KPI management - auto alerting na platformě MS SQL / KPI management - auto alerting in MS SQL

Vedral, Jakub

January 2009

This diploma thesis deals with the problem of automatic alerting on Microsoft SQL Server 2008 platform. Thesis was elaborated with Clever Decision s.r.o. company which significantly contributed to thesis assignment. Main goal of this thesis is to provide a solution concept for absence of alerting for multidimensional data in Microsoft's product. Alerting is aimed at critical business data -- Key performance indicators - KPIs. KPIs are used to deliver enhanced business performance through Corporate Performance Management concept. These indicators need to be watched frequently. Considering that alerting solution is convenient for watching the data. Solution concept is based on market research of Business Intelligence (BI) platforms which dominates the market. Platforms are examined for their alerting capabilities. Next goal is to provide overall insight to KPI management -- creating, managing, analyzing and monitoring of KPIs. Thesis is divided into three sections. First part creates theoretical background for solution creation and describes the field of KPI management. Second part consists of market research using selected criteria. Third part is aimed at providing the solution concept through web application fixing the absence of alerting on Microsoft SQL Server 2008 platform. This thesis is primarily intended for Clever Decision company but also for various BI experts dealing with alerting problems on BI platforms. Thesis serves also as a theoretical summary of KPI management which is commonly evaded by available technical literature.

Modely řízení přístupu ke zdrojům operačního systému / Operating Systems' Resource Access Control Models

Vopička, Adam

January 2010

The thesis deals with models used in access control to operating systems' resources. The thesis' goals are the theoretical description of these models and their comparison, the description of their implementations in selected operating systems and the description of their utilization in securing typified servers. In the first chapter, the reader is introduced to basic terms and principles of computer security and access control. In the second, also theoretical part, selected access control models are described from different viewpoints, for example their factual specialization, basic rules, principles and evolution. At the end of the chapter, the models are compared to each other according to specified criteria. The third, more practically oriented chapter, continues from the initial, both general and concrete introduction with operating systems, to description of access control model implementations in selected operating systems. At the end of the chapter, these implementations too are compared according to specified criteria. The fourth, final part, is dedicated to the description of the actual securing of a web and file server using operating system level access control means. The end of the chapter is dedicated to the possibilities of using these means to secure web applications. The contribution of this thesis from the theoretical point of view is a well-arranged and compact access control model comparison, and also the merger of the theoretical base with practical use of the described model implementations. The thesis is recommended to people interested in the computer security issues in general and people interested in access control from both theoretical and practical sides, e.g. system administrators or system designers.

Využití principů business intelligence v dotazníkových šetřeních / Business Intelligence principles and their use in questionnaire investigation

Hanuš, Václav

January 2010

This thesis is oriented on practical usage of tools for data mining and business intelligence. Main goals are processing of source data to suitable form and test use of chosen tool on the test case. As input data I used database which was created as result of processing forms from research to verify the level of IT and economics knowledge among Czech universities. These data was modified into the form, which allows processing them via data mining tools included in Microsoft SQL Server 2008. I choose two cases for verification the potentials of these tools. First case was focused on clustering using Microsoft Clustering algorithm. Main task was to sort the universities into the clusters by comparing their attributes which was amounts of credits of each knowledge group. I had to deal with two problems. It was necessary to reduce the number of groups of subjects, otherwise there was a danger of creation too many clusters which I couldn't put the name on. Another problem was unequal value of credits in each group and this problem caused another problem with weights of these groups. Solution was at the end quite simple. I put together similar groups to bigger formation with more general category. For unequal value, I used parameter for each of new group and transform it to scale 0-5. Second case was focused on prediction task using Microsoft Logistic Regresion algorithm and Microsoft Neural Network algorithm. In this case was the goal to predict the number of presently studying students. I had a historical data from years 2001-2009. A predictive model was processed based on them and I could compare the prediction with real data. In this case, it was also necessary to transform the source data, otherwise it couldn't be processed by tested tool. Original data was placed into the view instead of table and contained not only wished objects but more types of these. For example divided by a sex. Solution was in creation of new table in database where only relevant objects for test case were placed. Last problem come up when I tried to use prediction model to predict data for year 2010 for which there wasn't real data in the table. Software reported an error and couldn't make prediction. During my research on the Microsoft technical support I find some threads which refer to similar problem, so it's possible that this is a system error whit will be fix in forthcoming actualization. Fulfillment of these cases provided me enough clues to determine abilities of these tools from Microsoft. After my former school experience with data mining tools from IBM (former SSPS) and SAS, I can recognize, if tested tools can match these software from major data mining supplier on the market and if it can be use for serious deployment.

