Global ETD Search

21	Autentiseringsprocesser i molnbaserade datortjänster Göthesson, Richard, Hedman, Gustav January 2016 (has links) Tidigare forskning har påvisat brister i olika former av autentiseringsprocesser som leder till autentiseringsattacker. Målet med vår studie är att presentera ett antal riktlinjer som företag och privatpersoner kan följa för att minimera risken för autentiseringsattacker. Metoderna som användes för att komma fram till dessa riktlinjer var kvalitativa där en praktisk observationsstudie, en litteraturstudie samt en enkätundersökning låg till grund för vår insamlade data. Resultatet av studien pekar på att Google Cloud Platform, Amazon Web Services och Microsoft Azure alla har en stark autentiseringsprocess i jämförelse med kritik från tidigare forskning. Enkätundersökningen visade dessutom att olika former av alternativ autentisering, såsom Two Factor Authentication (2FA) och Multi Factor Authentication (MFA), rekommenderas för ett starkt försvar mot autentiseringsattacker.Uppsatsens resultat pekar även på att användarens egenansvar i autentiseringsprocessen är av stor vikt för att minimera risken för autentiseringsattacker. Säkra lösenord bör konstrueras och frekvent bytas ut. Även alternativ autentisering och begränsning av användarens tillgång till känslig information bör tillämpas. / Previous research has shown deficiencies in various forms of authentication processes that lead to authentication attacks. The goal of our study is to present a number of guidelines that businesses and individuals can follow to minimize the risk of authentication attacks. The methods used to reach these guidelines were qualitative. They consisted of a practical observational study, a literature review and a survey, which formed the basis of our collected data. The results of the study indicate that Google Cloud Platform, Amazon Web Services and Microsoft Azure all have a strong authentication process in comparison with the criticism of previous research. The survey also showed that different forms of authentication methods, such as the Two Factor Authentication (2FA) and Multi Factor Authentication (MFA), are recommended for a strong defense against authentication attacks.The thesis’ results also points to the user’s own responsibility in the authentication process are essential to minimize the risk of authentication attacks. Secure passwords should be designed and frequently replaced. Alternative authentication and restricted access to sensitive information for the user should also be applied. molnbaserade datortjänster autentiseringsattacker autentisering Microsoft Azure Google Cloud Platform Amazon Web Services authentication cloud computing guidelines authentication attacks Engineering and Technology Teknik och teknologier
22	Introducing the Modern and Future Development of “Web Applications” Using JHipster Development Platform. Vilcinskaite, Milena January 2021 (has links) Generating web applications with correct structure and modern functionalities using a development platform is not widely known for students in academia around the world. Modern web development is moving further towards advancement where different functionalities adapted for web application development increase and become more central in today's market. Introducing modern concepts in web application development to the students in academia at an early stage is essential in order to provide better insight of how to suitably develop and maintain the structure of modern "Web Applications". This thesis describes the work carried out to investigate how a web application can effectively be developed and structured by the undergraduate students in the course II1302 Projects and project methods at the Royal Institute of Technology (KTH) using a development platform. The case study is conducted as a research method for this thesis. The research method revolved around experimentation with an example application to identify the possibilities of using a development platform in conjunction to improve the teaching of modern web application development early in education, and then apply the development platform in the course's future projects. This thesis identifies pertinent fields of knowledge throughout the development of a web application using the development platform to learn about the relevant concepts and definitions of modern and future technologies used in web application development. The implementation of the web application covers the areas such as automation, deployment, and monitoring. These areas are utilized in the form of the following aspects: DevOps, CI/CD, integration cloud deployment, IoT simulated device, MVC design pattern architecture for both frontend and backend, programming frameworks, i.e., Angular JS frontend framework and Spring Boot backend framework. A description of how the application is managed and what technologies and resources are used is presented. These aspects are used throughout the process of web application