Global ETD Search

491	Project Management in Agile Software Development : An empirical investigation of the use of Scrum in mature teams Andersen, Joachim Hjelmås January 2009 (has links) <p>kommer...</p> ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning
492	Automated Analyses of Malicious Code Krister, Kris Mikael January 2009 (has links) <p>Sophisticated software with malicious intentions (malware) that can easily and aggressively spread to a large set of hosts is located all over the Internet. Such software struggles to avoid malware analysts to continue its malicious actions without interruption. It is difficult for analysts to find the locations of machines infected with unknown and alien malware. Likewise, it is hard to estimate the prevalence of the outbreak of the malware. Currently, the processes are done using resource demanding manual work, or simply rough guessing. Automating these tasks is one possible way to reduce the necessary resources. This thesis presents an in-depth study of which properties such a system should have. A system design is made based on the findings, and an implementation is carried out as a proof of concept system. The final system runs (malicious) software, and at the same time observes network traffic originating from the software. A signature for intrusion detection systems (IDSes) is generated using data from the observations. When loaded in an IDS, the signature localises hosts that are infected with the same malware type, making network administrators able to find and repair the hosts. The thesis also covers a deep introductory study of the malware problem and possible countermeasures, focusing on a malware analyst's point of view.</p> ntnudaim SIF2 datateknikk Data- og informasjonsforvaltning
493	Open Source Software at Telenor IS Skarpenes, Tron André, Velle, Ketil Sandanger January 2009 (has links) <p>Open Source Software (OSS) is becoming a real alternative to proprietary software because of the attractive characteristics it might bring (e.g. reduced costs, independence from vendors and increased innovation). Consequently, adoption of OSS is getting more attention and the industry is adopting OSS in a much larger scale than before. Telenor IS, the information system branch of Telenor Nordic, has realized that OSS adoption is increasing and noticed the advantages that OSS might bring for them. Therefore they have started a project called Open Source 2010. Among this projects goals are finding suitable OSS products to use within the company, and to increase the overall adoption of OSS to avoid lock-in to commercial vendors and be able to cut costs. As part of the Open Source 2010 project, we investigated three issues. The first is what concrete experience the individual employee has with OSS. The second is to examine the employees attitude towards OSS, and how they assess an increased use of OSS in Telenor IS. The third is exploring which advantages and risks OSS could bring, in addition to which preparations that should be made to ease the adoption of OSS. To investigate these issues, we cooperated with Telenor IS to develop a survey consisting of both interviews and a questionnaire. To validate, supplement and disseminate the results from the survey, two workshops were conducted with Telenor employees. This thesis has three main contributions. 1. Empirical findings showing that: (i) There is no real difference in attitudes towards OSS between leaders and non-leaders. (ii) A notable amount of OSS is in use, supporting that OSS adoption is increasing. (iii) Leaders are not necessarily aware of all the OSS being used. 2. Identification of several advantages, risks and preparations which are important to consider when increasing use of OSS. Several of these are generalizable, and could be considered by other companies planning to adopt OSS. 3. Increasing the visibility of the OSS project inside the Telenor IS organization. This is important, so that the individual employee in Telenor becomes aware of the project. In addition to increased visibility, the survey involves the employees and makes their voice heard in the OSS adoption process.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
494	City Guide: Service Composition in an Urban Environment Blakstad, Eirik January 2009 (has links) <p>The aim of this thesis has been to develop and validate the user interface of a service composition tool for creating mobile tourist services in a city environment. The project has been conducted in cooperation with SINTEF and the Norwegian research project UbiCompForAll. As part of this thesis, a number of scenarios were created initially, showing what kind of functionalities accessed using mobile devices might be useful for tourists in the city. Based on these scenarios, the graphical user interface of a composition service tool was created and then assessed through the involvement of several users using a paper prototyping approach. The results from the paper prototyping assessment showed that the proposed interface is generally easy to understand and use, although there were a number of improvements necessary in the areas of information abstraction, module naming and letting users be able to see the final product of the composition. In addition, as part of the assessment of the proposed interface, the realizability of the services specified using this interface was evaluated. An architecture for the service derived from the specification developed by the user was defined. This enabled us to check that all the information necessary for creating the composed services can be provided when using the proposed user interface.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
