Hur VPN-tjänster matchar användarens förväntningar och problem kopplat till VPN-lösningar / How VPN services match users expectations and problems associated with VPN solutions

Hallbäck, Anton, Stevens, Oskar

January 2023

VPN-teknologin är känd för att skydda användarens personliga integritet och säkerhet online. Genom att etablera en krypterad tunnel mellan användare och VPN-tjänstens server möjliggörs flera funktioner. Dessa funktioner kan inkludera anonym surfning genom att maskera användarens IP-adress och geografiska plats, eller tillhandahålla en säker anslutning över ett offentligt nätverk. Den systematiska litteraturstudien undersöker problemområdet inom VPN-lösningaroch försöker sammanställa relevant forskning. Två databaser användes för att hitta artiklar med hjälp av en sökterm, där 31 artiklar accepterades efter granskning. Tematisk kodning användes och fyra huvudområden identifierades: Sårbarhet i protokoll, hårdvara, mjukvara och kryptering och autentisering. Analysen visar bland annat på att det finns problem inom VPN-tekniken, speciellt inom området protokoll. Enkätstudien undersökte svenska studenters vanor kring VPN användande och hur de tror att det påverkar deras säkerhet online. Enkätstudien hade 83 deltagare, vilket gjorde att urvalet inte var representativt för den valda populationen. Enkätstudien visade att deltagarna använde sig av VPN-tjänster för att få tillgång till institutionellt innehåll, platslåst media, skydda sin personliga integritet och öka sin säkerhet online. Majoriteten av deltagarna svarade att en VPN-tjänst garanterar maskering av IP-adress och många trodde även att det skyddar mot spårning. Resultaten från de två metoderna visar att det finns ett behov av att öka användarnas medvetenhet kring VPN-teknologins för- och nackdelar samt de problem som finns. / VPN technology is known for safe guarding users' personal privacy and security online. By establishing an encrypted tunnel between users and the VPN service's server, several functions are enabled. These functions can include anonymous browsing by masking the user's IP address and geographical location, as well as providing a secure connection over a public network. The systematic literature review examines the problem domain within VPN solutions and aims to compile relevant research. Two databases were used in order to find articles using a search term, resulting in the acceptance of 31 articles after the review process. Thematic coding was applied, identifying four main areas: protocol vulnerabilities, hardware, software, and encryption and authentication. The analysis indicates the presence of issues within VPN technology, particularly in the area of protocols.The survey study investigated Swedish students' habits regarding VPN usage and their perception of its impact on their online security. The survey study had 83 participants, which means the sample was not representative of the chosen population. The survey study revealed that participants used VPN services to access institutional content, geographically restricted media, protect their personal privacy, and enhance their online security. The majority of participants responded that a VPN service guarantees IP address masking, and many believed it provides protection against tracking. The results from the two methods indicate a need to enhance users' awareness regarding the advantages and disadvantages of VPN technology, as well as the existing issues.

