Adaptable Java Agents (AJA) — a Tool for Programming o f Multi-Agent Systems / Adaptabilni java agenti – alat za programiranje multi-agentskih sistema

Bađonski Mihal

07 April 2004

<p>The main goal of this thesis is the creation o f the tool agent-oriented programming tool AJA. AJA is the acronym for Adaptable Java Agents. AJA consists o f two programming languages:<br />- A higher-level language used for the description of the main agent parts. This language is called HADL, which is the acronym for Higher Agent Definition Language.<br />- A lower-level language used for the programming o f the agent parts defined in HADL. This language is called Java+. It is actually Java enriched with the constructs for accessing higher-level agent parts defined in HADL.<br />A translator from AJA to Java is implemented in the practical part o f the thesis. AJA agents have the following features: - Agent communicates with other agents using a construct called negotiation. The messages sent can be encrypted or digitally signed in order to ensure the security of the system. - Agent possesses adaptable&nbsp; parameters and neural nets that adapt themselves when the environment changes.<br />- Agent has reflexes, which are the reactive component o f the agent architecture.<br />- Agent can perform its actions parallel. Actions execution is synchronized.<br />- Agent is accessible via Internet, because it acts as a simple HTTP server. People can use this way to communicate with an agent.<br />- Agent has Java Swing based graphical user interface. Its owner uses this interface to communicate with the agent.<br />- Because o f the fact that Java-i- language extends Java, it is possible to use all useful Java features in the implementation o f AJA agents (e.g. JDBC for the database access). The thesis also presents an original approach of integrating artificial intelligence techniques, such as neural nets, with a programming language. Having the artificial intelligence components as a part of the programming language runtime environment makes their use straightforward. A programmer uses the language constructs that are implemented using the artificial intelligence<br />without the need for understanding their background and theory.<br />The thesis contains eight chapters and three appendixes. In the first chapter, an overview of agents and multi-agent systems is given. The second chapter surveys existing agent-oriented programming languages and tools. The third chapter introduces AJA and describes the architecture of AJA agents. The syntax and semantics o f AJA languages HADL and Java+ is described in the fourth chapter. The fifth chapter presents adaptable AJA constructs in more details. To demonstrate and test the created tool, a case-study multi-agent system has been implemented in AJA. There are four personal digital assistant agents in the system. The sixth chapter describes the example agents and positively evaluates the tool. In the seventh chapter the related work and tools are analyzed and compared to AJA. The last chapter concludes the thesis. The first appendix describes the implementation details of the AJA to Java translator. The second appendix is a guide for the installation and usage of the implemented AJA to Java translator. Finally, the third<br />appendix describes step by step how to translate, compile, run, and use the example agents. The thesis contains many references, which include almost all the most important and the most actual papers in the field. The reference list can be found at the end o f the thesis.</p> / <p>Glavni doprinos doktorske teze je napravljeni alat za programiranje agenata AJA . AJA - Adaptabilni Java Agenti je jezički alat za programsku implementaciju agenata Sastoji se od dva programska jezika:<br />- Jezik vi&scaron;eg nivoa kojim se opisuju glavne kom ponente agenta. Ovaj jezik se naziva HADL - Higher Agent Definition Language.<br />- Jezik nižeg nivoa koji služi za implementaciju pojedinih komponenti agenta specificiranih HADL jezikom . Ovaj jezik se najava Java+, jer je on zapravo programski jezik Java obogaćen konstrukcijama pomoću kojih je moguće pristupati komponentama agenta, definisanim u jezik u HADL.<br />AJA agent poseduje sledeće osobine:<br />- Sigurna kom unikacija sa drugim A JA agentim a koristeći mehanizam pregovaranja, &scaron;ifrovanje i digitalno potpisivanje poruka.<br />- Mogućnost adaptiranja na promene u okruženju u kom se nalazi, koristeći neuralne mreže i adaptabilne parametre.<br />- Reaktivnost zasnovana n a kom ponenti zvanoj refleks.<br />- Paralelno izvr&scaron;avanje akcija agenta u z njihovu internu sinhronizaciju.<br />- D ostupnost agenta preko Interneta. Agent se pona&scaron;a kao jednostavan HTTP server. Na ovaj način se drugim osobama omogućuje da komuniciraju sa agentom .<br />- G rafički korisnički interfejs zasnovan n a Java Swing tehnologiji<br />- Po&scaron;to se u program iranju agenta koristi Java+, moguće je uposliti sve pogodnosti Jave, kao &scaron;to su na primer pristup bazama podataka koristeći JDBC , rad sa multimedijalnim sadržajem , itd.<br />U tezi je predstavljen i originalni pristup integrisanja tehnika ve&scaron;tačke inteligencije sa program skim jezikom . U građujući kom ponente ve&scaron;tačke inteligencije u izvr&scaron;nu okolinu je z ik a čini n jihovo kori&scaron;ćenje veom a jednostavnim . Programer ne mora da bude ekspert iz ve&scaron;tačke inteligencije a da pri tome koristi konstrukcije jezika koje su implementirane pomoću ve&scaron;tačke inteligencije. AJA specifikacija agenta se sastoji od HADL i Java+ delova. U tezi je implementiran prevodioc kojim se A JA specifikacija prevodi u skup klasa programskog jezika Java. Implementiran je i jedan multi-agentski sistem kojim se praktično pokazuje kori&scaron;ćenje i mogućnosti napravljenog alata D oktorska teza sadrži i detaljan pregled oblasti o agentskpj m etodologiji. O n a kruni&scaron;e vi&scaron;egodi&scaron;nji rad kandidata i njegovog mentora u ovoj sve značajnijoj oblasti računarstva.<br />Teza sadrži o sam glava i tri dodatka. U prvoj glavi se opisuje oblast agenata i m ulti-agentskih sistem a. Pregled postojećih agentskih program skih jezik a i alata se daje u drugoj glavi. O pis A JA agenata i njihove arhitekture je dat u trećoj glavi teze. Četvrta glava se bavi sintaksom i sem antikom oba A JA jezika: H A D L -a i Jave+. Adaptabilni elem enti A JA agenata se opisuju u petoj glavi. U &scaron;estoj glavi je opisan m ulti-agentski sistem koji j e ujed n o i prim er prim ene A JA alata. A JA se sa drugim postojećim agentskim alatim a upoređuje u sedm oj glavi. Osma glava sadrži zaključak. N a kraju se u tri dodatka detaljno opisuju im plem entacija prevodioca A JA -e u Javu, instalacija prevodioca i kori&scaron;ćenje napravljenog m ulti-agentskog sistema respektivno. U doktorskom radu su kori&scaron;ćene i navedene brojne reference kojim a su obuhvaćeni gotovo svi najznačajniji i najaktuelniji radovi iz oblasti multi-agentskih sistema. Lista referenci je navedena na kraju teze.</p>

