Global ETD Search

621	AWSLang: Probabilistic Threat Modelling of the Amazon Web Services environment Singh Virdi, Amandeep January 2018 (has links) Attack simulations provide a viable means to test the cyber security of a system. The simulations trace the steps taken by the attacker to compromise sensitive assets within the system. In addition to this, they can also estimate the time taken by the attacker for the same, measuring from the initial step up to the final. One common approach to implement such simulations is the use of attack graph, which trace the various dependencies of every step and their connection to one another in a formal way. To further facilitate attack simulations and to reduce the effort of creating new attack graphs for each system of a given type, domain-specific languages are employed. Another advantage of utilizing such a language is that they organize the common attack logics of the domain in a systematic way, allowing for both ease of use and reuse of models. MAL (the Meta Attack Language) has been proposed by Johnson et al. to serve as a framework to develop domain-specific languages [1]. My work is based upon the same. This thesis report presents AWSLang, which can be used to design IT system models in context to the AWS (Amazon Web Services) environment and analyse their weaknesses. The domain specifics of the language are inspired from and based on existing literature. A Systematic Literature Review (SLR) is performed to identify possible attacks against the elements in an AWS environment. These attacks are then used as groundwork to write test cases and validate the specification. / Attacksimuleringar är ett användbart sätt att testa cybersäkerheten i ett system. Simuleringarna spårar de steg som angriparen tog för att försvaga säkerheten av känsliga tillgångar inom systemet. Utöver detta kan de uppskatta hur länge attacken varade, mätt från första till sista steget. Ett gemensamt tillvägagångssätt för att implementera sådana simuleringar är användningen av attackgrafer, som spårar olika beroenden av varje steg och deras koppling till varandra på ett formellt sätt.För att ytterligare underlätta attacksimuleringar och minska ansträngningen att skapa nya attackgrafer för varje system av en given typ, används domänspecifika språk. En annan fördel med att använda ett sådant språk är att det organiserar domänens gemensamma attacklogiker på ett systematiskt sätt, vilket möjliggör både en enkel användning och återanvändning av modeller. MAL (Meta Attack Language) har föreslagits av Johnson et al. att fungera som ramverk för utvecklingen av domänspecifika språk [1]. Mitt arbete är baserat på detsamma.I denna uppsats presenteras AWSLang, som kan användas för att utforma IT-systemmodeller i kontexten av AWS-miljön (Amazon Web Services) och analysera deras svagheter. Språkets domänspecifikationer är inspirerade av och baserade på befintlig litteratur. En systematisk litteraturöversikt görs för att identifiera möjliga attacker mot elementen i en AWS-miljö. Dessa attacker används sedan som grund för att skriva testfall och validera specifikationen. Domain Specific Language Cyber Security Threat Modelling Attack Graphs Amazon Web Services Domänspecifikt Språk Cybersäkerhet Hotmodellering Attackgrafer Amazon Web Services Computer and Information Sciences Data- och informationsvetenskap Elektroteknik och elektronik
622	Explaining recommendations Tintarev, Nava January 2009 (has links) Recommender systems such as Amazon, offer uses recommendations, or suggestions of items to try or buy. We propose a novel classification of reasons for including explanations in recommender systems. Our focus is on the aim of effectiveness, or decision support, and we contrast it with other metrics such as satisfaction and persuasion. In user studies, we found that people varied in the features they found important, and composed a short list of features in two domains (movies and cameras). We then built a natural language explanation testbed system, considering these features as well as the limitations of using commercial data. This testbed was used in a series of experiments to test whether personalization of explanations affects effectiveness, persuasion and satisfaction. We chose a simple form of personalization which considers likely constraints of a recommender system (e.g. limited meta-data related to the user) as well as brevity. In these experiments we found that: 1. Explanations help participants to make decisions compared to recommendations without explanations, we saw as a significant decrease in opt-outs in item ratings – participants were more likely to be able to give an initial rating for an item if they were given an explanation, and the likelihood of receiving a rating increased for feature-based explanations compared to a baseline. 2. Contrary to our initial hypothesis, our method of personalization could damage effectiveness for both movies and cameras which are domains that differ with regard to two dimensions which we found affected perceived effectiveness: cost (low vs. high), and valuation type (subjective vs. objective). 3. Participants were more satisfied with feature-based than baseline explanations. If the personalization is perceived as relevant to them, then personalized feature-based explanations were preferred over non-personalized. 4. Satisfaction with explanation was also reflected in the proportion of opt-outs. The opt-out rate for the explanations was highest in the baseline for all experiments. This was the case despite the different types of explanation baselines used in the two domains. 300.285
623	An exploration of the diffusion of a new technology from communities of practice perspective: Web services technologies in digital libraries. Oguz, Fatih 08 1900 (has links) This study explored and described decision factors related to technology adoption. The research used diffusion of innovations and communities of practice (CoP) theoretical frameworks and a case study of Web services technology in the digital library (DL) environment to develop an understanding of the decision-making process. A qualitative case study approach was used to investigate the research problems and data were collected through semi-structured interviews, documentary evidence (e.g., meeting minutes), and a comprehensive member check. The research conducted face-to-face and phone interviews with seven respondents with different job titles (administraive vs. technical) from five different DL programs selected based on distinctive characteristics such as size of the DL program. Findings of the research suggested that the decision-making process is a complex process in which a number of factors are considered when making technology adoption decisions. These factors are categorized as organizational, individual, and technology specific factors. Further, data showed that DL CoPs played an important role in enabling staff members of a DL program to access up-to-date and experienced-based knowledge, provided a distributed problem solving and learning environment, facilitating informal communication and collaborative activities, and informing the decision-making process. Technology adoption digital libraries Web services. Digital libraries -- Decision making. Diffusion of innovations. Communities of practice.
