Global ETD Search

361	Joining in Apache Derby: Removing the Obstacles Holum, Henrik, Løvland, Svein Erik Reknes January 2008 (has links) Over the last decade, the amount of commercial interest in Open Source has been growing rapidly. This has led to commercially driven Open Source projects. Those projects have problems keeping their newcomers and needs ways to ease the joining process. Therefore we ask these research questions: RQ1: Which obstacles are encountered by Newcomers to Apache Derby when Joining? RQ2: What can be done to ease the Joining process? There has been very little research on what the OSS projects can do in this area. As a consequence it is hard to find good reliable theory to cross-reference this research. If the research is successful, it can contribute to the literature on joining in OSS projects. This literature will then contain all obstacles encountered by newcomers to OSS projects and ways to mitigate these. In this master's thesis Canonical Action Research was used to study the Open Source project Apache Derby. Canonical Action Research is a qualitative research method where the researchers enters the environment they are researching to extract the data needed. We have three contributions in this thesis. The first contribution is a list of obstacles in the joining process of Apache Derby. The second contribution is suggestions on how a project can mitigate the contribution barriers we found. The third contribution is a refined version of CAR to use when studying Open Source Software Development. The list of obstacles is a contribution specific to the Apache Derby project, and it is very unlikely that other non Apache projects will benefit from it. Our suggestions on how a project can mitigate contribution barriers are potentially generalizable. Different projects have different structures, and some of the contribution barriers might therefore not apply to them all. The refined CAR model is general for all research on OSS projects. This is the result we think can have the biggest impact on the research community if proven successful. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
362	Security in a Service-Oriented Architecture Rodem, Magne January 2008 (has links) In a service-oriented architecture (SOA), parts of software applications are made available as services. These services can be combined across multiple applications, technologies, and organizations. As a result, functionality can be more easily reused, and new business processes can be assembled at a low cost. However, as more functionality is exposed outside of the traditional boundaries of applications, new approaches to security are needed. While SOA shares many of the security threats of traditional systems, the countermeasures to some of these threats may differ. Most notably, eavesdropping, data tampering, and replay attacks must be countered on the message level in a complex SOA environment. In addition, the open and distributed nature of SOA leads to new ways of handling authentication, authorization, logging, and monitoring. Web Services are the most popular way of realizing SOA in practice, and make use of a set of standards such as WS-Security, XML Encryption, XML Signature, and SAML for handling these new security approaches. Guidelines exist for development of secure software systems, and provide recommendations for things to do or to avoid. In this thesis, I use my findings with regard to security challenges, threats, and countermeasures to create a set of security guidelines that should be applied during requirements engineering and design of a SOA. Practical use of these guidelines is demonstrated by applying them during development of a SOA-based system. This system imports personal data into multiple administrative systems managed by UNINETT FAS, and is designed using Web Services and XML-based security standards. Through this practical demonstration, I show that my guidelines can be used as a reference for making appropriate security decisions during development of a SOA. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
363	Context-Aware Goods : Combining RFID Tracking and Environment Sensing Albretsen, Sigve, Larsen, Mikael André January 2008 (has links) Technology is becoming increasingly important in the effort to ensure safe food and good food quality, especially in the fresh food industry. Examples of such technology are systems for tracking and tracing food products, and the use of sensors to obtain context information about the environment. This technology is becoming more mature, and various standards are starting to emerge, but little work has been done combining these technologies or respective standards. This thesis presents an example software architecture combining an RFID tracking system with context information retrieved from sensors. The sensors can be located both on the RFID tag itself and in locations where the items are, or have been, located. Two frameworks are combined in this architecture; EPC Architecture Framework for item tracking and Sensor Web Enablement for sensor and context information. A set of scenarios describing potential uses of this technology is also presented. They are grouped by topics, with categories such as quality deterioration, temperature profiles, sensor collaboration and intelligent goods, hierarchy of goods with sensors, and proximity control. Each scenario is independent of the technical solution used, and does not require our architecture. The focus is on what can be achieved when a context-enabled tracking solution is implemented. These scenarios form the basis for the requirements specification of the architecture. The thesis shows that the integration of the two standard frameworks can be achieved with relatively small modifications, and that the technology needed to achieve what is presented in the scenarios is already available. It is, however, necessary to perform pilot implementations and testing in order to find how best to utilize the technology. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
