Evaluation of the Security of Components in Distributed Information Systems / Värdering av komponenters säkerhet i distribuerade informations system

Andersson, Richard

January 2003

This thesis suggests a security evaluation framework for distributed information systems, responsible for generating a system modelling technique and an evaluation method. The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The information system is modelled by dividing it into increasingly smaller parts, evaluate the separate parts and then build up the system “bottom up” by combining the components. Evaluated components are stored as reusable instances in a component library. The evaluation method is focusing on technological components and is based on the Security Functional Requirements (SFR) of the Common Criteria. The method consists of the following steps: (1) define several security values with different aspects, to get variable evaluations (2) change and establish the set of SFR to fit the thesis, (3) interpret evaluated security functions, and possibly translate them to CIA or PDR, (4) map characteristics from system components to SFR and (5) combine evaluated components into an evaluated subsystem. An ontology is used to, in a versatile and dynamic way, structure the taxonomy and relations of the system components, the security functions, the security values and the risk handling. It is also a step towards defining a common terminology for IT security.

Informationsteknik

Security Evaluation

Modelling

Distributed Information Systems

Common Criteria

Ontology

Informationsteknik

Computer and Information Sciences

Data- och informationsvetenskap

Hide-Metadata Based Data Integration Environment for Hydrological Datasets

Ravindran, Nimmy

30 December 2004

Efficient data integration is one of the most challenging problems in data management, interoperation and analysis. The Earth science data which are heterogeneous are collected at various geographical locations for scientific studies and operational uses. The intrinsic problem of archiving, distributing and searching such huge scientific datasets is compounded by the heterogeneity of data and queries, thus limiting scientific analysis, and generation/validation of hydrologic forecast models. The data models of hydrologic research communities such as National Weather Service (NWS), National Oceanic and Atmospheric Administration (NOAA), and US Geological Survey (USGS) are diverse and complex. A complete derivation of any useful hydrological models from data integrated from all these sources is often a time consuming process. One of the current trends of data harvesting in scientific community is towards a distributed digital library initiative. However, these approaches may not be adequate for data sources / entities who do not want to "upload" the data into a "data pool." In view of this, we present here an effective architecture to address the issues of data integration in such a diverse environment for hydrological studies. The heterogeneities in these datasets are addressed based on the autonomy of data source in terms of design, communication, association and execution using a hierarchical integration model. A metadata model is also developed for defining data as well as the data sources, thus providing a uniform view of the data for different kind of users. An implementation of the model using web based system that integrates widely varied hydrology datasets from various data sources is also being developed. / Master of Science

earth science data

data interoperability

Scientific data integration

distributed information systems

metadata

A Quantitative Evaluation Framework for Component Security in Distributed Information Systems / Ett kvantitativt utvärderingsramverk för komponenters säkerhet i distribuerade informationssystem

Bond, Anders, Påhlsson, Nils

January 2004

<p>The Heimdal Framework presented in this thesis is a step towards an unambiguous framework that reveals the objective strength and weaknesses of the security of components. It provides a way to combine different aspects affecting the security of components - such as category requirements, implemented security functionality and the environment in which it operates - in a modular way, making each module replaceable in the event that a more accurate module is developed. </p><p>The environment is assessed and quantified through a methodology presented as a part of the Heimdal Framework. The result of the evaluation is quantitative data, which can be presented with varying degrees of detail, reflecting the needs of the evaluator. </p><p>The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The evaluation method is focusing on technological components and is based on, but not limited to, the Security Functional Requirements (SFR) of the Common Criteria.</p>

Informationsteknik

Quantitative

Security Evaluation

Threat Assessment

Distributed Information Systems

Common Criteria

Evaluation Framework

Component Security

Informationsteknik

Information technology

Informationsteknik

Identification of Security Relevant Characteristics in Distributed Information Systems / Identifiering av egenskaper relevanta för säkerheten i distribuerade informationssystem

Stjerneby, Anna

January 2002

This thesis suggests a set of system characteristics to be used when evaluating or analyzing the IT security of a distributed information system. Each characteristic is meant to be considered in the evaluation of relevant distributed system components. This is considered to be the first step towards finding a technique for modeling and evaluating the security of a system. The work also includes a definition of distributed information system components and a categorization of the found characteristics. The means used to identify the set of characteristics include a thorough investigation of the literature on the relevant subject, as well as a brainstorming session. Thereafter the material has been structured to form the results presented in this thesis.

