79 research outputs found

    iOS Technologies & Frameworks

    Get PDF
    Apple’s mobile platform — iOS — currently generates the largest amount of revenue out of all mobile app stores. The majority of iDevices run the latest major iOS version (iOS 10) due to Apple users’ tendency to update their devices. Consequently, iOS developers are pressured into keeping their apps up to date. Advantages to updating apps consist of new features and adapting apps to the platform’s hardware and software evolution. However, this does not always happen. There are apps, some popular (with many users), which either receive slow updates, or not at all. The main consequence of developers not updating to the latest tendencies (i.e. user interface or API changes) is the degradation of their apps’ user experience. This subpar user experience leads to a decrease in the number of installs (and sales) and a search for alternatives that have been updated to support the latest firmware iteration fully. We identified a common pattern amongst ten apps which have subpar reviews on the App Store: excessive battery consumption and lack of user onboarding were just a few of the ssues. Above all, almost all those apps belong to the top 1% of apps (which generate 94% of the App Store’s revenue), so the lack of focus on the user experience is unfortunate considering their massive user bases. We listed the available resources for those wanting to develop or improve iOS apps. Given these requisites, we studied the possibility of developing a mobile app that adopted good engineering practices and, above all, focused on delivering an excellent user experience in a given timeframe of six months. The app’s idea consisted of a wish list management app called Snapwish that allows the user to take photos of objects they want, create wish lists, and share them with family and friends. The app allows for offline usage, with data syncing automatically (in real-time) without user intervention when the app’s Internet connection is present. We tested Snapwish thoroughly to measure the quality of its implementation. Profiling helped assert that core metrics like CPU and memory usage, network data requests and energy consumption were within acceptable values while unit and user interface tests served to validate our code functionally. Furthermore, our team of five beta testers provided valuable feedback and suggestions. Ultimately, the six-month timeframe proved to be insufficient in regards to a release on the App Store, as Snapwish remains in the latter beta stages at the time of writing. This delay is mostly attributed to a lengthy testing process. Thus, we plan on releasing it in the first trimester of 2017.Hoje em dia, a plataforma móvel da Apple — iOS — é a que tem maior revenue em aplicações móveis. A maior parte dos dispositivos móveis iOS corre a versão mais atual (iOS 10), devido à tendência dos seus utilizadores em atualizar o sistema operativo com frequência. Consequentemente, os desenvolvedores da plataforma são pressionados para manterem as suas apps atualizadas. Algumas das vantagens das atualizações consiste em adicionar novas funcionalidades e adaptar as apps à evolução do hardware e do software da plataforma. Contudo, isto nem sempre e verifica. Existem muitas apps, algumas “populares” (com muitas instalações) cuja atualização demora ou não acontece. A principal consequência da não atualização das apps às tendências atuais, quer em termos de interação, quer em termos de mecanismos de proteção de dados, consumo de bateria e outros, é a degradação da experiência de quem as utiliza, consequentemente, a diminuição do número de instalações (e vendas) e a crescente procura de alternativas que tenham estes princípios em conta. Foi identificado um padrão comum em dez aplicações cujas classificações na App Store são medíocres: um consumo exagerado de bateria e falta de user onboarding foram apenas alguns dos problemas. Acima de tudo, quase todas pertencem ao 1% de aplicações que geram 94% das receitas da App Store. A falta de foco na experiência do utilizador é infeliz considerando as enormes bases de utilizadores dessas aplicações. Foram listados os recursos disponíveis para quem pretende desenvolver ou melhorar uma aplicação iOS. Dadas essas premissas, foi estudada a possibilidade de desenvolver uma aplicação móvel que adote boas práticas de engenharia e, acima de tudo, foque na experiência do utilizador, num período de seis meses. A ideia para a aplicação consistiu num gestor de listas de desejos designada Snapwish que permite tirar fotos de objetos que o utilizador deseja, criar listas, e partilhá-las com amigos e familiares. Além disso, a app permite o uso offline e os dados são sincronizados em tempo real sem intervenção do utilizador quando a app dispõe de uma conexão à Internet. A nossa aplicação foi testada extensivamente para medir o nível de qualidade da sua implementação. O profiling ajudou em constatar que métricas fundamentais como o consumo de CPU e memória, pedidos de dados de rede e de consumo de energia (bateria) estavam dentro dos parâmetros aceitáveis. Além disso, uma equipa de cinco beta-testers contribuiu com comentários e sugestões de grande valor. Em última análise, o prazo de seis meses revelou-se insuficiente em relação ao lançamento da app na App Store. O Snapwish permanece numa fase beta avançada (no momento da escrita desta tese). Este atraso é principalmente atribuído a um extenso processo de testes. Assim, pretendemos lançar a aplicação no primeiro trimestre de 2017