Návrh mobilní aplikace pro správu serveru / Mobile application for remote server management

Kolář, Jakub

January 2015

Thesis deals with remote servers specifically those for the Minecraft. These servers are divided into groups. The work examines the possibility of remote access to these servers on network protocols level, which are described briefly, and also at the level of the game itself. Describes the game options that can be influenced via remote management. Then analyzes the applications that are intended for this remote access, and identifies problems associated with them. Based on the issues that implied from this analysis, application that solves these problems is designed. The first chapter contains a brief description of the network protocols that can be used to remotely manage servers for the Minecraft and identifies the most appropriate protocol. The next chapter describes the Minecraft, and specifically those of its regions which can be influenced via remote management. The next chapter analyzes the applications that can be used to remotely manage Minecraft servers and based on the problems that this analysis identifies, an application that solves these problems is designed. The designed application is then implemented. The last part contains user documentation of created application.

Analýza reportingu v podnikovém prostředí a jeho technologické pokrytí Microsoft BI / Analysis of Reporting in Business and its Technological Coverage by Microsoft BI

Lučan, Martin

January 2015

This master thesis deals with an analysis of reporting in business and its technological coverage by Microsoft Business Intelligence portfolio. The main objective of this work is to analyze the individual organization's requirements on reporting and coverage options. This work can serve as a tool for implementation of reporting in a company or for increasing the efficiency of reporting. The first part is theoretical. It deals with Business Intelligence as an environment for reporting. It also defines the basic concepts. The next part covers the area of reporting. This section provides an insight into the history, definition of outcomes and detailed classification of reporting from different perspectives. Furthermore, the definition of users reporting and the reporting standards in companies is also covered. At the end of this chapter, there is the definition of the benefits of reporting for companies. The main part of this master thesis is an analysis of the requirements for reporting in companies. The chapter defines five key perspectives which are described in a greater detail. The methods how companies should methodically approach these requirements are also discussed. The chapter further looks at the requirements for a concrete report. An output of this chapter is an effective template for gathering requirements for a specific report. The last chapter focuses on reporting portfolio analysis of Microsoft and defines the concept of Microsoft. It provides detailed information about reporting products that Microsoft offers. An analyses and a mapping of the individual characteristics of the products and the requirements is defined in this thesis.

Možnosti identifikace botnetové robotické aktivitiy / On possible approaches to detecting robotic activity of botnets

Prajer, Richard

January 2016

This thesis explores possible approaches to detecting robotic activity of botnets on network. Initially, the detection based on full packet analysis in consideration of DNS, HTTP and IRC communication, is described. However, this detection is found inapplicable for technical and ethical reasons. Then it focuses on the analysis based on network flow metadata, compiling them to be processable in machine learning. It creates detection models using different machine learning methods, to compare them with each other. Bayes net method is found to be acceptable for detecting robotic activity of botnets. The Bayesian model is only able to identify the botnet that already executes the commands sent by its C&C server. "Sleeping" botnets are not reliably detectable by this model.

Možnosti presentace dat v aplikacích business intelligence / Possibilities of data presentation in business intelligence applications

Tůma, Martin

January 2011

This diploma thesis deals with the possibility of presentation data in business intelligence (BI) applications. The aim is to develop a methodology for reporting and data visualization using Microsoft SQL Server 2008 Business Intelligence Development Studio and Microsoft Excel 2010. Evaluate and identify opportunities for data display using the perception of information at a subconscious level in the above mentioned tools. Identify market trends from the perspective of business intelligence data visualization. In the first part thesis focuses on the analysis of the current BI market with regard to trends in data visualization. In the following part options of perceptions on a subconscious level are examined, which are then reflected in the establishment of a methodology reporting. Similarly, it is investigated the human perception of color. Presented are appropriate and inappropriate data visualization forms, at the most commonly used graphic forms. The work describes a method to ensure that the data will not be displayed tendentiously or distorted. My contribution is creating a reporting methodology that respects the life cycle of the report, as well as a logical follow-up steps to project management.