VPN

users

weaknesses

vulnerabilities

security

risk

VPN

användare

svagheter

sårbarheter

säkerhet

risker

Information Systems

內部控制缺失與經營績效之關聯性研究 / Internal Control Weaknesses and Firm Performance

林惠婷

Unknown Date

本研究以2004至2010年國內之上市公司為研究樣本，探討內部控制缺失對公司經營績效之影響。對於內部控制缺失之判斷，不同於以往，僅限以公司自行揭露或遭主管機關裁罰之資訊為對象，本研究廣泛蒐集公司負面新聞，將內部控制缺失依事件發生原因分類，並依照COSO報告架構將內部控制缺失依五大要素及五大目標予以分類。 實證研究結果顯示，內部控制缺失與企業經營績效間呈顯著負相關，重大之內部控制缺失對經營績效影響之程度較大。依發生原因分類內部控制缺失之分析結果顯示，違反金管會規定、管理階層操守與價值觀有偏差及發生會計錯誤而重編財報之公司，其經營績效較差。至於內部控制缺失涉及內部控制要素及控制目標者，分析顯示，各項缺失要素及目標皆與經營績效呈顯著負向關係，且缺失要素及缺失目標較多之公司，其經營績效較差。其中，控制環境、風險評估與監督三項控制要素缺失，以及財務報導目標缺失對經營績效有較顯著之負向影響。 / Based on a sample of 724 Taiwanese companies listed in Taiwan Securities Exchange over the period of 2004-2010, this research investigates the impact of internal control weaknesses on firm performance. Different from prior studies that identified internal control weaknesses only from voluntary disclosures made by the firm and releases regarding firm’s violation of regulations issued by the Finanical Supervisory Commission, Executive Yuan, ROC (FSC). This study extensively collects news related to events resulting from internal control weaknesses as an additional data source. A further classification of internal control weaknesses is performed based on the nature of the events and the internal control framework proposed in the COSO report. The empirical results indicate that firms with internal control weaknesses are significantly underperformed. It is also found that material weaknesses have greater impact on firm performance. The results show that firms associated with FSC regulation violation releases, the integrity and ethical values of management is biased, and had restated financial statements accounting errors have significantly lower performance. The internal control weaknesses classified by the elements and objectives of internal control based on the COSO framework, are found to be significantly and negatively related to the firm performance respectively and collectively. In specific, the weaknesses associated with control environment, risk assessment, monitoring, and financial reporting objective have greater impact on firm performance.

內部控制缺失

公司治理

經營績效

internal control weaknesses

cooperate governance

firm performance

Response to Intervention and Specific Learning Disability Identification Practices in Kentucky

Reeder, Sean

01 May 2014

Specific Learning Disabilities (SLD) have historically been difficult to define and measure which has led to uncertainty and controversy. The current study explored the practices of identifying specific learning disabilities in Kentucky by surveying school psychologist practitioners in the state. Information was obtained about current practices with regard to RTI implementation and methods and data used for SLD identification as well as the roles that school psychologists take in the response to intervention (RTI) process. The sample consisted of 97 current or recently (within the past year) practicing school psychologists from 45 districts across the state. It was predicted that the use of RTI data for SLD identification would be associated with the length of time a district had been implementing RTI. The data did not support such a relationship. The majority of the districts represented by respondents were noted to be beyond an initial implementation of RTI practices. Responses to questions regarding the implementation of core features of RTI were grouped into High Implementation (HI; n = 45) and Low Implementation (LI; n = 41) groups. An independent samples t-test found a significant difference between the HI and LI groups for the quality of implementation. The HI group evidenced higher quality ratings than the LI. The use of RTI data as the most frequent method for SLD determination was noted for 30.9% of respondents as opposed to 0% prior to 2007. However, severe discrepancy was the most preferred method (59.3%) used for determining placement followed by RTI (28.4%) and a pattern of strengths and weaknesses (4.9%). Districts were also not likely to utilize non-preferred types of data if a student transferred into their district with that non-preferred data. Finally, the roles of school psychologists in the RTI process were explored. Great variability was found across practitioners with regard to the roles they actively have in the RTI process; however, practitioners in the HI group generally were more involved in the RTI process than those in the LI group. The findings are discussed with regard to the current national SLD identification practices and the limitations of the current findings.

Response to Intervention (RTI)

Specific Learning Disabilities (SLD)

Severe Discrepancy

Special Education

Child Psychology

Learning Disabled Children

Child Psychology

Cognitive Psychology

Psychology

School Psychology

Assistance au développement et au test d'applications sécurisées / Assisting in secure application development and testing