    Network Function Virtualization technologies applied to cellular systems

    Get PDF
    Future 5G networks will exploit the inherent flexibility associated to the introduction of Network Function Virtualization (NFV) technologies in both the core network and even the Radio Access Network (RAN) through the software implementation of network functions running on general purpose computing/storage resources. The advent of the NFV paradigm provides an inherent capability to add new functionalities, extend, upgrade or evolve existing functionalities and to customize the network on a per-tenant basis. In this context, this work intends to make an analysis of the cuFuture 5G networks open a new spectrum of possibilities, both at the level of services it can offer, and at the level of its deployment. This thesis aims to make a study of some of the technologies that make possible the arrival of 5G, such as virtualization and virtualization applied to networks, NFV. In order to better understand the defined standard for NFV, the analysis of market NFV-MANO available tools is included. In addition, the study and evaluation of the deployment process of a virtualized 5G network scenario has been performed with HPE NFV Director

    Virtual file system in user space

    Get PDF
    This thesis presents a custom Virtual File System (VFS) built with C++, using a custom wrapper for the FUSE library. The VFS is modular in design, facilitating easy extension with new features. Two prototype modules for ver- sioning and encryption are also included, each accompanied by a command- line interface tool for control, such as restoring versions or encrypting files. Thanks to its password/key protection and encryption capabilities, the VFS enhances file management, enabling secure storage and retrieval of sensitive data. In addition, built-in versioning functionality allows users to access and restore previous file versions with ease. Once the VFS is mounted, it can be accessed in the same standard way as any other file system, making it user-friendly and accessible.Tato bakalářská práce se věnuje vytváření virtuálního souborového sys- tému (VFS) prostřednictvím knihovny FUSE upravené pro použití s C++. Zmíněné VFS je modulární a tedy umožňuje snadné přidání nových funkcí. Dále jsou poskytnuty dva prototypy modulů pro podporu verzování a šifro- vání, každý s vlastním nástrojem pro ovládání z příkazové řádky. Šifrování přidává možnost zamykat jednotlivé soubory a složky heslem nebo klíčem pro bezpečné uložení citlivých dat. Verzování na druhou stranu umožní uži- vatelům snadno uchovávat a obnovovat předchozí verze souborů. Po instalaci VFS je k němu možné přistupovat stejným způsobem jako k jakémukoliv jinému souborovému systému.Katedra softwarového inženýrstvíDepartment of Software EngineeringFaculty of Mathematics and PhysicsMatematicko-fyzikální fakult

    Jazz History Database Global Contributor Project

    Get PDF
    The JazzHistoryDatabase is a non-profit organization at WPI that archives recordings, photographs, and other jazz artifacts from around the world that might otherwise deteriorate. This archive, accessible at jazzhistorydatabase.com, was previously maintained by students and faculty who built the website by hand. Our goal was to design, build and document a web-based tool to allow volunteers and international correspondents to upload digitized jazz artifacts into a simple web form that would subsequently output and publish template-based web pages