Direct Online/Offline Digital Signature Schemes.

Yu, Ping

12 1900

Online/offline signature schemes are useful in many situations, and two such scenarios are considered in this dissertation: bursty server authentication and embedded device authentication. In this dissertation, new techniques for online/offline signing are introduced, those are applied in a variety of ways for creating online/offline signature schemes, and five different online/offline signature schemes that are proved secure under a variety of models and assumptions are proposed. Two of the proposed five schemes have the best offline or best online performance of any currently known technique, and are particularly well-suited for the scenarios that are considered in this dissertation. To determine if the proposed schemes provide the expected practical improvements, a series of experiments were conducted comparing the proposed schemes with each other and with other state-of-the-art schemes in this area, both on a desktop class computer, and under AVR Studio, a simulation platform for an 8-bit processor that is popular for embedded systems. Under AVR Studio, the proposed SGE scheme using a typical key size for the embedded device authentication scenario, can complete the offline phase in about 24 seconds and then produce a signature (the online phase) in 15 milliseconds, which is the best offline performance of any known signature scheme that has been proven secure in the standard model. In the tests on a desktop class computer, the proposed SGS scheme, which has the best online performance and is designed for the bursty server authentication scenario, generated 469,109 signatures per second, and the Schnorr scheme (the next best scheme in terms of online performance) generated only 223,548 signatures. The experimental results demonstrate that the SGE and SGS schemes are the most efficient techniques for embedded device authentication and bursty server authentication, respectively.

bursty server authentication

standard model

Online/offline digital signature schemes

embedded dvice authentication

Digital signatures.

Computer networks -- Access control.

Computer networks -- Security measures.

Síndrome de Burnout, presenteísmo e a qualidade de vida no trabalho de gestores de uma instituição judiciária federal / Burnout syndrome, presenteism and quality of life in the work of managers of a federal judicial institution

Farias, Elisabete Felix

06 February 2017

Submitted by Nadir Basilio (nadirsb@uninove.br) on 2017-09-13T16:51:33Z No. of bitstreams: 1 Elisabete Felix Farias.pdf: 1826027 bytes, checksum: a1fd55d13a48fcca2a341814932d233d (MD5) / Made available in DSpace on 2017-09-13T16:51:33Z (GMT). No. of bitstreams: 1 Elisabete Felix Farias.pdf: 1826027 bytes, checksum: a1fd55d13a48fcca2a341814932d233d (MD5) Previous issue date: 2017-02-06 / The illness and its relation to the lack of attendance or presence at work has been the focus of several studies, representing a reality that generates high costs for both public and private institutions, and especially for the worker. The objective of this study was to evaluate the correlation between quality of life in the work of managers of a federal judicial institution, presenteeism and Burnout Syndrome, work - related disorder related to absenteeism, early retirements and low productivity. This is a descriptive-exploratory case study, cross-sectional, under a quantitative evaluation, adopting multivariate statistics for data analysis. The following instruments were used: a questionnaire containing data on the sociodemographic profile and the professional profile; The QVP-35 questionnaire, to evaluate the quality of life at work; The MBI-GS inventory, to determine the occurrence of Burnout Syndrome; The SPS-6 scale, for the analysis of presenteeism. The data presented by 47 department managers of a Federal Judicial Institution, based in the city of São Paulo, were analyzed by means of Analysis of Variance (ANOVA), seeking to correlate the component dimensions of each of the questionnaires applied. It was observed that, in relation to the sociodemographic and professional profiles of the respondents, the relevant variable in relation to the presence or absence of Burnout Syndrome was schooling. Similarly, of the analyzed dimensions of QVP-35 versus Burnout Syndrome, the main associations were found with the variable "Work Related Discomfort". Among the significant correlations obtained between Burnout Syndrome and presenteeism, Emotional Exhaustion was evidenced as a preponderant element. The contributions of the research allowed providing important subsidies for the Administration of the Court, aiming at facing the problems identified and the formulation of quality of life policies at work with a preventive bias of health problems in the institutional scope. From the academic point of view, the research made it possible to advance in the consolidation of the approach to quality of life at work, presenteeism and Burnout Syndrome and to establish indications for new studies. / O adoecimento e sua relação com a falta de assiduidade ou presença no trabalho tem sido foco de diversos estudos, representando uma realidade que gera altos custos para as instituições tanto públicas quanto privadas e, principalmente, para o trabalhador. Diante disso, este estudo teve por objetivo avaliar a correlação entre qualidade de vida no trabalho de gestores de uma instituição judiciária federal, presenteísmo e Síndrome de Burnout, transtorno gerado em situação de trabalho e relacionado ao absenteísmo, aposentadorias precoces e baixa produtividade. Trata-se de um estudo de caso de caráter descritivo-exploratório, de corte transversal, sob uma avaliação quantitativa, adotando-se a estatística multivariada para análise dos dados. Foram utilizados os seguintes instrumentos: questionário contendo dados do perfil sociodemográfico e do perfil profissional; o questionário QVP-35, para avaliação da qualidade de vida no trabalho; o inventário MBI-GS, para determinar a ocorrência da Síndrome de Burnout; a escala SPS-6, para análise do presenteísmo. Procedeu-se ao exame dos dados apresentados por 47 gestores de departamentos de uma Instituição Judiciária Federal, sediada na cidade de São Paulo, por meio de Análise de variância (ANOVA), buscando correlacionar as dimensões componentes de cada um dos questionários aplicados. Observou-se que, em relação aos perfis sociodemográfico e profissional dos respondentes, a variável relevante em relação à presença ou não de Síndrome de Burnout foi a escolaridade. De modo similar, das dimensões analisadas do QVP-35 frente à Síndrome de Burnout, as principais associações foram encontradas com a variável “Desconforto Relacionado ao Trabalho”. Dentre as correlações significativas obtidas entre a Síndrome de Burnout e o presenteísmo, evidenciou-se a Exaustão Emocional como elemento preponderante. Os aportes da pesquisa permitiram fornecer subsídios importantes para a Administração do Tribunal, visando ao enfrentamento dos problemas constatados e à formulação de políticas de qualidade de vida no trabalho com viés preventivo dos agravos à saúde no âmbito institucional. Do ponto de vista acadêmico, a pesquisa possibilitou tanto avançar na consolidação da abordagem da qualidade de vida no trabalho, presenteísmo e Síndrome de Burnout quanto estabelecer indicações para novos estudos.