624	Preferenční dotazováni, indexy, optimalizace / Preferencev querying, indexing, optimisation Horničák, Erik January 2009 (has links) In this thesis we discuss the issue of searching the best k objects from the multi-users point of view. Every user has his own preferences, which are represented by fuzzy functions and aggregation function. This thesis designs and implements several solutions of searching the best k objects when attributes data are stored on remote servers. It was necessary to modificate existing algorithms for this type of obtaining data. This thesis uses several variants of Fagin algorithm, indexing methods using B+ trees and communication via web services.
625	Preferenční dotazováni, indexy, optimalizace / Preferencev querying, indexing, optimisation Horničák, Erik January 2011 (has links) In this thesis we discuss the issue of searching the best k objects from the multi-users point of view. Every user has his own preferences, which are represented by fuzzy functions and aggregation function. This thesis designs and implements several solutions of searching the best k objects when attributes data are stored on remote servers. It was necessary to modificate existing algorithms for this type of obtaining data. This thesis uses several variants of Fagin algorithm, indexing methods using B+ trees and communication via web services.
626	[en] FRAMEWORK FOR COORDINATION AND MEDIATION OF WEB SERVICES MODELED AS LEARNING OBJECTS FOR WEB-BASED LEARNING ENVIRONMENTS / [pt] FRAMEWORK PARA COORDENAÇÃO E MEDIAÇÃO DE WEB SERVICES MODELADOS COMO LEARNING OBJECTS PARA AMBIENTES DE APRENDIZADO NA WEB REUBEM ALEXANDRE DALMEIDA GIRARDI 18 March 2005 (has links) [pt] O crescente interesse em ambientes de aprendizado na Web incentiva pesquisas e torna evidente a importância do desenvolvimento de tecnologias e padrões que permitam ambientes, instrutores e participantes a criar, encontrar, consumir, reusar e compartilhar conteúdos instrucionais, conhecidos como objetos de aprendizagem ou learning objects. Padrões para metadados, objetos de aprendizagem e arquiteturas para prover suporte a estas tecnologias em sistema de ensino na web (learning management systems - LMS) são a chave para o sucesso do e-Learning. Neste sentido, o conceito de objetos de aprendizagem possui fundamental importância e concentra grande parte das pesquisas realizadas nesta área. Em paralelo, a observação de que o aprendizado na web ocorre através do auxílio de ferramentas e serviços que fazem parte dos LMS gera a reflexão sobre a atual modelagem e entendimento destes serviços. Com isso, este trabalho defende a modificação do conceito de learning objects, estendendo o atual, incorporando serviços à sua abrangência, sendo estes modelados com base na tecnologia de serviços web (web services). No final, é apresentado um framework para facilitar a adaptação de Learning Management Systems a este novo conceito de learning objects e o estudo de caso no Ambiente AulaNet. / [en] The increasing interest in web-based learning environments stimulates researches and evidences the importance of developing technologies and standards that allow environments, instructors and participants to create, find, consume, reuse, and to share instructional contents, known as learning objects. Metadata standards, learning objects and architectures to support these technologies in Learning Management Systems (LMS) are the key for the success of e-learning. In this context, the learning object concept has essential importance and concentrates the majority of the researches accomplished in this field. At the same time, observing that the learning in the web happens through the aid of tools and learning services which are part of LMS, leads to the reflection about the current modeling and understanding of these services. This work defends the modification of the learning objects concept, extending the current one by incorporating services to its extent, being these modeled as Web Services. Finally, a framework is presented in order to facilitate the adapting of the Learning Management Systems to the new concept of learning objects, as well as a case study in the AulaNet Environment. [pt] FRAMEWORK [en] FRAMEWORK [pt] SERVICOS WEB [en] WEB SERVICES [pt] AMBIENTES DE APRENDIZADO NA WEB [en] WEB-BASED LEARNING ENVIRONMENTS