    Demystifying Internet of Things Security

    Get PDF
    Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

    Playful by design: free play in a digital world

    Get PDF
    To change the world, you must first dream. So often, the digital world of children is stated in binaries – on or offline, good or bad actors, opportunity or harm – but the lived reality of children is much more complicated. Where on and off can be seamless and simultaneous, too much of a good thing can be bad, or something meant for one purpose can be hacked for another: sometimes with harmful outcomes, and sometimes joyous. It is with full understanding of this complicated context that Playful by Design® has been researched, developed and written

    A DevOps approach to infrastructure on demand

    Get PDF
    As DevOps grows in importance in companies, there is an increasing interest in automating the process of building and deploying infrastructure, having as an objective reduce the complexity for non DevOps engineers and making it so that infrastructure is less error prone, which is not the case when doing it manually. This work aims to explore how to build a solution that allows to manage infrastructure on demand while supporting specific services that are relevant for git profiles analysis, such as Sonarqube and Jenkins. Firstly, this work starts by introducing its context, the problem that the solution is trying to solve and the methodology used to develop the solution. On the State-of-the-Art various topics are presented in order to give all the information needed to understand the implementation of the solution, including concepts such as DevOps and Automation, while going over specific technologies such as GraphQL, Docker, Terraform and Ansible. A value analysis was also done to explore what are the main concerns for stakeholders when managing their infrastructure and to define the value of the solution being developed. Lastly, the solution was implemented making use of various technologies and with scalability in mind that would allow it to grow in the amount of services supported with minimum changes. The work is interesting for someone that is interested in DevOps, Infrastructure-as-Code and automation in general.Com o crescimento da importância de DevOps em empresas existe um interesse acrescido em automatizar o processo de construir e de dar deploy de infra-estrutura, tendo como objectivo reduzir a complexidade para engenheiros menos proficientes em DevOps, e construir infraestrutura que é menos propensa a erros, o que não acontece quando feito manualmente. Este trabalho visa implementar uma solução capaz de gerir infra-estrutura a pedido e ao mesmo tempo suportar serviços específicos relevantes para a análise de perfis git, como por exemplo Sonarqube e Jenkins. Em primeiro lugar, este trabalho começa por introduzir o seu contexto, o problema que a solução está a tentar resolver e a metodologia utilizada para desenvolver a solução. No estado da arte são apresentados vários tópicos com a finalidade de fornecer toda a informação necessária para compreender a implementação da solução, incluindo conceitos como DevOps e automação, são também exploradas tecnologias específicas como GraphQL, Docker, Terraform e Ansible. Foi também feita uma análise de valor para explorar quais são as principais preocupações das partes interessadas na gestão das infra-estruturas das suas empresas e para definir o valor da solução que está a ser desenvolvida. Finalmente, a solução foi implementada, recorrendo a várias tecnologias e tendo em mente a escalabilidade da solução que permitiria crescer na quantidade de serviços suportados requerendo alterações mínimas. O trabalho é interessante para alguém que esteja interessado em DevOps, Infraestrutura como código e automatização em geral

    Infrastructure management in multicloud environments

    Get PDF
    With the increasing number of cloud service providers and data centres around the world, cloud services users are becoming increasingly concerned about where their data is stored and who has access to the data. The legal reach of customers’ countries does not expand over the country’s borders without special agreements that can take a long while to get. Because it is safer for a cloud service customer to use a cloud service provider that is domestically legally accounta-ble, customers are moving to using these cloud service providers. For the case company this causes both a technical problem and a managerial problem. The technical problem is how to manage cloud environments when the business expands to multiple countries, with said countries customers requiring that the data is stored within their country. Different cloud service providers can also be heterogeneous in their features to manage infrastructure, which makes managing and developing the infrastructure even more difficult. For example, application programming interfaces (API) that makes automation easier can vary between providers. From a management point of view, different time zones also make it harder to quickly respond to any issues in the IT infrastruc-ture when the case company employees are working in the same time zone. The objective of this thesis is to address the issue by investigating which tools and functionali-ties are commonly utilized for automating IT infrastructure and are additionally supported by cloud service providers while being compatible with the specific requirements of the organization in question. The research will help the case organization replace and add new tools to help maintain the IT infrastructure. This thesis will not investigate the managerial problem of case company em-ployees working in the same time zone. The thesis will also not research security, version control, desktop and laptop management or log collection tools or produce a code-based solution to set-ting up an IT environment since further research needs to be done after the tools presented in this thesis have been decided upon. The research does also not investigate every cloud service pro-vider in every country as case company business strategies can change and the size of the thesis would grow too much. Qualitative research method is used for this thesis and the data gathered comes from literature and articles from various source. Both literature and article review provided the theoretical aspects of this research. Data was also gathered by looking at a few countries that have companies whose business is cloud service providing and comparing the findings regarding infrastructure management and automatization. The research is divided into five parts. The first part tries to introduce the background, re-search objective and structure of the research., while the second part tries to explain the theoreti-cal background. In the third part of the research methodology is explained as what material was used and how it was gathered and descriptions of the results, fourth part analyses the results, while the fifth and final part concludes the research

