Global ETD Search

91	Clustering User Behavior in Scientific Collections Blixhavn, Øystein Hoel January 2014 (has links) This master thesis looks at how clustering techniques can be appliedto a collection of scientific documents. Approximately one year of serverlogs from the CERN Document Server (CDS) are analyzed and preprocessed.Based on the findings of this analysis, and a review of thecurrent state of the art, three different clustering methods are selectedfor further work: Simple k-Means, Hierarchical Agglomerative Clustering(HAC) and Graph Partitioning. In addition, a custom, agglomerativeclustering algorithm is made in an attempt to tackle some of the problemsencountered during the experiments with k-Means and HAC. The resultsfrom k-Means and HAC are poor, but the graph partitioning methodyields some promising results.The main conclusion of this thesis is that the inherent clusters withinthe user-record relationship of a scientific collection are nebulous, butexisting. Furthermore, the most common clustering algorithms are notsuitable for this type of clustering. ntnudaim:12121 MTDT Datateknologi Data- og informasjonsforvaltning
92	Inputvalideringsbibliotek med integrering mot Eclipse / Input Validation Library with Eclipse Integration Moghal, Sahdia Fayyaz, Surnflødt, Torunn January 2009 (has links) <p>Validering av input er et sentralt emne innenfor sikker programvareutvikling. Det er spesielt viktig å validere inputfelter i applikasjoner som bruker input for å prosessere. En ondsinnet bruker kan fort utnytte slike felter. Det viktigste tiltaket for å sikre applikasjoner er tilstrekkelig kunnskap, da mangel på dette ofte resulterer i dårlig sikrede applikasjoner. Det ble i fordypningsprosjektet[33] kommet fram til at det eksisterer for dårlige rutiner blant IT-bedrifter når det kommer til sikkerhet. Utviklere har ikke nok kunnskap om området, og Internett blir stadig mer brukt til tjenester som innebærer sensitiv eller kritisk informasjon. Dette prosjektet tar for seg en rekke inputangrep og faren ved disse, og presenterer en rekke Security Patterner man kan bruke for å beskytte seg mot disse angrepene. Security Patternene beskriver problemet, setter det i en kontekst og gir forslag til løsninger som kan brukes i valideringen. I dette prosjektet er det fokusert på løsninger i form av regex, siden det er en effektiv metode for dette formålet. Alle Security Patternene er presentert i et bibliotek på en webside utviklet i dette prosjektet. Hensikten har vært å gi utviklere en felles kilde hvor de kan søke etter inputangrep, finne løsninger for å beskytte seg mot de og legge til egne forslag til løsninger hvis de ønsker det. Det er også laget en funksjon for at brukere skal kunne gi en positiv eller negativ tilbakemelding på bidragene. Dette vil gi en form for kvalitetssikring, og på sikt bidra til at biblioteket blir mer komplett. Biblioteket er utviklet med tanke på utviklere som ikke har mye kjennskap til inputangrep og regex, men er også egnet for mer erfarne brukere. Det er i tillegg til websiden utviklet en plugin for utviklingsverktøyet Eclipse, hvor man finner igjen Security Patternene fra websiden og en regexgenerator for å få hjelp til å generere egne regex. En appletversjon av generatoren er tilgjengelig på websiden for de som ikke benytter Eclipse. Prosjektet er testet både internt, eksternt av potensielle brukere og det er også sendt ut til bedrifter og mottatt tilbakemeldinger fra dem. Produktene ble sett på som nyttige og brukervennlige av testerne, men de ga også konstruktive tilbakemeldinger på hva som kunne forbedres både på brukervennlighet og funksjonalitet. Testresultatene ble analysert og det er blitt gjort en rekke forbedringer av systemet basert på analysen. I evalueringen er det blitt sett på positive og negative sider ved produktene, basert på egne erfaringer og synspunkter og testpersonenes tilbakemeldinger. Evalueringen har gitt en oversikt over en rekke områder som kan forbedres, både på websiden og i pluginen, og dette er beskrevet i kapittelet "videre arbeid" . Nøkkelord: Programvaresikkerhet, Inputvalidering, Regex, Plugin, Security Pattern.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer Data- og informasjonsforvaltning
93	Developing Patient Controlled Access : An Access Control Model for Personal Health Records Jensen, Torstein, Larsen, Knut Halvor January 2007 (has links) <p>The health and social care sector has a continuous growth in the use of information technology. With more and more information about the patient stored in different systems by different health care actors, information sharing is a key to better treatment. The introduction of the personal health record aims at making this treatment process easier. In addition to being able to share information to others, the patients can also take a more active part in their treatment by communicating with participants through the system. As the personal health record is owned and controlled by the patient with assistance from health care actors, one of the keys to success lies in how the patient can control the access to the record. In this master's thesis we have developed an access control model for the personal health record in a Norwegian setting. The development is based on different studies of existing similar solutions and literature. Some of the topics we present are re-introduced from an earlier project. Interviews with potential users have also been a valuable and important source for ideas and inspiration, especially due to the fact that the access control model sets high demands on user-friendliness. As part of the access control model we have also suggested a set of key roles for the personal health record. Through a conceptual implementation we have further shown that the access control model can be implemented. Three different solutions that show the conceptual implementation in the Indivo personal health record have been suggested, using the Extensible Access Control Markup Language as the foundation.</p> ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