Comparing Virtual Threads and Reactive Webflux in Spring : A Comparative Performance Analysis of Concurrency Solutions in Spring / Jämförelse av virtuella trådar och Reactive WebFlux i Spring : En jämförande analys av lösningar för samtidighet i Spring

Haneklint, Carl, Joo, Yo Han

January 2023

To develop a high performant web service in Java, Reactive WebFlux has previously been utilized as the only alternative. With the introduction of virtual threads in Java 19, it has been considered that it would be an alternative to the current provided option. This paper presents the performance difference between Spring applications powered by normal threads, virtual threads, and its reactive counterpart Reactive WebFlux. The tests were done by creating three prototypes, which were used to call an endpoint with a set delay time and increasing the number of requests per second until system failure. The results show that the virtual threaded prototypes performed slightly better than the reactive prototype. The question remains whether the Reac- tive WebFlux application using the most optimal web server produces a different re- sult, as well as future research on how virtual threads perform with database usage. / För att utveckla högpresterande webbtjänster i Java har Reactive WebFlux varit det främsta alternativet. Med introduktionen av virtuella trådar i Java 19 har spekulerats kunna ersätta reaktiva webbtjänster. Detta arbete presenterar prestandaskillnaden mellan Spring-applikationer som drivs av normala trådar, virtuella trådar och dess reaktiva motsvarighet Reactive WebFlux. Testerna utfördes genom att skapa tre pro- totyper, som användes för att anropa en slutpunkt med en satt fördröjningstid och öka antalet förfrågningar per sekund fram till systemfel. Resultaten visade att proto- typen med virtuella trådar presterade något bättre än den reaktiva prototypen. Där- emot är det ännu oklart om Reactive WebFlux-applikationen med en optimal webb- server skulle producera ett annat resultat. Dessutom skulle det vara intressant för framtida forskning om hur virtuella trådar fungerar med databasanvändning.