    User Experience Design for Cybersecurity & Privacy: addressing user misperceptions of system security and privacy

    Get PDF
    The increasing magnitude and sophistication of malicious cyber activities by various threat actors poses major risks to our increasingly digitized and inter-connected societies. However, threats can also come from non-malicious users who are being assigned too complex security or privacy-related tasks, who are not motivated to comply with security policies, or who lack the capability to make good security decisions. This thesis posits that UX design methods and practices are necessary to complement security and privacy engineering practices in order to (1) identify and address user misperceptions of system security and privacy; and (2) inform the design of secure systems that are useful and appealing from end-users’ perspective. The first research objective in this thesis is to provide new empirical accounts of UX aspects in three distinct contexts that encompass security and privacy considerations, namely: cyber threat intelligence, secure and private communication, and digital health technology. The second objective is to empirically contribute to the growing research domain of mental models in security and privacy by investigating user perceptions and misperceptions in the afore-mentioned contexts. Our third objective is to explore and propose methodological approaches to incorporating users’ perceptions and misperceptions in the socio-technical security analyses of systems. Qualitative and quantitative user research methods with experts as well as end users of the applications and systems under investigation were used to achieve the first two objectives. To achieve the third objective, we also employed simulation and computational methods. Cyber Threat Intelligence: CTI sharing platforms Reporting on a number of user studies conducted over a period of two years, this thesis offers a unique contribution towards understanding the constraining and enabling factors of security information sharing within one of the leading CTI sharing platforms, called MISP. Further, we propose a conceptual workflow and toolchain that would seek to detect user (mis)perceptions of key tasks in the context of CTI sharing, such as verifying whether users have an accurate comprehension of how far information travels when shared in a CTI sharing platform, and discuss the benefits of our socio-technical approach as a potential security analysis tool, simulation tool, or educational / training support tool. Secure & Private Communication: Secure Email We propose and describe multi-layered user journeys, a conceptual framework that serves to capture the interaction of a user with a system as she performs certain goals along with the associated user beliefs and perceptions about specific security or privacy-related aspects of that system. We instantiate the framework within a use case, a recently introduced secure email system called p≡p, and demonstrate how the approach can be used to detect misperceptions of security and privacy by comparing user opinions and behavior against system values and objective technical guarantees offered by the system. We further present two sets of user studies focusing on the usability and effectiveness of p≡p’s security and privacy indicators and their traffic-light inspired metaphor to represent different privacy states and guarantees. Digital Health Technology: Contact Tracing Apps Considering human factors when exploring the adoption as well as the security and privacy aspects of COVID-19 contact tracing apps is a timely societal challenge as the effectiveness and utility of these apps highly depend on their widespread adoption by the general population. We present the findings of eight focus groups on the factors that impact people’s decisions to adopt, or not to adopt, a contact tracing app, conducted with participants living in France and Germany. We report how our participants perceived the benefits, drawbacks, and threat model of the contact tracing apps in their respective countries, and discuss the similarities and differences between and within the study groups. Finally, we consolidate the findings from these studies and discuss future challenges and directions for UX design methods and practices in cybersecurity and digital privacy
    corecore