94	Security in the MIDAS Middleware Pronstad, Thomas, Westerlund, Vegar January 2008 (has links) <p>Security in Mobile ad-hoc networks (MANETs) is difficult because of its operating environment and its lack of a central control unit, making classical security measures inapplicable. MIDAS is a project funded by the European Commission which creates a "Middleware platform for developing and deploying advanced mobile services". It is important for MIDAS to find a middle ground where it provides reasonable security, while using little extra processing power and battery and remains easy to use. In this thesis we identify the vulnerabilities and security measures needed to secure MIDAS, while preserving usability. We approach this problem by analysing the MIDAS design and find similarities to other known systems. From the analysis we identify threats and ethical issues, and suggest security mechanisms that solve MIDAS specific problems. The resulting security mechanisms are described in detail and tied together to create four main configurations with increasing levels of security. The configurations can then be used by MIDAS developers to implement security in a consistent way. The results are specific to MIDAS, but issues, requirements and security building blocks can be used by other projects for applicable MANET problems.</p> ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
95	Introducing New Technologies to Users in User-Centered Design Projects: : An Experimental Study Klingsheim, Tuva Foldøy, Raae, Benedicte January 2009 (has links) <p>In user-centered design the users play an important role in the development process. The users are included in near every step of the process and it is often a problem that they do not have the necessary overview of a technology intended used in the end system. They do not need to know all the technical details, but they do need to know what possibilities the technology makes available. To do this one needs to introduce the users to the technical possibilities, but how does one do this? We had two suggestions as to how this could be done. We proposed introducing the possibilities through abstract concepts not tied to the users' domain. The reason being we did not want to lock the users to concrete ideas given by us, but let them use the abstract concepts to come up with ideas in their own domain. The other suggestion was giving the users hands-on experience with the concepts. Human knowledge is usually derived from experience, and we believe touching and trying out the possibilities of a technology would also be helpful in this kind of setting. To test whether hands-on experience and abstract concepts is valuable in an introduction of new technologies we conducted an experiment involving two workshops. Both workshops got a theoretical presentation of the abstract concepts, while one workshop let the participants explore a demonstrator made by us giving them hands-on experience. These workshops were then analyzed both qualitatively and quantitatively. The quantitative analysis showed that the workshop incorporating hands-on experience generated more unique ideas and also ideas in more categories than the other workshop. However due to low comparability between the groups due to factors such as prior experience with the technologies and current work situation, we do not give these findings much significance. Through the qualitative analysis we see that hands-on experience can be valuable. For one participant in particular, the hands-on experience was very valuable. In addition we found it valuable as a motivational exercise in a user-centered design process. The abstract concepts were analyzed qualitatively, and these were not as valuable as hoped. The users found it hard to map the abstract concepts to their domain. We now see the value of examples closer to the users' domain, but they should be kept as small building blocks for the users to combine to solve larger problems. We end this paper with a suggested approach to introducing new technological possibilities. We still recommend using the abstract concepts, but taking care to exemplify them through many small domain-specific examples. Hands-on experience is recommended if it is feasible to do this within the domain. We also recommend for time to mature and revisiting the participant after they've been back in their domain for a while.</p> ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
96	Developing Patient Controlled Access : An Access Control Model for Personal Health Records Jensen, Torstein, Larsen, Knut Halvor January 2007 (has links) The health and social care sector has a continuous growth in the use of information technology. With more and more information about the patient stored in different systems by different health care actors, information sharing is a key to better treatment. The introduction of the personal health record aims at making this treatment process easier. In addition to being able to share information to others, the patients can also take a more active part in their treatment by communicating with participants through the system. As the personal health record is owned and controlled by the patient with assistance from health care actors, one of the keys to success lies in how the patient can control