layer

Domain Layer

Entities

Value Objects

Aggregates

Repositories

Domain Services

Data Transfer Objects (DTOs)

Business Logic

Domain Semantics

Modern Web Applications

User Authentication

Authorization

Audit Logging

Dynamic Web Applications

Component-Based

TypeScript

Type Safety

Code Quality

Maintainability

Active Community

Charts

Graphs

Secure Submission

LeptonX Lite

Responsive Design

Navigation Sidebar

Menu Bar

Tabs

Table

Attributes

Properties

Buttons

Modal Dialogs

Profile Settings

System Admin Panel

Account Management

Permissions

System Settings

Certifikathantering

Automatisering

Certifikathämtning

ABP Framework

Angular

MongoDB

Credly API

Examinformation

Examenvouchers

Autentisering

Rollbaserad åtkomstkontroll

Datahämtning

Granskning

Säkerhet

Integritet

Effektivitet

Noggrannhet

Skalbarhet

Underhållbarhet

Domändriven design

Programvaruutveckling

Användargränssnitt

Datakryptering

HTTPS

Indata validering

Identitetshantering

Granskningsloggning

Cybersäkerhet

Utbildning

Träning

Medarbetarcertifiering

Studie Framsteg

Centraliserad plattform

Dataintegration

Konsoliderad vy

Grafer

Stapeldiagram

Manuell datainmatning

Informationssilos

Beslutsfattande

Efterlevnad

Branschstandarder

Partnernivåer

Ekonomiska påföljder

Ryktesskada

Affärsmöjligheter

NoSQL-databas

Ostrukturerad data

Semistrukturerad data

Programvaruarkitektur

Skiktad arkitektur

Presentationslager

Applikationslager

Domänlager

Entiteter

Värdeobjekt

Aggregat

Repositories

Domäntjänster

Dataöverföringsobjekt (DTO)

Affärslogik

Domänsemantik

Moderna webbapplikationer

Användarautentisering

Auktorisering

Granskningsloggning

Dynamiska webbapplikationer

Komponentbaserad

TypeScript

Typsäkerhet

Kodkvalitet

Underhållbarhet

Aktiv gemenskap

Diagram

Grafer

Säker inlämning

LeptonX Lite

Responsiv design

Navigering Sidofält

Menyrad

Flikar

Tabell

Attribut

Egenskaper

Knappar

Modala dialogrutor

Profilinställningar

Systemadministratörspanel

Kontohantering

Behörigheter

Systeminställningar

Software Engineering

Programvaruteknik