development. The requirements of using the development platform aim to be relevant to the students' studies at a sufficient difficulty level in course II1302. The students are expected to have an extended knowledge in basic web application development. / Att generera webbapplikationer med rätt struktur och moderna funktioner med hjälp av en utvecklingsplattform är inte allmänt känt för studenter inom akademin runt om i världen. Modern webbutveckling går vidare mot avancemang där olika funktioner anpassade för webbapplikationsutveckling ökar och blir mer centrala på dagens marknad. Att introducera moderna koncept inom webbapplikationsutveckling för studenter i akademin på ett tidigt stadium är viktigt för att ge bättre insikt om hur man på ett lämpligt sätt kan utveckla och behålla strukturen för moderna "Web Applications". Denna avhandling beskriver arbetet med att undersöka hur en webbapplikation effektivt kan utvecklas och struktureras av studenterna i kursen II1302 Projekt och projektmetoder vid Royal Institute of Technology (KTH) med hjälp av en utvecklingsplattform. Fallstudien genomförs som en forskningsmetod för denna avhandling. Forskningsmetoden kretsade kring experiment med en exempelapplikation för att identifiera möjligheterna att använda en utvecklingsplattform tillsammans för att förbättra undervisningen i modern webbapplikationsutveckling tidigt i utbildningen och sedan tillämpa utvecklingsplattformen i kursens framtida projekt. Denna avhandling identifierar relevanta kunskapsområden genom utvecklingen av en webbapplikation med hjälp av utvecklingsplattformen för att lära sig relevanta begrepp och definitioner av modern och framtida teknik som används i webbapplikationsutveckling. Implementeringen av webbapplikationen täcker områden som automatisering, distribution och övervakning. Dessa områden används i form av följande aspekter: DevOps, CI/CD, integration av moln, IoT -simulerad enhet, MVC -designmönsterarkitektur för både frontend och backend, programmeringsramar, dvs Angular JS frontend framework och Spring Boot backend framework. En beskrivning av hur applikationen hanteras och vilken teknik och resurser som används presenteras. Dessa aspekter används under hela processen för webbapplikationsutveckling. Kraven för att använda utvecklingsplattformen syftar till att vara relevanta för studenternas studier med tillräcklig svårighetsgrad i kurs II1302. Studenterna förväntas ha en utökad kunskap inom grundläggande webbapplikationsutveckling. Google Cloud Platform Simulated IoT device Web application development JHipster application structure generator CI/CD integration Angular JS Student experience Student project. Google Cloud Plattform Simulerad IoT-enhet Webb applikationsutveckling JHipster applikationsstruktur generator CI/CD integration Angular JS Student erfarenhet Studentprojekt. Computer Engineering Datorteknik
23	REGTEST - an Automatic & Adaptive GUI Regression Testing Tool. Forsgren, Robert, Petersson Vasquez, Erik January 2018 (has links) Software testing is something that is very common and is done to increase the quality of and confidence in a software. In this report, an idea is proposed to create a software for GUI regression testing which uses image recognition to perform steps from test cases. The problem that exists with such a solution is that if a GUI has had changes made to it, then many test cases might break. For this reason, REGTEST was created which is a GUI regression testing tool that is able to handle one type of change that has been made to the GUI component, such as a change in color, shape, location or text. This type of solution is interesting because setting up tests with such a tool can be very fast and easy, but one previously big drawback of using image recognition for GUI testing is that it has not been able to handle changes well. It can be compared to tools that use IDs to perform a test where the actual visualization of a GUI component does not matter; It only matters that the ID stays the same; however, when using such tools, it either requires underlying knowledge of the GUI component naming conventions or the use of tools which automatically constructs XPath queries for the components. To verify that REGTEST can work as well as existing tools a comparison was made against two professional tools called Ranorex and Kantu. In those tests, REGTEST proved very successful and performed close to, or better than the other software. GUI Test Regression Regression test Machine vision Google Cloud Vision OpenCV Adaptive Automatic Automation Image recognition Web Testing Similarity. Övrig annan teknik Computer Engineering Datorteknik