Virtual threads

Spring Boot

Reactive WebFlux

Java

Concurrency

Virtual threads

Spring Boot

Reactive WebFlux

Java

Concurrency

Computer Sciences

Datavetenskap (datalogi)

Assessing the Effectiveness of Strict Java Third-Party Library Management in Software Supply Chain on Product Security : A software supply chain vulnerability challenge

Sandsjö, Carl, Manjusak, Medin

January 2023

Background. Recent trends indicates that attackers are shifting focus to more vulnerable targets; the software supply chain, which has consequently resulted in one of the top security challenges faced by organizations. One specific aspect of the software supply chain that has garnered significant attention is the use of third-party libraries and the high degree of impact exploited vulnerabilities have in relation to third-party libraries, such as Log4Shell. Objectives. The objective of this thesis is to determine the impact of removing unused Java third-party library classes in terms of security vulnerabilities and business value. Methods. A Gradle plugin was developed consisting of three coupled tasks to be used in the experiment where the primary objective is identifying and removing unused third-party classes. The experiment was conducted on 11 production-grade projects. For each of the 11 projects, approximately 12 versions were tested. The plugin was executed on each of the versions and a manual analysis of the result was conducted. The manual analysis consisted of finding the vulnerabilities connected to the respective vulnerable class. Subsequently, the result was analyzed and calculated. Results. The results from the tested projects showed a low overall impact on the number of vulnerabilities before and after the removal of unused classes. However, the vulnerability results differed greatly among the projects. A pattern between all projects was that the vulnerabilities increased in earlier versions. In the projects where there was an effect of removing unused classes, the average CVSS score increased which represents the severity of the vulnerabilities. This suggests that low-severity vulnerabilities were more prevalent in the set of removed vulnerabilities. Over all projects, there was a 40-50% decrease in the total number of classes before and after removing classes which from a security perspective lowers the project’s overall attack surface. On average 85% of the vulnerabilities were found after the release of the project versions. Conclusions. Based on the results we can see that the removal of unused third-party library classes does not have a significant impact on the number of vulnerabilities in the analyzed Java applications. However, this may not reflect all Java projects as we could see a greater impact on certain projects. The removal of vulnerabilities post-release date of a Java component was seen to have minimal to no business value for the analyzed projects. In contrast, a pilot study on a different project from another team within the same company demonstrated a higher level of business value. The reduction of the attack surface was assessed to 40-50% on all conducted projects, which would indicate a significant business value. Before incorporating such a solution, each project would need to be evaluated to determine the balance between security and complexity. / Bakgrund. De senaste trenderna tyder på att attackerare flyttar fokus till mer sårbara mål; mjukvaruförsörjningskedjan, vilket har blivit en av de största säkerhetsutmaningarna som organisationer står inför. En specifik aspekt av mjukvaruförsörjningskedjan som har fått stor uppmärksamhet är användningen av tredjepartsbibliotek och den höga graden av påverkan som exploaterade sårbarheter har i förhållande till tredjepartsbibliotek, såsom Log4Shell. Syfte. Syftet med denna studie är att fastställa effekten av att ta bort oanvända Java-klasser från tredjepartsbibliotek ur en sårbarhet och företagsvärde -perspektiv. Metod. Ett Gradle-plugin utvecklades bestående av tre beroende uppgifter som ska användas i experimentet där det primära målet är att identifiera och ta bort oanvända tredjepartsklasser. Experimentet genomfördes på 11 projekt av produktionskvalitet. För vart och ett av dessa 11 projekt testades cirka 12 versioner. Gradle-pluginet kördes på var och en av versionerna samt en manuell analys av resultatet utfördes. Den manuella analysen bestod i att hitta sårbarheterna kopplade till respektive sårbar klass. Därefter analyserades och beräknades resultatet. Resultat. Resultatet av de testade projekten visade en låg total inverkan på antalet sårbarheter före och efter borttagningen av oanvända klasser. Dessa resultat skilde sig dock mycket mellan projekten. Ett specifikt mönster mellan alla projekt var att sårbarheterna ökade i tidigare versioner. I de projekt där borttagning av klasser gjorde en inverkan, ökade genomsnittet av CVSS-poängen vilket representerar allvarlighetsgraden av sårbarheterna. Detta tyder på att svagheter med låga poäng var vanligare i uppsättningen av borttagna sårbarheter. Över alla projekt så togs 40-50% av det totala antalet klasser bort, vilket ur ett säkerhetsperspektiv sänker projektets totala attackyta. I genomsnitt hittades 85% av sårbarheterna efter lanseringen av projektversionerna. Slutsatser. Baserat på resultaten kan vi se att borttagningen av oanvända klasser från tredjepartsbibliotek inte har någon betydande påverkan på antalet sårbarheter i de analyserade Java-applikationerna. Men detta kanske inte speglar alla Java-projekt då vi kunde se en större påverkan på vissa projekt. Borttagning av sårbarheter efter releasedatum för ett Java-projekt visade sig ha minimalt till noll företagsvärde för de analyserade projekten. En pilotstudie på ett projekt som hanteras av ett annat team i samma företag, resulterade i ett större företagsvärde. Reduceringen av attackytan uppskattas till 40-50% för alla genomförda projekt, vilket innebär ett större företagsvärde. Innan man integrerar en sådan lösning, bör varje projekt utvärderas för att fastställa balansen mellan säkerhet och komplexitet.