Informationsteknik

IT security

distributed information systems

security architecture

security-related system characteristics

Informationsteknik

Computer and Information Sciences

Data- och informationsvetenskap

Rule-based In-network Processing For Event-driven Applications In Wireless Sensor Networks

Sanli, Ozgur

01 June 2011

Wireless sensor networks are application-specific networks that necessitate the development of specific network and information processing architectures that can meet the requirements of the applications involved. The most important challenge related to wireless sensor networks is the limited energy and computational resources of the battery powered sensor nodes. Although the central processing of information produces the most accurate results, it is not an energy-efficient method because it requires a continuous flow of raw sensor readings over the network. As communication operations are the most expensive in terms of energy usage, the distributed processing of information is indispensable for viable deployments of applications in wireless sensor networks. This method not only helps in reducing the total amount of packets transmitted and the total energy consumed by sensor nodes, but also produces scalable and fault-tolerant networks. Another important challenge associated with wireless sensor networks is that the possibility of sensory data being imperfect and imprecise is high. The requirement of precision necessitates employing expensive mechanisms such as redundancy or use of sophisticated equipments. Therefore, approximate computing may need to be used instead of precise computing to conserve energy. This thesis presents two schemes that distribute information processing for event-driven reactive applications, which are interested in higher-level information not in the raw sensory data of individual nodes, to appropriate nodes in sensor networks. Furthermore, based on these schemes, a fuzzy rule-based system is proposed that handles imprecision, inherently present in sensory data.

Peer to peer English/Chinese cross-language information retrieval

Lu, Chengye

January 2008

Peer to peer systems have been widely used in the internet. However, most of the peer to peer information systems are still missing some of the important features, for example cross-language IR (Information Retrieval) and collection selection / fusion features. Cross-language IR is the state-of-art research area in IR research community. It has not been used in any real world IR systems yet. Cross-language IR has the ability to issue a query in one language and receive documents in other languages. In typical peer to peer environment, users are from multiple countries. Their collections are definitely in multiple languages. Cross-language IR can help users to find documents more easily. E.g. many Chinese researchers will search research papers in both Chinese and English. With Cross-language IR, they can do one query in Chinese and get documents in two languages. The Out Of Vocabulary (OOV) problem is one of the key research areas in crosslanguage information retrieval. In recent years, web mining was shown to be one of the effective approaches to solving this problem. However, how to extract Multiword Lexical Units (MLUs) from the web content and how to select the correct translations from the extracted candidate MLUs are still two difficult problems in web mining based automated translation approaches. Discovering resource descriptions and merging results obtained from remote search engines are two key issues in distributed information retrieval studies. In uncooperative environments, query-based sampling and normalized-score based merging strategies are well-known approaches to solve such problems. However, such approaches only consider the content of the remote database but do not consider the retrieval performance of the remote search engine. This thesis presents research on building a peer to peer IR system with crosslanguage IR and advance collection profiling technique for fusion features. Particularly, this thesis first presents a new Chinese term measurement and new Chinese MLU extraction process that works well on small corpora. An approach to selection of MLUs in a more accurate manner is also presented. After that, this thesis proposes a collection profiling strategy which can discover not only collection content but also retrieval performance of the remote search engine. Based on collection profiling, a web-based query classification method and two collection fusion approaches are developed and presented in this thesis. Our experiments show that the proposed strategies are effective in merging results in uncooperative peer to peer environments. Here, an uncooperative environment is defined as each peer in the system is autonomous. Peer like to share documents but they do not share collection statistics. This environment is a typical peer to peer IR environment. Finally, all those approaches are grouped together to build up a secure peer to peer multilingual IR system that cooperates through X.509 and email system.