Regainia, Loukmen

12 June 2018

Garantir la sécurité d’une application tout au long de son cycle de vie est une tâche fastidieuse. Le choix, l’implémentation et l’évaluation des solutions de sécurité est difficile et sujette a des erreurs. Les compétences en sécurité ne sont pas répondues dans toutes les équipes de développement. Afin de réduire ce manque de compétences en sécurité, les développeurs ont a leurs disposition une multitude de documents décrivant des problèmes de sécurité et des solutions requises (i.e., vulnérabilités, attaques, principes de sécurité, patrons sécurité, etc.). Abstraites et informelles, ces documents sont fournis par des sources différentes et leur nombre est en constante croissance. Les développeurs sont noyés dans une multitude de documents ce qui fait obstruction à leur capacité à choisir, implémenter et évaluer la sécurité d’une application. Cette thèse aborde ces questions et propose un ensemble de méthodes pour aider les développeurs à choisir, implémenter et évaluer les solutions de sécurité face aux problèmes de sécurité. Ces problèmes sont matérialisés par les failles, les vulnérabilités, les attaques, etc. et les solutions fournies par des patrons de sécurité. Cette thèse introduit en premier une méthode pour aider les développeurs dans l’implémentation de patrons de sécurité et l’estimation de leur efficacité face aux vulnérabilités. Puis elle présente trois méthodes associant les patrons de sécurité, les vulnérabilités, les attaques, etc. au sein d’une base de connaissance. Cette dernière permet une extraction automatique de classifications de patrons et améliore la rapidité et la précision des développeurs dans le choix des patrons de sécurité face à une vulnérabilité ou une attaque. En utilisant la base de connaissance, nous présentons une méthode pour aider les développeurs dans la modélisation des menaces ainsi que la générations et l’exécution des cas de test de sécurité. La méthode est évaluée et les résultats montrent que la méthode améliore l’efficacité, la compréhensibilité et la précision des développeurs dans le choix des patrons de sécurité et d’écriture des cas de test de sécurité. / Ensuring the security of an application through its life cycle is a tedious task. The choice, the implementation and the evaluation of security solutions is difficult and error prone. Security skills are not common in development teams. To overcome the lack of security skills, developers and designers are provided with a plethora of documents about security problems and solutions (i.e, vulnerabilities, attacks, security principles, security patterns, etc.). Abstract and informal, these documents are provided by different sources, and their number is constantly growing. Developers are drown in a sea of documentation, which inhibits their capacity to design, implement, and the evaluate the overall application security. This thesis tackles these issues and presents a set of approaches to help designers in the choice, the implementation and the evaluation of security solutions required to overcome security problems. The problems are materialized by weaknesses, vulnerabilities, attacks, etc. and security solutions are given by security patterns.This thesis first introduces a method to guide designers implement security patterns and assess their effectiveness against vulnerabilities. Then, we present three methods associating security patterns, attacks, weaknesses, etc. in a knowledge base. This allows automated extraction of classifications and help designers quickly and accurately select security patterns required to cure a weakness or to overcome an attack. Based on this nowledge base, we detaila method to help designers in threat modeling and security test generation and execution. The method is evaluated and results show that the method enhances the comprehensibility and the accuracy of developers in the security solutions choice, threat modeling and in the writing of security test cases.

Patrons de sécurité

Failles

Attaques

Principes de sécurité

Cycle de vie

Vérification des modèles

Test de sécurité

Security patterns

Weaknesses

Attacks

Principles

Life cycle

Model checking

Security testing

Avaliação da Paisagem da Gleba Cavalcante, no município de Nova Xavantina (Mato Grosso), utilizando a análise da paisagem multitemporal / Evaluation of landscape Gleba Cavalcante, the city of New Xavantina (Mato Grosso), landscape analysis using multitemporal