364	Software Contracting and Agile Development in the Norwegian ICT Industry : A Qualitative Survey Ganes, Anders, Nævdal, Snorre January 2008 (has links) This thesis takes a closer look at how various contract models affect the ability to use agile software development, and the work being done to help improve contracts so they better facilitate agile principles. Agile development methods are becoming increasingly popular, while most contractual standards are meant for plan-based development methods. There are done little research regarding the subject, but it is a growing concern in the industry. Work is also currently done on Norwegian contractual frameworks that aim to update two commonly used contracts. The research done consist of several interviews with industry practitioners representing Norwegian consultancy companies experienced in agile development methods. It also includes interviews of contract experts in addition to a search and study of the literature on the subject. These interviews have been analyzed and compared to literature on the subject. The results of the research revealed a number of challenges with today's contract models. Several discoveries showed difficulties with bureaucracy and customer involvement. Using traditional contracts could also easily require more upfront work than what is sensible when using agile methods. It is possible to bypass these challenges by either adapting the development method, or putting the contract aside. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
365	Profile based Intrusion Detection for Internet Banking Systems Karlsen, Kåre Nordvik, Killingberg, Tarje January 2008 (has links) A review of publications treating security in Internet banking systems has uncovered a practice that finds security by obscurity just as important as actual security measures. The key reason for this is that security measures do not provide a sufficient return on investment by fraud and misuse detection. Hence, the banks have so far taken the risk of providing poor security in their systems, and instead compensated the compromised users. This introduces the need for a cost-efficient, non-intrusive and customizable novel fraud and misuse detection system. This report describes the work done in researching such a system, based on audit data from a highly customized system, and using machine learning methods to provide functionality. By choosing to use audit data as the primary source of information, data can be gathered from the system in close to real-time, without interfering with the existing functionality. Audit mechanisms are commonly present in any system, thus they are the primary source from which a non-intrusive solution can be obtained. This report proposes the use of profiles to learn a baseline of the normal interaction between a user and the system. Each profile looks at the available data at different levels of abstraction so that different properties in the behavior can be learned. By using these profiles, each profile can be refined to learn its level of abstraction, while still providing a complete picture of a user's behavior. Machine learning methods can be used to automatically learn a baseline for normal behavior based on a set of historical data. The learned behavior can then be used to compare new instances against the baseline in order to classify them as normal or abnormal. Abnormal behavior would then be an indication that a user is conducting illegitimate activity. The results of our proposed solution are satisfactory. We are able to detect anomalies by different profiles and data sources. However, there are issues when it comes to evaluating the solution. Since we are trying to detect novel fraud and misuse behavior, there is no apparent test set to compare against. Some options for evaluation of anomaly detection exist. However, we found none of these to be satisfactory. Further research needs to be conducted in this area before a functional solution can be created. This report uses results and experiences to create a foundation for such further research. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
366	Global Software Development: A Case Study of Knowledge Management Challenges and Industry Approaches Dharmadas, Mugunthan January 2008 (has links) Recent years, Global Software Development has been pervasive in the field of software development. Research literature describes empirically observed benefits and challenges, but it is descriptive and pragmatic, and offers little theoretic grounding of the findings. The literature recognizes communication and transfer of knowledge as one of the main issues haunting software development, causing poor implementation of projects and poor software quality. This report presents a case study of globally distributed software development, the communicational and knowledge managerial challenges observed, and theoretic reasoning of these. Mitos Desert projects have been ongoing for several years with teams in India and Norway. The observed challenges are inadequate information quality when using a middleman in communication; difficulties due to peoples preferences on written and oral language use; unbalanced knowledge distribution causing dependencies across sites; lack of informal talks across sites causing coordination issues. Mitos approaches to cope with these challenges includes extensive visiting; a kit to promote rapid learning for new joiners; intermediaries with cross-cultural experience; quarterly feedback; written summary of meetings to confirm correct interpretation. Overall, Mitos shows maturity in conducting global software development, causing relatively smooth implementation of such projects. Through the discussion of challenges and solutions, this report shows that a theoretic grounding can contribute to describe why challenges occur and solutions work, rather than only describing what happens. Also, the study shows the vital role of theories for a better understanding of knowledge managerial aspects of global software development. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