A Quantitative Evaluation Framework for Component Security in Distributed Information Systems / Ett kvantitativt utvärderingsramverk för komponenters säkerhet i distribuerade informationssystem

Bond, Anders, Påhlsson, Nils

January 2004

The Heimdal Framework presented in this thesis is a step towards an unambiguous framework that reveals the objective strength and weaknesses of the security of components. It provides a way to combine different aspects affecting the security of components - such as category requirements, implemented security functionality and the environment in which it operates - in a modular way, making each module replaceable in the event that a more accurate module is developed. The environment is assessed and quantified through a methodology presented as a part of the Heimdal Framework. The result of the evaluation is quantitative data, which can be presented with varying degrees of detail, reflecting the needs of the evaluator. The framework is flexible and divides the problem space into smaller, more accomplishable subtasks with the means to focus on specific problems, aspects or system scopes. The evaluation method is focusing on technological components and is based on, but not limited to, the Security Functional Requirements (SFR) of the Common Criteria.

Informationsteknik

Quantitative

Security Evaluation

Threat Assessment

Distributed Information Systems

Common Criteria

Evaluation Framework

Component Security

Informationsteknik

Computer and Information Sciences

Data- och informationsvetenskap

Distribuovaný informační systém založený na sémantických technologiích / Distributed Information System Based on Semantic Technology

Havlena, Jan

January 2010

This master's thesis deals with the design of a distributed information system, where the data distribution is based on semantic technologies. The project analyzes the semantic web technologies with the focus on information exchange between information systems and the related terms, mainly ontologies, ontology languages and the Resource description framework. Furthermore, there is described a proposal an ontology which is used to describe the data exchanged between the systems and the technologies used to implement distributed information system. The most important of them are Java Server Faces and Sesame.

Distribuovaný informační systém malé firmy / Distributed Information System for a Small Firm

Pajgrt, Ondřej

January 2010

This thesis deals with implementation of distributed information systém for a small construction engineering firm all the way from design to deployment. We will be introduced to distributed applications problems and technologies involved either throught direct relevance or as a support tool for the implementation of the project. In addition, this work will guide us throught complete design and implementation of a final product.

Развој адаптибилног дистрибуираног информационог система за подршку управљању реализацијом софтверских пројеката / Razvoj adaptibilnog distribuiranog informacionog sistema za podršku upravljanju realizacijom softverskih projekata / Development of an Adaptable Distributed Information System for Software Project Management Support