24	Balancing Money and Time for OLAP Queries on Cloud Databases Sabih, Rafia January 2016 (has links) (PDF) Enterprise Database Management Systems (DBMSs) have to contend with resource-intensive and time-varying workloads, making them well-suited candidates for migration to cloud plat-forms { specifically, they can dynamically leverage the resource elasticity while retaining affordability through the pay-as-you-go rental interface. The current design of database engine components lays emphasis on maximizing computing efficiency, but to fully capitalize on the cloud's benefits, the outlays of these computations also need to be factored into the planning exercise. In this thesis, we investigate this contemporary problem in the context of industrial-strength deployments of relational database systems on real-world cloud platforms. Specifically, we consider how the traditional metric used to compare query execution plans, namely response-time, can be augmented to incorporate monetary costs in the decision process. The challenge here is that execution-time and monetary costs are adversarial metrics, with a decrease in one entailing a rise in the other. For instance, a Virtual Machine (VM) with rich physical resources (RAM, cores, etc.) decreases the query response-time, but is expensive with regard to rental rates. In a nutshell, there is a tradeoff between money and time, and our goal therefore is to identify the VM that others the best tradeoff between these two competing considerations. In our study, we pro le the behavior of money versus time for a given query, and de ne the best tradeoff as the \knee" { that is, the location on the pro le with the minimum Euclidean distance from the origin. To study the performance of industrial-strength database engines on real-world cloud infrastructure, we have deployed a commercial DBMS on Google cloud services. On this platform, we have carried out extensive experimentation with the TPC-DS decision-support benchmark, an industry-wide standard for evaluating database system performance. Our experiments demonstrate that the choice of VM for hosting the database server is a crucial decision, because: (i) variation in time and money across VMs is significant for a given query, (ii) no one VM offers the best money-time tradeoff across all queries. To efficiently identify the VM with the best tradeoff from a large suite of available configurations, we propose a technique to characterize the money-time pro le for a given query. The core of this technique is a VM pruning mechanism that exploits the property of partially ordered set of the VMs on their resources. It processes the minimal and maximal VMs of this poset for estimated query response-time. If the response-times on these extreme VMs are similar, then all the VMs sandwiched between them are pruned from further consideration. Otherwise, the already processed VMs are set aside, and the minimal and maximal VMs of the remaining unprocessed VMs are evaluated for their response-times. Finally, the knee VM is identified from the processed VMs as the one with the minimum Euclidean distance from the origin on the money-time space. We theoretically prove that this technique always identifies the knee VM; further, if it is acceptable to and a \near-optimal" knee by providing a relaxation-factor on the response-time distance from the optimal knee, then it is also capable of finding more efficiently a satisfactory knee under these relaxed conditions. We propose two favors of this approach: the first one prunes the VMs using complete plan information received from database engine API, and named as Plan-based Identification of Knee (PIK). On the other hand, to further increase the efficiency of the identification of the knee VM, we propose a sub-plan based pruning algorithm called Sub-Plan-based Identification of Knee (SPIK), which requires modifications in the query optimizer. We have evaluated PIK on a commercial system and found that it often requires processing for only 20% of the total VMs. The efficiency of the algorithm is further increased significantly, by using 10-20% relaxation in response-time. For evaluating SPIK , we prototyped it on an open-source engine { Postgresql 9.3, and also implemented it as Java wrapper program with the commercial engine. Experimentally, the processing done by SPIK is found to be only 40% of the PIK approach. Therefore, from an overall perspective, this thesis facilitates the desired migration of enterprise databases to cloud platforms, by identifying the VM(s) that offer competitive tradeoffs between money and time for the given query. Database Management Syatem (DBMS) Virtual Machine Google Cloud Services Cloud Platforms Cloud Databases Cloud Query Processing Model Plan-based Identification of Knee (PIK ) Knee VM Computational and Data Sciences
25	Internet of Things / Internet of Things Piškula, David January 2019 (has links) This thesis focuses on the Internet of Things and some of the most important problems it faces today. Among these are the overdependence on the Cloud and lack of autonomy, poor security and privacy, complicated initialization and power consumption. The work aims to implement a complex IoT solution that solves the discussed problems. The project is part of a collaboration with NXP Semicondutors and will be used to showcase the company's technologies.