367	A Study of Development and Maintenance in Norway Davidsen, Magne Kristoffer January 2009 (has links) Do a survey investigation of software maintenance and development in Norway. Extend with case studies. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
368	Web Service Clients on Mobile Android Devices : A Study on Architectural Alternatives and Client Performance Knutsen, Johannes January 2009 (has links) This paper studies Android, a new open source software stack initiated by Google, and the possibilities of developing a mobile client for MPower, a service oriented architecture platform based upon SOAP messaging. The study focuses on the architectural alternatives, their impacts on the mobile client application, Android’s performance on SOAP messaging, and how Web services’ design can be optimized to give well performing Android clients. The results from this study shows how different architectures directly impacts properties, like off-line usage support, of a SOAP client application on Android. Additionally, the performance measurements shows that building Android client applications which directly invokes Web services with SOAP messaging is possible to make effective enough for typical usage situations. Further, the results indicates how Web services should be designed with care to minimize the required data transfer and processing on the device. Such careful design can be achieved by using coordinating Web services which hides complexity and provides an interface designed for the specific client applications. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
369	Activity Based Computing : Health workers and the principles of ABC Ormberg, Hans Kristian Jasmin January 2009 (has links) This thesis takes a closer look at Activiy Based Computing (ABC), at health workers and how they use computers, at what aspects of ABC they find useful for their everyday work and at what should be taken into consideration when designing the next generation ABC-system. For answering these questions, doctors and nurses were asked to participate in a workshop where the theme was: "Next generation clinical infomation systems". In all seven health workers participated in two workshops. Previous work has produced the "ABC-principles" and the "Attributes of session-aware systems". The cross-section of the two sets of principles have been derrived, and yielded the list used as the base in the evaluations: Multiple patients Multiple tasks Mobility Collaboration Handover Interruption The two workshops both started with an introduction of the differet principles, before a usability evaluation (evaluating the principles), a role play and finally a focus group (containing a card ranking). In addition some of the participants were observed in their natural environment. The results of the different methods conclude that the evaluated principles all are appreciated by the health workers, but have to be implemented in a satisfactory way. They should all be taken into consideration when designing a new computer system for use within the health sector. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
370	Open Source Software at Telenor IS Skarpenes, Tron André, Velle, Ketil Sandanger January 2009 (has links) Open Source Software (OSS) is becoming a real alternative to proprietary software because of the attractive characteristics it might bring (e.g. reduced costs, independence from vendors and increased innovation). Consequently, adoption of OSS is getting more attention and the industry is adopting OSS in a much larger scale than before. Telenor IS, the information system branch of Telenor Nordic, has realized that OSS adoption is increasing and noticed the advantages that OSS might bring for them. Therefore they have started a project called Open Source 2010. Among this projects goals are finding suitable OSS products to use within the company, and to increase the overall adoption of OSS to avoid lock-in to commercial vendors and be able to cut costs. As part of the Open Source 2010 project, we investigated three issues. The first is what concrete experience the individual employee has with OSS. The second is to examine the employees attitude towards OSS, and how they assess an increased use of OSS in Telenor IS. The third is exploring which advantages and risks OSS could bring, in addition to which preparations that should be made to ease the adoption of OSS. To investigate these issues, we cooperated with Telenor IS to develop a survey consisting of both interviews and a questionnaire. To validate, supplement and disseminate the results from the survey, two workshops were conducted with Telenor employees. This thesis has three main contributions. 1. Empirical findings showing that: (i) There is no real difference in attitudes towards OSS between leaders and non-leaders. (ii) A notable amount of OSS is in use, supporting that OSS adoption is increasing. (iii) Leaders are not necessarily aware of all the OSS being used. 2. Identification of several advantages, risks and preparations which are important to consider when increasing use of OSS. Several of these are generalizable, and could be considered by other companies planning to adopt OSS. 3. Increasing the visibility of the OSS project inside the Telenor IS organization. This is important, so that the individual employee in Telenor becomes aware of the project. In addition to increased visibility, the survey involves the employees and makes their voice heard in the OSS adoption process. ntnudaim SIF2 datateknikk Program- og informasjonssystemer

Search results