627	Sistema de informação para rastreabilidade de produtos florestais baseado em uma arquitetura orientado a serviços. / Information system for traceability of forestry products based in a service-oriented architecture. Silva, Daniel Lins da 20 September 2011 (has links) A produção florestal é uma atividade de importância fundamental para a economia brasileira. Estudos mostram que a ilegalidade na produção da madeira chega a 80% do total produzido. Esta madeira ilegal se transforma em legalizada durante a sua cadeia de suprimentos, graças às falhas nos sistemas de controle e monitoramento. Este trabalho analisa os problemas computacionais existentes no gerenciamento e no monitoramento do processo produtivo florestal na Floresta Amazônica e apresenta a modelagem de um sistema computacional, baseado em uma arquitetura orientada a serviços, que busca por meio da integração dos sistemas envolvidos o registro de informações das diversas etapas produtivas. Para isso, foi criado um modelo de informação que utiliza o padrão de metadados eFIDS, projetado para controlar transações eletrônicas na indústria florestal e uma base de dados centralizada, onde as informações deste processo são registradas e relacionadas, possibilitando a manutenção da rastreabilidade dos produtos e insumos florestais durante todo seu ciclo de vida, garantindo a identificação da origem florestal destes produtos para as empresas e consumidores finais. / The Forest production is an activity with fundamental importance for the Brazilian economy. Studies show that the illegality in timber production is around 80% of total productive. This illegal wood becomes legalized in your supply chain due the failures in control and monitoring systems. This paper analyzes a computational problems existing in managing and monitoring productive process in the Amazon Forest and presents the modeling of a computational system, based on a service-oriented architecture, which seeks through the involved systems integration the recording of information about the various productive stages. For this was created an information model that uses the eFIDS metadata standard, designed to handle electronic transactions in the forestry industry, and a centralized database, where the process information are recorded and linked, enabling the maintenance of product and raw material traceability throughout its lifecycle, ensuring identification of the forest products origin for businesses and consumers. Cadeia de suprimentos Distributed systems Madeira Rastreabilidade Serviços Web Sistemas distribuídos Supply chain management Traceability Web services Wood
628	Tratamento de eventos aplicado à composição de serviços web / Processing of events for web services composition Rodrigues, Mauricio Chui 29 May 2012 (has links) Funcionalidades de software expostas como serviços Web são cada vez mais comuns e suas formas de composição e coordenação são cada vez mais imprescindíveis. Orquestração e coreografia, tradicionais abordagens de composição de serviços Web, são providas por ferramentas voltadas ao gerenciamento de processos de negócio com diferentes enfoques. Apesar do sucesso dessas abordagens, existem ainda desafios a serem superados, tais como a dificuldade de manutenção em fluxos de controle já existentes, o custo de comunicação associado às interações com os serviços Web, o conhecimento do processo de negócio por parte dos serviços e ainda a compatibilidade dos mesmos em uma composição. Como alternativa às abordagens tradicionais, esta dissertação propõe o uso da abordagem WED-flow para composição de serviços Web, de modo que a execução de processos de negócio seja orientada pelas alterações do estado dos dados. Na abordagem proposta, o fluxo de controle não é um requisito, mas sim uma consequência da execução dos serviços Web, o que proporciona maior flexibilidade para o desenvolvimento e a manutenção das aplicações. Mais concretamente, a primeira contribuição deste trabalho é a proposição e a avaliação de cenários possíveis de orquestração e coreografia de acordo com critérios pré-definidos. A segunda contribuição é a implementação da abordagem WED-flow para a composição de serviços Web, bem como sua validação prática e sua avaliação em relação aos cenários de coreografia e orquestração. / Features of software exposed as Web services are becoming more common and their forms of composition and coordination are increasingly essential. Orchestration and choreography, traditional approaches for Web service compositions, are provided by tools that manage business processes with different approaches. Despite the success of these approaches, there are still challenges to be overcome such as the difficulty of maintaining flows in existing control, the communication cost associated with Web service interactions, knowledge of the business process by the services and even their compatibility in service compositions. As an alternative to traditional approaches, this paper proposes the use of WED-flow approach for Web services composition, so that the execution of business processes is driven by changes in data states. In our approach, the control flow is not a requirement but a consequence of the Web service execution, which provides greater flexibility for the development and maintenance of applications. More specifically, the first contribution of this work is to propose and evaluate possible scenarios of orchestration and choreography according to predefined criteria. The second contribution of this work is the implementation of WED-flow approach for Web service compositions, as well as its validation in the choreography and orchestration scenarios. choreography composição composition coreografia data states estados de dados orchestration orquestração REST REST serviços Web Web services WED-flow WED-flow