495	Usability Challenges for Contactless Mobile Payment at a Physical Point of Sale : Central Themes and Trade-offs Gilje, Eivind Laugerud January 2009 (has links) <p>This thesis was written in cooperation with Telenor as part of the project ``Tap2Pay''. The goal was to investigate usablity challenges for contactless mobile payment at a physical point of sale and identify central themes and trade-offs. To acheive this a two iterations of a prototype was developed, based on an analysis of the payment situation. These iterations were used in one workshop each. After analyzing the results from the workshop, a strong card metaphor was identified as a central theme. The card metaphor had a great influence on the users' preferred solutions. Card selection routines was also a central theme. There is also a genuine trade-off between efficiency and confidence. The users are likely to lack confidence in the security of efficent solutions, but in order to increase confidence, efficiency must be sacrificed.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
496	Capability Assessment of Indoor Positioning Systems Landmark, Andreas Dypvik January 2009 (has links) <p>Location systems are seen as a promising technology for tracking people and objects to improve efficiency and quality in the healthcare domain. To increase the chances of success when introducing this new technology there are certain operational capabilities that need to be understood. The purpose of this Thesis is to explore how these operational capabilities can be assessed by experiment. The thesis proposes a method for describing the operational capabilities of a location system using a two-dimensional matrix of purposes of location systems in the healthcare domain, as found in literature. Using this matrix it is possible to assess and predict the requirements for a location system based on a classification of the purpose of the installation. Conversely it is possible to use the same matrix to find purposes that can be solved with a given location system. Using the Sonitor Indoor Positioning System it was also demonstrated how the operational capabilities of a location system could be found through a series of small low cost and low effort experiments. In conclusion three dimensions relating to operational capabilities were identified: granularity, resolution, and concurrency. Granularity and concurrency were shown to be successfully assessed through experiment, while resolution was found analytically. We also found a method to predict the impact of infrastructure size on the operational capability of the location system based on the same small experiments.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
497	Security Testing of Web Based Applications Erdogan, Gencer January 2009 (has links) <p>Web applications are becoming more and more popular in means of modern information interaction, which leads to a growth of the demand of Web applications. At the same time, Web application vulnerabilities are drastically increasing. This will inevitably expose more Web application users to malicious attacks, causing them to lose valuable information or be harmed in other ways. One of the most important software security practices that is used to mitigate the increasing number of vulnerabilities is security testing. The most commonly applied security testing methodologies today are extensive and are sometimes too complicated with their many activities and phases. Because of this complexity, developers very often tend to neglect the security testing process. Today, there is only a few security testing methodologies developed especially for Web applications and their agile development environment. It is therefore necessary to give attention to security testing methodologies for Web applications. A survey of state-of-the-art security testing methodologies for Web applications is performed. Based on some predefined criterions, Agile Security Testing is selected as the most adequate security testing methodology for Web applications, and is further extended to support all the predefined criterions. Furthermore, the extended Agile Security Testing methodology (EAST) is integrated into the Software Development Life Cycle applied by the Administrative Information Services group at the Department of General Infrastructure Services at CERN−The European Organization for Nuclear Research. Finally, by using the EAST methodology and the security testing methodology applied by the AIS group (which is an ad hoc way of performing security tests), an evaluation of the EAST methodology compared to existing ad hoc ways of performing security tests is made. The security testing process is carried out two times using the EAST methodology and two times using the ad hoc approach. In total, 9 vulnerability classes are tested. The factors that are used to measure the efficiency is: (1) the amount of time spent on the security testing process, (2) the amount of vulnerabilities found during the security testing process and (3) the ability to mitigate false-positives during the security testing process. The results show that the EAST methodology is approximately 21% more effective in average regarding time spent, approximately 95% more effective regarding the amount of vulnerabilities found, and has the ability to mitigate false-positives, compared to existing ad hoc ways of performing security tests. These results show that structured security testing of Web applications is possible not being too complicated with many activities and phases. Furthermore, it mitigates three important factors that are used as basis to neglect the security testing process. These factors are: The complexity of the testing process, the too time-consuming attitude against security testing of Web applications and that its considered to lack a significant payoff.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