Java

Third-Party Library

Software Supply chain

Security

Unused Classes

Java

Tredjepartsbibliotek

Mjukvaruförsörjningskedja

Säkerhet

Oanvända Klasser

Computer Sciences

Datavetenskap (datalogi)

SUNNYMILKFUZZER - AN OPTIMIZED FUZZER FOR JVM-BASED LANGUAGE

Junyang Shao (16649343)

27 July 2023

<p>This thesis presents an in-depth investigation into the opportunities of optimizing the performance (throughput) of fuzzing on Java Virtual Machine (JVM)-based languages. The study identifies five main areas for potential optimization, each of which contributes to the performance bottlenecks in the existing state-of-the-art Java fuzzer, Jazzer.</p> <p><br></p> <p>Firstly, the use of coverage probes is recognized as costly due to the native method call, including call frame generation and destruction, while it only performs a simple byte increment. Secondly, the probes may become exhausted, which subsequently cease to generate signals for new interesting inputs, while the associated costs persist. Thirdly, the scanning of the coverage map is expensive, particularly for targets with a large loaded bytecode. Given that test inputs can only execute a portion of these, the probes for most bytecodes are scanned repeatedly without generating any signals, indicating a need for a more structured coverage map design to skip the code probes effectively. Lastly, exception handling in JVM is costly as it automatically fills in the stack trace whenever an exception object is created, even when most targets don't utilize this information. </p> <p><br></p> <p>The study then designs and implements optimization techniques for these opportunities. We believe we provide the optimal solution for the first opportunity, while better optimizations could be proposed for the second, third, and fourth. The collective improvement brought about by these implementations is on average 138% and up to 441% in throughput. This work, thus, offers valuable insights into enhancing the efficiency of fuzz testing in JVM languages and paves the way for further research in optimizing other areas of JVM-based-language fuzzing performance.</p>

Software and application security

Performance evaluation

Java and Virtual Machine Semantics

Java Fuzzing

Fuzzing

JVM

JIT

Jazzer

Assessing Tsunami Risk in Southwest Java, Indonesia: Paleo-Tsunami Deposits and Inundation Modeling