Kazi LJubica

05 February 2016

<p>У овом раду приказанa je анализа резултата истраживања,<br />постојећих техничких решења и искустава из IT индустрије у<br />појединачним и комбинованим областима: дистрибуирани<br />развој софтвера и управљање софтверским пројектима у<br />дистрибуираном окружењу, метричка заснованост управљања<br />софтверским пројектима, адатибилност у управљању агилним<br />софтверским пројектима, адаптибилни дистрибуираних<br />информациони системи.<br />Предложен је функционално-технолошки теоријски модел<br />софтверске подршке адаптибилног дистрибуираног<br />информационог система за подршку управљању реализацијом<br />софтверских пројеката. Предложени су приступи у процесу<br />развоја система у оквиру креирања модела софтверских<br />функција и концептуалног модела података. Предложени су<br />метрички модели за евалуацију артефакта у развоју софтвера у<br />области развоја информационих система, као и метрички<br />модели за процену трајања пројекта и мониторинг успеха<br />процеса у дистрибуираном развоју софтвера.<br />Описана је имплементација почетног прототипа система<br />(реализованог као web апликација www.it-project.rs), у оквиру<br />ког су реализоване основне функције система. Извршена су<br />емпиријска истраживања могућности коришћења прототипа<br />система у настави и професионалном усавршавању студената и<br />анализа резултата пробног коришћења прототипа од стране ИТ<br />кадрова уз пратеће анкетирање. Извршена је бенчмаркинг<br />анализа најчешће коришћених расположивих алата издвојених<br />анкетирањем. Извршена је анализа резултата емпиријских<br />истраживања у односу на ефикасност примене прототипа.<br />Извршена је анализа резултата примене метричких модела за<br />евалуацију артефакта развоја софтвера, мониторинг успеха<br />процеса и процену трајања пројекта у делу процеса<br />имплементације софтвера. Реализовано је унапређење<br />прототипа у односу на претходно дефинисане захтеве<br />функционално-технолошког теоријског модела система.</p> / <p>U ovom radu prikazana je analiza rezultata istraživanja,<br />postojećih tehničkih rešenja i iskustava iz IT industrije u<br />pojedinačnim i kombinovanim oblastima: distribuirani<br />razvoj softvera i upravljanje softverskim projektima u<br />distribuiranom okruženju, metrička zasnovanost upravljanja<br />softverskim projektima, adatibilnost u upravljanju agilnim<br />softverskim projektima, adaptibilni distribuiranih<br />informacioni sistemi.<br />Predložen je funkcionalno-tehnološki teorijski model<br />softverske podrške adaptibilnog distribuiranog<br />informacionog sistema za podršku upravljanju realizacijom<br />softverskih projekata. Predloženi su pristupi u procesu<br />razvoja sistema u okviru kreiranja modela softverskih<br />funkcija i konceptualnog modela podataka. Predloženi su<br />metrički modeli za evaluaciju artefakta u razvoju softvera u<br />oblasti razvoja informacionih sistema, kao i metrički<br />modeli za procenu trajanja projekta i monitoring uspeha<br />procesa u distribuiranom razvoju softvera.<br />Opisana je implementacija početnog prototipa sistema<br />(realizovanog kao web aplikacija www.it-project.rs), u okviru<br />kog su realizovane osnovne funkcije sistema. Izvršena su<br />empirijska istraživanja mogućnosti korišćenja prototipa<br />sistema u nastavi i profesionalnom usavršavanju studenata i<br />analiza rezultata probnog korišćenja prototipa od strane IT<br />kadrova uz prateće anketiranje. Izvršena je benčmarking<br />analiza najčešće korišćenih raspoloživih alata izdvojenih<br />anketiranjem. Izvršena je analiza rezultata empirijskih<br />istraživanja u odnosu na efikasnost primene prototipa.<br />Izvršena je analiza rezultata primene metričkih modela za<br />evaluaciju artefakta razvoja softvera, monitoring uspeha<br />procesa i procenu trajanja projekta u delu procesa<br />implementacije softvera. Realizovano je unapređenje<br />prototipa u odnosu na prethodno definisane zahteve<br />funkcionalno-tehnološkog teorijskog modela sistema.</p> / <p>Тhis work presents analysis of research results, existing<br />technical solutions and experiences from IT industry in<br />separate and combined fields of: distributed software<br />development, software project management in distributed<br />environment, metric-based software project management,<br />adaptability in management of agile software projects, as<br />well in the field of adaptable distributed information<br />systems.<br />Functional-technological theoretical model of software<br />support to adaptable distributed information system for<br />software projects realization has been proposed. Approaches<br />to creating software functions model and conceptual data<br />model within the process of the system development were<br />proposed. Metric models for evaluation of artefacts created<br />in software development within information system<br />development, as well as metric models for project duration<br />estimation and monitoring of process success in distributed<br />software development were proposed.<br />Implementation of initial prototype of the system<br />(developed as web application www.it-project.rs), that<br />includes basic functions, was described. Empirical research<br />on possibilities for using prototype in educational<br />environment and professional improvement of students, as<br />well as analysis of results from using the prototype by IT<br />professionals, with additional questionnaire, has been<br />conducted. Benchmarking analysis of most frequently used<br />available tools, extracted from questionnaire results, has<br />been performed. Analysis of empirical research results has<br />been performed in the context of prototype using efficiency.<br />Analysis of results in metric models application in evaluation<br />of software development artefacts, process success<br />monitoring and project duration estimation, in software<br />implementation process part, has been conducted.<br />Improvement of prototype has been implemented according<br />to requirements defined in previously proposed functionaltechnological<br />theoretical model of the system.</p>