26	Cost optimization in the cloud : An analysis on how to apply an optimization framework to the procurement of cloud contracts at Spotify Ekholm, Harald, Englund, Daniel January 2020 (has links) In the modern era of IT, cloud computing is becoming the new standard. Companies have gone from owning their own data centers to procuring virtualized computational resources as a service. This technology opens up for elasticity and cost savings. Computational resources have gone from being a capital expenditure to an operational expenditure. Vendors, such as Google, Amazon, and Microsoft, offer these services globally with different provisioning alternatives. In this thesis, we focus on providing a cost optimization algorithm for Spotify on the Google Cloud Platform. To achieve this we construct an algorithm that breaks up the problem in four different parts. Firstly, we generate trajectories of monthly active users. Secondly, we split these trajectories up in regions and redistribute monthly active users to better describe the actual Google Cloud Platform footprint. Thirdly we calculate usage per monthly active users quotas from a representative week of usage and use these to translate the redistributed monthly active users trajectories to usage. Lastly, we apply an optimization algorithm to these trajectories and obtain an objective value. These results are then evaluated using statistical methods to determine the reliability. The final model solves the problem to optimality and provides statistically reliable results. As a consequence, we can give recommendations to Spotify on how to minimize their cloud cost, while considering the uncertainty in demand. cloud computing Spotify monte carlo MC stochastic processes stochastic programming Google Cloud Platform GCP IT computational resources optimization cost optimization forecast procurement Mathematics Matematik Probability Theory and Statistics Sannolikhetsteori och statistik Mathematical Analysis Matematisk analys Computational Mathematics Beräkningsmatematik
27	Mobilní systém pro rozpoznání textu na iOS / Mobile System for Text Recognition on iOS Bobák, Petr January 2017 (has links) This thesis describes a development of a modern client-server application for text recognition on iOS platform. The reader is acquainted with common principles of a client-server model, including its known architecture styles, and with a distribution of logical layers between both sides of the model. After that the thesis depicts current trends and examples of suitable technologies for creating an application programming interface of a web server. Possible ways of text recognition on the server side are discussed as well. In context of a client side, the thesis provides an insight into iOS platform and a few important concepts in iOS application development. Following implementation of the server side is stressed to be reusable as much as possible for different kinds of use cases. Last but not least, the thesis provides a simple iOS framework for a direct communication with the recognition server. Finally, an application for evaluation of food ingredients from a packaging material is implemented as an example of usage.
28	A Qualitative Comparative Analysis of Data Breaches at Companies with Air-Gap Cloud Security and Multi-Cloud Environments T Richard Stroupe Jr. (17420145) 20 November 2023 (has links) <p dir="ltr">The purpose of this qualitative case study was to describe how multi-cloud and cloud-based air gapped system security breaches occurred, how organizations responded, the kinds of data that were breached, and what security measures were implemented after the breach to prevent and repel future attacks. Qualitative research methods and secondary survey data were combined to answer the research questions. Due to the limited information available on successful unauthorized breaches to multi-cloud and cloud-based air gapped systems and corresponding data, the study was focused on the discovery of variables from several trustworthily sources of secondary data, including breach reports, press releases, public interviews, and news articles from the last five years and qualitative survey data. The sample included highly trained cloud professionals with air-gapped cloud experience from Amazon Web Services, Microsoft, Google and Oracle. The study utilized unstructured interviews with open-ended questions and observations to record and document data and analyze results.</p><p dir="ltr">By describing instances of multi-cloud and cloud-based air gapped system breaches in the last five years this study could add to the body of literature related to best practices for securing cloud-based data, preventing data breach on such systems, and for recovering from breach once it has occurred. This study would have significance to companies aiming to protect secure data from cyber attackers. It would also be significant to individuals who have provided their confidential data to companies who utilize such systems. In the primary data, 12 themes emerged. The themes were Air Gap Weaknesses Same as Other Systems, Misconfiguration of Cloud Settings, Insider Threat as Attack Vector, Phishing as Attack Vector, Software as Attack Vector, and Physical Media as Attack Vector, Lack of Reaction to Breaches, Better Authentication to Prevent Breaches, Communications, and Training in Response to Breach, Specific Responses to Specific Problems, Greater Separation of Risk from User End, and Greater Separation of Risk from Service End. For secondary data, AWS had four themes, Microsoft Azure had two, and both Google Cloud and Oracle had three.</p> Cloud computing air-gapped systems cloud-based air-gapped systems cybersecurity cybersecurity breach multi-cloud environments security measures cybersecurity attack Amazon Web Services (AWS) Google Cloud Platform Microsoft Azure Cloud oracle cloud infrastructure

Search results