Deng, Han

01 February 2018

Samples from 13 different sites along the south coast of West Java yield 7 candidate paleo-tsunami sands, which may represent 4 different paleo-tsunami events. Ages obtained from one deposit may document a tsunami and coastal subsidence from an earthquake in 1,053 AD. The tsunami deposit from this event is preserved in an uplifted marine terrace exposed at Panto Cape, Banten Province. We speculated that the terrace has been uplifted about 4.6 m to the present height of 2 m above sea level, since the 1053 AD event at a rate of 4.8 mm/a. This uplift is strong evidence that strain is accumulating at the Java Trench and enough has already accumulated to generate a megathrust earthquake event.Numerical models using ComMIT of possible megathrust earthquake scenarios were constructed using the 2004 Sumatra earthquake, 30-m fault slip, and the 2011 Japan earthquake as proxies. These three scenarios yield earthquakes of Mw 9.3, 9.5 and 8.9, respectively. The worst case scenario is used to estimate the extent of tsunami inundation of the SW coast of Java, which totals 643 km2. The total number of people who inhabit the inundation area is around 451,000. Some coastal configurations cause a no escape situation where the modeled tsunami arrives in less than 20 minutes, which is not enough time for those near the coast to escape far enough inland or to a sufficient elevation to avoid the tsunami. These areas include the coastlines of Sukabumi, Cianjur and west Garut Regencies and the Pameungpeuk area.

Central Indonesia

southwest Java

Java Trench

numerical modeling

inundation maps

paleo-tsunami deposits

evacuation

Geology

Physical Sciences and Mathematics

Assessing Tsunami Risk in Southwest Java, Indonesia: Paleo-Tsunami Deposits and Inundation Modeling

Deng, Han

01 February 2018

Samples from 13 different sites along the south coast of West Java yield 7 candidate paleo-tsunami sands, which may represent 4 different paleo-tsunami events. Ages obtained from one deposit may document a tsunami and coastal subsidence from an earthquake in 1,053 AD. The tsunami deposit from this event is preserved in an uplifted marine terrace exposed at Panto Cape, Banten Province. We speculated that the terrace has been uplifted about 4.6 m to the present height of 2 m above sea level, since the 1053 AD event at a rate of 4.8 mm/a. This uplift is strong evidence that strain is accumulating at the Java Trench and enough has already accumulated to generate a megathrust earthquake event.Numerical models using ComMIT of possible megathrust earthquake scenarios were constructed using the 2004 Sumatra earthquake, 30-m fault slip, and the 2011 Japan earthquake as proxies. These three scenarios yield earthquakes of Mw 9.3, 9.5 and 8.9, respectively. The worst case scenario is used to estimate the extent of tsunami inundation of the SW coast of Java, which totals 643 km2. The total number of people who inhabit the inundation area is around 451,000. Some coastal configurations cause a no escape situation where the modeled tsunami arrives in less than 20 minutes, which is not enough time for those near the coast to escape far enough inland or to a sufficient elevation to avoid the tsunami. These areas include the coastlines of Sukabumi, Cianjur and west Garut Regencies and the Pameungpeuk area.

Central Indonesia

southwest Java

Java Trench

numerical modeling

inundation maps

paleo-tsunami deposits

evacuation

Geology

Physical Sciences and Mathematics

Essays on the use of e-Learning in statistics and the implementation of statistical software