629	Résolution de contraintes de déductibilité : application à la composition de services Web sécurisés / Resolution of constraint systems for automatic composition of security-aware Web Services Avanesov, Tigran 19 September 2011 (has links) Les contraintes de déductibilité ont été introduites pour vérifier les protocoles cryptographiques. Cette thèse présente une procédure de décision pour le problème de satisfaisabilité des systèmes généraux de contraintes de déductibilité. Deux cas sont envisagés: la théorie de Dolev-Yao standard et son extension par un opérateur associatif, commutatif, idempotent. Le résultat est utilisé pour résoudre le problème de l'orchestration automatique et distribué de services Web sécurisés. Comme seconde application nous proposons une procédure pour décider la sécurité d'un nombre fini de sessions de protocole en présence de plusieurs intrus qui ne communiquent pas. Nous montrons également comment il est possible de détecter certaines attaques par réécriture qui exploitent le format des messages en XML / Deducibility constraints have been introduced to verify cryptographic protocols. This thesis gives a decision procedure for the satisfiability problem of general deducibility constraints. Two cases are considered: the standard Dolev-Yao theory and its extension with an associative, commutative idempotent operator. The result is applied to solve the automated distributed orchestration problem for secured Web services. As a second application we give a procedure to decide the security of a cryptographic protocol in presence of several non-communicating intruders. We also show how it is possible to detect some XML rewriting attacks on Web services Contraintes de déductibilité ACI Composition de services Web Orchestration distribuée Protocoles Deducibility constraints ACI Web Services composition Distributed orchestration Protocols
630	SWService: uma biblioteca para a escrita da Língua Brasileira de Sinais baseada em Web Services Souza, Vinicius Costa de 25 February 2005 (has links) Made available in DSpace on 2015-03-05T13:53:44Z (GMT). No. of bitstreams: 0 Previous issue date: 25 / Coordenação de Aperfeiçoamento de Pessoal de Nível Superior / Grandes avanços na ciência têm ocorrido nos últimos anos, provocando um processo de mudanças sócio-culturais, no qual o acesso a novas tecnologias se torna extremamente importante para todos. Entretanto, a grande maioria das ferramentas computacionais não está preparada para uso por pessoas portadoras de necessidades especiais. Mesmo assim, algumas iniciativas estão sendo desenvolvidas para difundir as línguas de sinais como forma de apoiar a inclusão digital e social dos surdos. Porém, a utilização dessas línguas em software ainda é bastante complexa e dispendiosa. Assim, este trabalho teve como objetivo o desenvolvimento da SWService, uma biblioteca que visa fornecer os recursos necessários para que softwares baseados na web possam utilizar a Língua Brasileira de Sinais. A solução apresenta como principal vantagem a utilização da tecnologia de Web Services, o que permite seu uso sem necessidade de desenvolvimento ou instalação local. Além disso, foram realizados um estudo de caso e uma pesquisa de opinião s / Great advances in science have been made in the last years promoting a social-cultural changing process, in which the access to the new technologies becomes too important for all. However, most of computational tools are not prepared to people who has special necessities. Some initiatives have been developed to spread out the sign languages as a way to make possible the deaf digital and social inclusion. But, the use of these languages in software is still complex and expensive. Thus, the aim of this work was to develop a library, SWService, which provides the wanted features to enable web-based software to use the Brazilian Sign Language. This solution presents as main advantage the use of Web Services technology witch allows the SWService use without local development or installation necessity. Besides, a case study and an opinion research applied to Sign WebForum, a discussion forum which uses the SWService to permits the writing and reading of messages both in Portuguese and Libras, were realized. Ciências Exatas e da Terra Língua Brasileira de Sinais Sign Writing SWService Engenharia de software Sign Writing SWService Web Services Brazilian Sign Language

Search results