498	Practices of Agile Software Product-Line Engineering : A qualitative assessment of empirical studies Gylterud, Snorre January 2009 (has links) <p>This thesis elaborated on the how Software Product-Line Engineering is combined with Agile Software Development to improve Software Engineering, through investigating published case studies and performing interviews in several companies. This combination are often described as Agile Software Product-Line Engineering and our study aimed to describe what agility is for software product lines and find out more on how this approach could be realized. Agile Software Product-Line Engineering could reap benefits from the best of the two software engineering approaches combining long term strategic efforts with short term agility. By following a specified research method that combines qualitative research methods we were able to ensure validity in our analysis and generalize the findings of this study. We used both semi-structured interviews and textual analysis techniques. The companies under study seem to combine Software Product-Line Engineering and Agile Software Development with success, reducing initial investment and exploiting reuse, and we found several practices that are interesting for further study. Based on these practices we present our view of a top-down approach to Agile Software Product-Line Engineering starting with several characteristics and a proposal for a definition of the field. Further, a framework for implementing the approach based on our research is presented, before we describe our thoughts on how the practice areas of Software Product-Line Engineering can be combined with Agile Software Development practices. We think that this thesis could be used as a guideline for further study and implementation of Agile Software Product-Lines. We believe that the data we cover is comprehensive based on the small existing research field and covers the general ideas of both the fields included in the combination.</p> ntnudaim SIF2 datateknikk Program- og informasjonssystemer
499	A Mobile Guide for geographically displaying estates listed for sale. Romundstad, Rune January 2007 (has links) Instead of displaying a simple list with the houses and apartments which are listed for sale, an alternative is to display them geographically in a map to get an overview of where they are located. To make it simple the map also has an icon of where you are located, so you know where you are according to the houses. A prototype of such a system with the most important functionality has been implemented. The system gives the user the option to choose different other facilities he or she wants to show in the map together with the apartments, such as schools and parking spaces etc. The system gives also short information of the different apartments when clicking on them, and the possibility to open the prospect of that specific apartment. The prototype has been evaluated by some experts from one of the largest estate agencies, together with a user- and a technical evaluation. The feedback from the experts has been very positive, and they are convinced that such a system will be very helpful for potential users. The response regarding the user-friendliness has also been good, except from some comments on too many confirmations needed when running the application. During the technical evaluation we got confirmed that a J2ME application not is directly portable between different devices without slightly adjustments. ntnudaim SIF2 datateknikk Program- og informasjonssystemer
500	Real-Time Online Multiplayer Mobile Gaming Jarrett, Martin, Sorteberg, Eivind January 2007 (has links) Gaming on mobile phones is a business with a great growth potential both in profit and popularity. In today's modern world, the number of potential users of online multiplayer mobile games is enormous. This is because of the wide deployment of mobile phones and the increasing general interest in gaming. For game developers, this is an interesting business area, since mobile games are faster and easier to develop than console or computer games, due to the mobile games' smaller size and reduced complexity. Telecom companies, on the other hand, may profit from this both by attracting users through exclusive contents only available to their subscribers, and trough the potential network traffic generated by online multiplayer games. Some multiplayer mobile games are available on the market today. However, few of these can be played real-time, which often involves a more entertaining and attractive gameplay compared to slower, turn-based games. This project has focused on two main areas. Firstly, different network technologies and transport protocols have been tested to evaluate whether these are suitable for real-time multiplayer mobile games or not. This was done by testing the different networks' response times and transfer speeds. Secondly, a framework for developing this kind of games has been developed. Also, a game prototype has been implemented based on this framework, and the experience from this development has been recorded to provide assistance for future development projects within the same scope. The results from the tests show that, among the widely available mobile networks today, only UMTS (3G) and EDGE offer performance sufficient for a fast and stable real-time multiplayer mobile game. GPRS is too slow and unstable, and using this technology for real-time game communication is likely to lead to lags and an incoherent gameplay. Furthermore, the tests have clearly shown that UDP is far better suited for in-game communication than TCP, because of UDP's superior response time. For developers of such games, there are several challenges that have to be closely considered. Synchronization of clients is a very difficult task because of high network latencies. Furthermore, mobile phones are weak in terms of available resources. Managing these problems requires distribution of calculations and efficient algorithms. The game framework developed in this project has proved to provide a good basis for developing different game concepts within real-time multiplayer mobile gaming. Common functionality for such games is implemented in the framework, thus helping game developers avoid having to reinvent the wheel. This project has shown that successful real-time multiplayer mobile games are definitely possible to implement. However, doing this is a great challenge, both for developers, distributors, and telecom companies offering such games to their subscribers. A middle way has to be found between the complexity of the game, the need for frequent network updates, and the user cost involved with playing the game. If this middle way is found, it is very likely that such a game could be a great success. ntnudaim SIF2 datateknikk Program- og informasjonssystemer

Search results