Ziegenhagen, Uwe

20 March 2009

Die vorliegende Doktorarbeit bündelt die Veröffentlichungen des Autors und seiner Koautoren zu den Themen e-Learning und statistischer Software. Die Kapitel 2 bis 5 sind Aspekten des e-Learning gewidmet, die Kapitel 6 bis 9 beschreiben die Entwicklung der statistischen Programmiersprache Yxilon. In Kapitel 2, Koautoren Wolfgang Härdle und Sigbert Klinke, wird erörtert, ob und wie computerbasierte Elemente in den Kanon der methodischen Bildung integriert werden sollen und wo die Grenzen des e-Learning in der Statistik-Ausbildung liegen. Kapitel 3, Koautoren Wolfgang Härdle und Sigbert Klinke, gibt Einschätzungen verschiedener e-Learning Plattformen und beschreibt Punkte, die bei der Entwicklung von e-Learning Plattformen berücksichtigt werden sollten. Kapitel 4, geschrieben mit Wolfgang Härdle und Sigbert Klinke, diskutiert zwei Veröffentlichungen in der "International Statistical Review", die eine technische Lösung für die Verbesserung des Verständnisses der Statistik-Lehre vorstellen. Kapitel 5, Koautoren Wolfgang Härdle und Sigbert Klinke, beschreibt die Anwendung von Web-Techniken für die Lehre in Statistik. Weiterhin stellt es die Quantnet Plattform vor, eine Plattform für die Verwaltung von Programmen und Daten. In Kapitel 6, Koautoren Wolfgang Härdle und Sigbert Klinke, diskutieren die Autoren die Anforderungen an eine Statistical Engine. Kapitel 7, geschrieben mit Yuval Guri und Sigbert Klinke, erläutert die Ideen, die zur Re-Implementierung der XploRe Sprache geführt haben und diskutiert ausgewählte technische Aspekte der Yxilon Plattform wie Objektdatenbank und die Erzeugung von kompilierbarem Code für Hochsprachen. In Kapitel 8, Koautoren Wolfgang Härdle und Sigbert Klinke, wird die implementierte Client-Server Struktur beschrieben. Server und Kommunikationsprotokoll werden zusammen mit dem entwickelten Client und der Grafik-Engine beschrieben. Das letzte Kapitel, beschreibt die Struktur der Yxilon Plattform in ihrer jetzigen Form. / The following doctoral thesis collects the papers the author has written with his coauthors on e-Learning and statistical software. The chapters 2 to 5 are devoted to selected aspects of e-Learning, the chapters 6 to 9 describe the development of the statistical programming environment Yxilon. In chapter 2, coauthored by Wolfgang Härdle and Sigbert Klinke, the question whether and how computational elements should be integrated into the canon of methodological education and where e-techniques have their limits in statistics education is discussed. Chapter 3, coauthored by Wolfgang Härdle and Sigbert Klinke, gives reviews of different e-learning platforms for statistics and reveals facts that may be taken into account for future e-learning platforms in statistics and related fields. Chapter 4, written with Wolfgang Härdle and Sigbert Klinke, discusses two papers published in International Statistical Review which both offer a technical solution to improve the understanding of statistics by students. Chapter 5, coauthored by Wolfgang Härdle and Sigbert Klinke, describes web-related techniques for teaching statistics. It furthermore introduces the Quantnet platform, a framework to manage scientific code and data. In chapter 6, coauthored by Wolfgang Härdle and Sigbert Klinke, the requirements for a statistical engine are discussed. Chapter 7, written jointly with Yuval Guri and Sigbert Klinke, explains ideas which led to the reimplementation of the XploRe language. In chapter 8, coauthored by Wolfgang Härdle and Sigbert Klinke, the implemented client/server structure of the Yxilon platform is laid out in terms of technical features. The server and the communication protocol are described together with the developed Java client featuring the Jasplot graphics engine. Finally chapter 9 describes the structure of the Yxilon environment in its present form.

Statistik

XploRe

Java

e-Learning

Yxilon

XploRe

Java

Statistik

e-Learning

Yxilon

330 Wirtschaft

17 Wirtschaft

QH 200

ddc:330

Utveckling av en anonymiseringsprototyp för säker interaktion med chatbotar

Hanna, John Nabil, Berjlund, William

January 2024

I denna studie presenteras en prototyp för anonymisering av känslig information itextdokument, med syfte att möjliggöra säker interaktion med stora språkmodeller(LLM:er), såsom ChatGPT. Prototypen erbjuder en plattform där användare kanladda upp dokument för att anonymisera specifika känsliga ord. Efter anonymiseringkan användare ställa frågor till ChatGPT baserat på det anonymiserade innehållet.Prototypen återställer de anonymiserade delarna i svaren från ChatGPT innan de visas för användaren, vilket säkerställer att känslig information förblir skyddad underhela interaktionen.I studien används metoden Design Science Research in Information Systems (DSRIS). Prototypen utvecklas i Java och testas med påhittade dokument, medan enkätsvar samlasin för att utvärdera användarupplevelsen.Resultaten visar att prototypens funktioner fungerar väl och skyddar känslig information vid interaktionen med ChatGPT. Prototypen har utvärderats med hjälp av svarfrån enkäten som dessutom tar upp förbättringsmöjligheter.Avslutningsvis visar studien att det är möjligt att anonymisera textdokument effektivt och samtidigt få korrekt och användbar feedback från ChatGPT. Trots vissa begränsningar i användargränssnittet på grund av tidsramen visar studien på potentialför säker datahantering med ChatGPT. / This study presents a prototype for anonymizing sensitive information in text documents, with the aim of enabling secure interactions with large language models(LLMs) such as ChatGPT. The prototype offers a platform where users can uploaddocuments to anonymize specific sensitive words. After anonymization, users canpose questions to ChatGPT based on the anonymized content. The prototype restores the anonymized parts in the responses from ChatGPT before they are displayed to the user, ensuring that sensitive information remains protected throughoutthe entire interaction.The study uses the Design Science Research in Information Systems (DSRIS)method. The prototype is developed in Java and tested with fabricated documents,while survey responses were collected to evaluate the user experience.The results show that the prototype's functionalities work well and protect sensitiveinformation during interaction with ChatGPT. The prototype has been evaluated using survey responses that also highlight opportunities for improvement.In conclusion, the study demonstrates that it is possible to effectively anonymizetext documents while obtaining accurate and useful feedback from ChatGPT. Despite some limitations in the user interface due to the timeframe, the study showspotential for secure data handling with ChatGPT.