qualidade de vida no trabalho

Síndrome de Burnout

presenteísmo

poder judiciário

servidor público federal

quality of life at work

Burnout Syndrome

presenteeism

judicial power

public federal server

Security Auditing and Testing of two Android Client-Server Applications

Engström Ericsson, Matilda

January 2020

How secure is your application? How can you evaluate if it is secure? The threats are many and may be hard to find. In a world where things are more and more automated; how does manual labour contribute to security auditing applications? This study aims to assess two proof of concept Android client-server applications, developed by students to suit the needs of a fictitious Police Department and Fire Department, respectively. The approach is unconventional yet supported by well-established theory. The gist of a vulnerability assessment methodology initially developed to assess the security of middleware is followed and applied to the entire architecture of these client-server applications. How the manual labour contributed to the end results, in comparison to the use of automated tools and a list of known threats, is then evaluated.   It is concluded that the applications encompass multiple of the Open Web Application Security Project (OWASP) Top 10 Mobile Risks and that automated tools find most of those vulnerabilities. However, relying on automation may lead to a false sense of security, which in effect may cause developers to lose understanding of why vulnerabilities occur and how they should be mitigated. Understanding how the design and architecture of the application influence its security is key.   As of Android 9.0+, default is that applications use SSL encrypted communication. Only 40% of Android users are in 2020 affected by this change according to Android studio developer information, leaving a majority of users unaware of if or how their data is being protected, also observed in analysis results from this thesis work. One should consider if or how to inform users of how their data is being handled, not only in newer Android versions or regarding SSL communication.    This work also shows that developers' decisions may be greatly affected by time pressed situations, which is reflected upon in the last chapter. Another important finding was that the third-party software Sinch, which enabled the use of voice and video communication in one of the applications, sent IP addresses and usernames of the users in clear text during the binding request, when the Session Traversal Utilities for NAT (STUN) protocol was used.

Security audit

Security testing

Android Client-Server

OWASP Top 10 Mobile Risks

Automated tools

MITM attack

SSL

Authorization

Computer Sciences

Datavetenskap (datalogi)