the access to the record. In this master's thesis we have developed an access control model for the personal health record in a Norwegian setting. The development is based on different studies of existing similar solutions and literature. Some of the topics we present are re-introduced from an earlier project. Interviews with potential users have also been a valuable and important source for ideas and inspiration, especially due to the fact that the access control model sets high demands on user-friendliness. As part of the access control model we have also suggested a set of key roles for the personal health record. Through a conceptual implementation we have further shown that the access control model can be implemented. Three different solutions that show the conceptual implementation in the Indivo personal health record have been suggested, using the Extensible Access Control Markup Language as the foundation. ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
97	Security in the MIDAS Middleware Pronstad, Thomas, Westerlund, Vegar January 2008 (has links) Security in Mobile ad-hoc networks (MANETs) is difficult because of its operating environment and its lack of a central control unit, making classical security measures inapplicable. MIDAS is a project funded by the European Commission which creates a "Middleware platform for developing and deploying advanced mobile services". It is important for MIDAS to find a middle ground where it provides reasonable security, while using little extra processing power and battery and remains easy to use. In this thesis we identify the vulnerabilities and security measures needed to secure MIDAS, while preserving usability. We approach this problem by analysing the MIDAS design and find similarities to other known systems. From the analysis we identify threats and ethical issues, and suggest security mechanisms that solve MIDAS specific problems. The resulting security mechanisms are described in detail and tied together to create four main configurations with increasing levels of security. The configurations can then be used by MIDAS developers to implement security in a consistent way. The results are specific to MIDAS, but issues, requirements and security building blocks can be used by other projects for applicable MANET problems. ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
98	Introducing New Technologies to Users in User-Centered Design Projects: : An Experimental Study Klingsheim, Tuva Foldøy, Raae, Benedicte January 2009 (has links) In user-centered design the users play an important role in the development process. The users are included in near every step of the process and it is often a problem that they do not have the necessary overview of a technology intended used in the end system. They do not need to know all the technical details, but they do need to know what possibilities the technology makes available. To do this one needs to introduce the users to the technical possibilities, but how does one do this? We had two suggestions as to how this could be done. We proposed introducing the possibilities through abstract concepts not tied to the users' domain. The reason being we did not want to lock the users to concrete ideas given by us, but let them use the abstract concepts to come up with ideas in their own domain. The other suggestion was giving the users hands-on experience with the concepts. Human knowledge is usually derived from experience, and we believe touching and trying out the possibilities of a technology would also be helpful in this kind of setting. To test whether hands-on experience and abstract concepts is valuable in an introduction of new technologies we conducted an experiment involving two workshops. Both workshops got a theoretical presentation of the abstract concepts, while one workshop let the participants explore a demonstrator made by us giving them hands-on experience. These workshops were then analyzed both qualitatively and quantitatively. The quantitative analysis showed that the workshop incorporating hands-on experience generated more unique ideas and also ideas in more categories than the other workshop. However due to low comparability between the groups due to factors such as prior experience with the technologies and current work situation, we do not give these findings much significance. Through the qualitative analysis we see that hands-on experience can be valuable. For one participant in particular, the hands-on experience was very valuable. In addition we found it valuable as a motivational exercise in a user-centered design process. The abstract concepts were analyzed qualitatively, and these were not as valuable as hoped. The users found it hard to map the abstract concepts to their domain. We now see the value of examples closer to the users' domain, but they should be kept as small building blocks for the users to combine to solve larger problems. We end this paper with a suggested approach to introducing new technological possibilities. We still recommend using the abstract concepts, but taking care to exemplify them through many small domain-specific examples. Hands-on experience is recommended if it is feasible to do this within the domain. We also recommend for time to mature and revisiting the participant after they've been back in their domain for a while. ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer
99	Inputvalideringsbibliotek med integrering mot Eclipse / Input Validation Library with Eclipse Integration Moghal, Sahdia Fayyaz, Surnflødt, Torunn January 2009 (has links) Validering av input er et sentralt emne innenfor sikker programvareutvikling. Det er spesielt viktig å validere inputfelter i applikasjoner som bruker input for å prosessere. En ondsinnet bruker kan fort utnytte slike felter. Det viktigste tiltaket for å sikre applikasjoner er tilstrekkelig kunnskap, da mangel på dette ofte resulterer i dårlig sikrede applikasjoner. Det ble i fordypningsprosjektet[33] kommet fram til at det eksisterer for dårlige rutiner blant IT-bedrifter når det kommer til sikkerhet. Utviklere har ikke nok kunnskap om området, og Internett blir stadig mer brukt til tjenester som innebærer sensitiv eller kritisk informasjon. Dette prosjektet tar for seg en rekke inputangrep og faren ved disse, og presenterer en rekke Security Patterner man kan bruke for å beskytte seg mot disse angrepene. Security Patternene beskriver problemet, setter det i en kontekst og gir forslag til løsninger som kan brukes i valideringen. I dette prosjektet er det fokusert på løsninger i form av regex, siden det er en effektiv metode for dette formålet. Alle Security Patternene er presentert i et bibliotek på en webside utviklet i dette prosjektet. Hensikten har vært å gi utviklere en felles kilde hvor de kan søke etter inputangrep, finne løsninger for å beskytte seg mot de og legge til egne forslag til løsninger hvis de ønsker det. Det er også laget en funksjon for at brukere skal kunne gi en positiv eller negativ tilbakemelding på bidragene. Dette vil gi en form for kvalitetssikring, og på sikt bidra til at biblioteket blir mer komplett. Biblioteket er utviklet med tanke på utviklere som ikke har mye kjennskap til inputangrep og regex, men er også egnet for mer erfarne brukere. Det er i tillegg til websiden utviklet en plugin for utviklingsverktøyet Eclipse, hvor man finner igjen Security Patternene fra websiden og en regexgenerator for å få hjelp til å generere egne regex. En appletversjon av generatoren er tilgjengelig på websiden for de som ikke benytter Eclipse. Prosjektet er testet både internt, eksternt av potensielle brukere og det er også sendt ut til bedrifter og mottatt tilbakemeldinger fra dem. Produktene ble sett på som nyttige og brukervennlige av testerne, men de ga også konstruktive tilbakemeldinger på hva som kunne forbedres både på brukervennlighet og funksjonalitet. Testresultatene ble analysert og det er blitt gjort en rekke forbedringer av systemet basert på analysen. I evalueringen er det blitt sett på positive og negative sider ved produktene, basert på egne erfaringer og synspunkter og testpersonenes tilbakemeldinger. Evalueringen har gitt en oversikt over en rekke områder som kan forbedres, både på websiden og i pluginen, og dette er beskrevet i kapittelet "videre arbeid" . Nøkkelord: Programvaresikkerhet, Inputvalidering, Regex, Plugin, Security Pattern. ntnudaim SIF2 datateknikk Program- og informasjonssystemer Data- og informasjonsforvaltning
100	The Amazing City Game Bjerkhaug, Sondre Wigmostad, Mathisen, Runar Os, Valtola, Lawrence Alexander January 2011 (has links) Smartphones with capabilities for wireless Internet and GPS have become increasinglycommon in recent years, and a consequence of this is that pervasivegames have become more interesting from both an academical and a commercialpoint of view. Another area of interest is lifelong learning, which offers amore modern take on education compared to the traditional learning model. Inthis thesis we aim to discover whether or not pervasive gaming can help achievelifelong learning. This is done by creating a prototype of a pervasive game ina lifelong learning context for Android, analyzing the effectiveness of the prototype,and using the experiences drawn from it to design a platform to runknowledge competitions.We achieved this by conducting a prestudy on the Android mobile phone operatingsystem (including extension applications), the history of Trondheim, lifelonglearning, pervasive games, and the use of pervasive games in a lifelong learningcontext. During the prestudy we found out that there are several externalapplications and features of Android that can be utilized to expand the social,spatial, and temporal expansions of pervasive games. We also found that, intheory, pervasive games proved to be a suitable platform to support lifelonglearning.We then designed and developed a prototype on Android to run a puzzle racecalled The Amazing City Game. The race consisted of completing differenttasks related to the history of Trondheim, while traveling between many of thehistorical sites in the city. A demonstration race was conducted in early May withfour groups of two students each, using the authors and supervisors of this thesisas group observers. At the end of the race, the participants filled out a survey.Using the observations from the race and the results from the survey we foundthat the prototype was perceived as fun and educational. However, constructionof the race was challenging with many pitfalls concerning ambiguous tasks, useof language, and game balance.Finally, we have provided a possible design for a platform for running knowledgecompetitions. We used the experiences from the development of the prototype,and the results from the demonstration race to design a cleaner and more completeframework. This includes a refinement of the existing functionality anduser interface, adding requirements, and providing an extended discussion ontopics such as having an online community, possible server solutions, and securitymeasures against cheating. We believe that the concept of puzzle races in alifelong learning context is an interesting concept that could have positive effectsif utilized in the real world. ntnudaim:6156 MTDT datateknikk Data- og informasjonsforvaltning Program- og informasjonssystemer

Search results