CASTRO, Lourivaldo Amancio de

15 May 2012

Made available in DSpace on 2014-07-29T14:39:37Z (GMT). No. of bitstreams: 1 Dissertacao Lourivaldo 28-08-12.pdf: 2725162 bytes, checksum: 303ebe841c204b67b5fb459fd17cefd7 (MD5) Previous issue date: 2012-05-15 / The analysis of the transformation of natural landscape of a specific place that permits the identification of areas more critical about the level of degradation, inadequacy of the use of the land and potential conflicts of use in relation to the environmental legislation. It is extremely relevant to the establishment of measures for management and use of conservation of land. The aim of this work is to analyze the landscape of the Cavalcante village, from the changing patterns of land use based on the timeline performed by the GIS, digital classification of satellite images and thematic maps. The results of this work indicated that in the periods analyzed (1990, 2000, 2010 and 2011) there was a gradual process of transformation of the natural landscape, dominated by native vegetation in pastoral systems in an estimated value of 361.6 hectares. The analysis of the slope shows an irregular relief ranging from 0 to> 35% classified as flat to undulating strong. It was verified that all land use is on plain areas to smooth undulation in the classes of 0-6% slope. It was observed three classes of soils: a Red-Yellow Latosol dystrophic Glei Slightly Damp and Litholic Neosols. The relationship with the land use with the land showed the largest use over the class Glei Slightly Damp about 80% of the total. Irregular situations with respect to legislation and the environmental protection were detected in the area. Since in the most part of the PPAs along the waterways the use and land cover are inadequate, about the Forest Code, prevailing in these pastures. The area of the Cavalcante village had four classes of potential Environment Fragility (Very High, High and Medium) and the class of fragility most representative in the area was the Very High with 76% of the total. The analysis in relation to the classes of Emerging Environment Fragility to the Cavalcante village showed that the area has also four emerging classes (Very High, High and Medium) with one class more representative, Very High with 75,6%. The use of GIS and computational tools, combined with the qualitative analysis of the images, the generation and interpretation of thematic maps, field work and the choice of associated parameters with the methodologies used that facilitated the perception of how was the use and occupation of land in the area. The results show that the main uses of the land in the Cavalcante Village are for livestock, which conflicts with the laws and lack of environmental policies and technical knowledge to choose the type of use according to the suitability of the land. This situation reaffirms the need to perform other works and proposing actions for a better use of the land and adaptation to the Environmental Laws. / A análise da transformação da paisagem natural permite a identificação de áreas mais críticas quanto ao nível de degradação, inadequabilidade do uso da terra e possíveis conflitos deste uso em relação à legislação ambiental, sendo assim extremamente relevante para o estabelecimento de medidas de manejo e uso conservacionista da terra. O objetivo deste trabalho é o de analisar a paisagem da Gleba Cavalcante, a partir da evolução dos padrões de uso da terra com base no monitoramento espaço-temporal realizado por meio do geoprocessamento, classificação digital de imagens de satélite e elaboração de mapas temáticos. Durante os resultados períodos analisados (1990, 2000, 2010 e 2011) houve aumento gradativo na transformação da vegetação nativa em sistemas Agropastoris em um valor estimado de 361,6 hectares ou 28,16%. O relevo da área é irregular variando de 0 a >35%, sendo classificado como plano a forte ondulado. Todo uso da terra se encontra sobre áreas planas à suave ondulada, em áreas com declividade de 0-6%. Foram observadas três classes de solos: Latossolo Vermelho-Amarelo Distrófico Glei Pouco Húmico e Neossolos Litólicos. O uso da terra se concentrou na classe Glei Pouco Húmico, com cerca de 80% do total. Situações irregulares com relação à legislação e a preservação ambiental foram detectadas na área. Na maior parte das Após, ao longo dos cursos d água, o uso e cobertura da terra estão inadequados em relação o Código Florestal, predominando nestas as pastagens. A área da Gleba Cavalcante apresentou três classes de Fragilidade Ambiental Potencial (Muito Alta, Alta e Média) sendo que a classe de fragilidade mais representativa na área foi Muito Alta com 76% do total. Em relação às classes de Fragilidade Ambiental Emergente, foram detectadas três classes (Muito Alta, Alta e Média), com maior representatividade da classe Muito Alta com 75,6%. Os resultados mostram que os principais usos da terra na Gleba Cavalcante são para fins de pecuária, que existem conflitos em relação às leis ambientais e falta de políticas e conhecimento técnico para a escolha do tipo de uso em relação à aptidão da terra.