ChatGPT

LLM

anonymization

prompt engineering

DSRIS

Java

ChatGPT

LLM

anonymisering

prompt engineering

DSRIS

Java

Computer Sciences

Datavetenskap (datalogi)

Workshop webbapplikation : Utveckling av Webbtjänst för pluggstugan vid KTH ICT / Workshop Web Application : Development of Web Application for "pluggstuga" at KTH ICT

Firouzi, Abdul Rahman

January 2014

Kungliga Tekniska Högskolan har för en tid sedan anordnat så kallade ”workshops” för att hjälpa studenter med sina studier. Dessa workshops ger studenterna tillfälle att få hjälp av assistenter. Syftet med detta projekt är därför att göra administrationen för workshopstillfällena så effektiv och smidig som möjligt.För att uppnå detta syfte har en webbapplikation konstruerats i utvecklingsmiljön Netbeans och är baserad på en treskiktsarkitektur. Detta har genomförts med hjälp av utvecklingsmetoden Scrum och programmeringsspråket Java. Stor vikt har lagts på att skapa en modulär applikation med fokus på hållbar utveckling.Resultatet har blivit en webbapplikation som kan nås via mobila enheter, surfplattor och stationära enheter. Den har prestandatestats och är därmed redo för att testas för en utvärdering av dess effektivitet och inverkan på workshopverksamheten. / The Royal Institute of Technology has recently arranged so-called "workshops" to help students with their studies. These workshops give students the opportunity to receive help from assistants. The purpose of this project is to make the administration of the workshop sessions as efficient and seamless as possible.To achieve this purpose, a web application has been designed in Netbeans the development environment and is based on three-layer architecture. This has been implemented using the Scrum development methodology and the Java programming language. Great emphasis was placed on creating a modular application with focus on sustainable development.The result is a web application that can be accessed via mobile devices, tablets, and stationary units. Its performance has been tested and the web application is thus ready to be tested in order to evaluate its effectiveness and impact on the workshop activities.

web application

java EE

SQL

CSS

Bootstrap

Netbeans

DHTMLX-JavaPlanner

Object-Oriented programming

MySQL database

security

Java Server Faces

Java Server Pages

three-layer architecture

webbapplikation

java EE

SQL

CSS

Bootstrap

Netbeans

DHTMLX-JavaPlanner

Objektorienterat programmering

MySQL databas

säkerhet

Java Server Faces

Java Server Pages

Treskikts-arkitektur

Computer and Information Sciences

Data- och informationsvetenskap

Three Factor Authentication Using Java Ring and Biometrics

Chitiprolu, Jyothi

17 December 2004

Computer security is a growing field in the IT industry. One of the important aspects of the computer security is authentication. Using passwords (something you know) is one of the most common ways of authentications. But passwords have proven to provide weak level of security as they can be easily compromised. Some other ways of authenticating a user are using physical tokens, (something you possess) and biometrics, (something you are). Using any one of these techniques to secure a system always has its own set of threats. One way to make sure a system is secure is to use multiple factors to authenticate. One of the ways to use multiple factors is to use all the three factors of authentication, something you possess, something you are and something you know. This thesis discusses about different ways of authentication and implements a system using three factor authentication. It takes many security aspects of the system into consideration while implementing it, to make it secure.

Three factor Authentication

Java Ring

Biometrics

Fingerprint

iButton

computer security

Java Card

Open Card

Authentec API

Java Card API

iButton API

Java Card

Architecture

security

functionality in iButton

APDU

Java Card Framework

Open Card Framework

structure of APDU

iButton security

Fingerprint