Paisagem

Aspectos Físicos

Uso da Terra

Área de Proteção Ambiental

Fragilidades Ambientais

Landscape

Physical Aspect

Land Use

Environmental Protection Area

Environmental

Weaknesses

CNPQ::CIENCIAS HUMANAS::GEOGRAFIA

Automated Debugging and Bug Fixing Solutions : A Systematic Literature Review and Classification / Automated Debugging and Bug Fixing Solutions : A Systematic Literature Review and Classification

shafiq, Hafiz Adnan, Arshad, Zaki

January 2013

Context: Bug fixing is the process of ensuring correct source code and is done by developer. Automated debugging and bug fixing solutions minimize human intervention and hence minimize the chance of producing new bugs in the corrected program. Scope and Objectives: In this study we performed a detailed systematic literature review. The scope of work is to identify all those solutions that correct software automatically or semi-automatically. Solutions for automatic correction of software do not need human intervention while semi-automatic solutions facilitate a developer in fixing a bug. We aim to gather all such solutions to fix bugs in design, i.e., code, UML design, algorithms and software architecture. Automated detection, isolation and localization of bug are not in our scope. Moreover, we are only concerned with software bugs and excluding hardware and networking domains. Methods: A detailed systematic literature review (SLR) has been performed. A number of bibliographic sources are searched, including Inspec, IEEE Xplore, ACM digital library, Scopus, Springer Link and Google Scholar. Inclusion/exclusion, study quality assessment, data extraction and synthesis have been performed in depth according to guidelines provided for performing SLR. Grounded theory is used to analyze literature data. To check agreement level between two researchers, Kappa analysis is used. Results: Through SLR we identified 46 techniques. These techniques are classified in automated/semi-automated debugging and bug fixing. Strengths and weaknesses of each of them are identified, along with which types of bugs each can fix and in which language they can be implement. In the end, classification is performed which generate a list of approaches, techniques, tools, frameworks, methods and systems. Along, this classification and categorization we separated bug fixing and debugging on the bases of search algorithms. Conclusion: In conclusion achieved results are all automated/semi-automated debugging and bug fixing solutions that are available in literature. The strengths/benefits and weaknesses/limitations of these solutions are identified. We also recognize type of bugs that can be fixed using these solutions. And those programming languages in which these solutions can be implemented are discovered as well. In the end a detail classification is performed. / alla automatiska / halvautomatiska felsökning och felrättning lösningar som är tillgängliga i litteraturen. De styrkor / fördelar och svagheter / begränsningar av dessa lösningar identifieras. Vi erkänner också typ av fel som kan fastställas med hjälp av dessa lösningar. Och de programmeringsspråk där dessa lösningar kan genomföras upptäcks också. Till slut en detalj klassificering utförs / +46 763 23 93 87, +46 70 966 09 51

Automated and semi-automated

bug fixing techniques

debugging techniques

solutions

strengths and weaknesses

search algorithms

search based software engineering

systematic literature Review

classification

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Rozvoj malé živnostenské firmy / The business plan for creating of new service company

Tomšů, Pavel

January 2007

This master´s thesis analyses a current situation of a trade firm. It suggests development plan to remove weaknesses, eliminate threats and make economic activity more effective.

Konkurenční strategie firmy / Corporate Competitive Strategy

Čech, Petr

January 2010

The aim of the diploma thesis is to create competitive strategy of a middle-size company working in mechanical industry. The thesis analysis the current state and the internal factors of the analyzed firm with respect to the external factors. The competitive strategy and its implementation are suggested on the base of defined firm´s target and competitive advantages.

Návrh strategie rozvoje malého rodinného podniku / Strategy of Small Family - Owned Company Development Proposal

Uherková, Andrea

January 2012

This thesis deals with the development strategy of a small family business. The work is an attempt to propose such changes to be taken to eliminate weaknesses in the company, eliminate threats and streamline the management of the company. To do this, the work uses theoretical knowledge from the individual analysis and uses it to evaluate the current state of the company. The proposed changes are then based on these analysis. The work includes projects in the field of marketing, finance and human resources.

Hodnocení finanční situace podniku a návrhy na její zlepšení / Evaluation of the Financial Situation of a Company and Proposals for Its Improvement

Janderka, Jakub

January 2016

Content of this thesis is to evaluate the financial situation of the company during the period from 2010 to 2014, using available methods, strategic and financial analysis. Subsequently on the basis of these results are suggested measures to improve the deficiencies in the assets, liabilities, liquidity, profitability and overall financial situation of the company.