Web and Web Security

Web services are self-contained modular applications that provide a computation upon request. These services can be described, published, located, and invoked over a network, generally over the Internet. However, intranets, extranets, and LANs can also be used. as well. In using web services for its information systems needs, a firm may open access to its information assets. This action can become an attractive target for malicious hackers, industrial espionage, and fraud. The assurance of security of web services is necessary for a firm to be willing to adopt the web services technology as a means of running its information system

Performance Comparison of Enterprise Applications on Mobile Operating Systems

Due to the advances in mobile phone technology, Smartphones have the ability to access web services within applications the user interacts with to retrieve and send information from and to web services. As Smartphones have grown in popularity, the utilisation of both new web services and web services already in place will also grow. This paper provides a comparison of the two main types of web services, SOAP and REST.  We evaluate the performance of using SOAP and REST on a smartphone. The tests performed include the time taken to perform a web service call, the RAM used making a web service call and the data transmitted and received while making a web service call

Project orientation: a proposal to develop a service-oriented architecture

A service-oriented architecture (SOA) is occasionally seen as a complex and undefeatable challenge (Serman, 2007). This feeling is motivated by the lack of attention from practitioners and from the academy on the means for its construction. The work aims to bring the portfolio management of IT projects as an option to guide the SOA development. A review of the literature on SOA was carried out, including case studies on the SOA adoption. A case study was also done, which analyzed some projects of a particular organization, focusing on the evolution of its services architecture. The results show a gradual development of SOA in the case studied based on projects execution and sequencing. It concludes with a proposal of a process for building SOA as well as suggestions and limitations for future research.A arquitetura orientada a serviços (SOA) é ocasionalmente encarada como um desafio complexo e intransponível (Serman, 2007), sentimento motivado pela falta de atenção de praticantes e da academia sobre os meios para sua construção. O trabalho visa trazer a gestão da carteira de projetos de TI como opção para orientar o desenvolvimento de SOA. Para isso, realizou-se uma revisão da literatura sobre SOA, incluindo estudos de caso sobre sua adoção. Também foi executado um estudo de caso, no qual foram analisados os projetos de uma determinada organização, focando-se na evolução de sua arquitetura de serviços. Os resultados mostram a construção gradual de SOA no caso a partir da conclusão e sucessão dos projetos. Conclui-se com uma proposta de processo de construção de SOA e as limitações e sugestões de pesquisas futuras

Integrating mobile computing with fixed network

With recent developments in science and technology, mobile computers are getting lighter, more powerful and even cheaper. More and more government agencies are using mobile computers to collect and use geospatial data in the field operations for federal agencies and industries. In order to integrate heterogeneous geospatial data resources to field mobile computing environment, such as survey and other types of data collection, in our research, an infrastructure is designed and implemented. Additionally, to integrate mobile computing with the fixed network, field wrapper is introduced to the infrastructure. A detailed analysis and design of the field wrapper is discussed, also a UML design of the field wrapper is presented. In implementation level, in order to address the current needs in field mobile computing and unsolved issues, for example, the firewall and security issue, some new technologies are leveraged and applied such as SOAP, MVC design pattern, code generation, etc. Mobile collaboration is also discussed along with implementation suggestions

An approach towards anomaly based detection and profiling covert TCP/IP channels

Firewalls and detection systems have been used for preventing and detecting attacks by a wide variety of mechanisms. A problem has arisen where users and applications can circumvent security policies because of the particularities in the TCP/IP protocol, the ability to obfuscate the data payload, tunnel protocols, and covertly simulate a permitted communication. It has been shown that unusual traffic patterns may lead to discovery of covert channels that employ packet headers. In addition, covert channels can be detected by observing an anomaly in unused packet header fields. Presently, we are not aware of any schemes that address detecting anomalous traffic patterns that can potentially be created by a covert channel. In this work, we will explore the approach of combining anomaly based detection and covert channel profiling to be used for detecting a very precise subset of covert storage channels in network protocols. We shall also discuss why this method is more practical and industry-ready compared to the present research on how to profile and mitigate these types of attacks. Finally, we shall describe a specialized tool to passively monitor networks for these types of attacks and show how it can be used to build an efficient hybrid covert channel and anomaly based detection system

Using Xml As A Data Structure In An Electronic Catalog Management System

Tez (Yüksek Lisans) -- İstanbul Teknik Üniversitesi, Fen Bilimleri Enstitüsü, 2004Thesis (M.Sc.) -- İstanbul Technical University, Institute of Science and Technology, 2004Ürün bilgisinin etkin olarak ifade edilmesi, şirketlerin pazarlama stratejileri açısından çok önemli bir konudur. Uzun süre şirketler, basılı kataloglar kullanılarak ürünlerini tanıtmaya çalışmışlardır. Ancak Internet kullanımının yaygınlaşması ve elektronik ticaretin keşfedilmesiyle ürün bilgilerinin elektronik ortamda saklanması şirketler için bir gereklilik haline gelmiş ve bu konuda bir reform yapılması şart olmuştur. Bunun sonucunda yeni bir kavram ortaya çıkmıştır: “Elektronik Katalog”. Başlangıçta ilişkisel veri tabanı sistemleriyle elektronik katalog oluşturma sorunu çözülmeye çalışılsa da, bir elektronik katalogun bütün ihtiyaçlarını tamimiyle karşılayamadığı anlaşılmıştır. Yapılan çalışmada, ürün bilgilerinde bütünlülüğü sağlayıp, elektronik ortamlara aynı tutarlılıkla dağıtılmasını amaçlayan XML tabanlı bir elektronik katalog sistemi sunulmaktadır. Ana fikir, ürüne ait bütün detayları, sınırlara bağlı kalmadan, tek bir platformda toplayıp; bu bilginin web sayfaları, CD gibi elektronik ortamlara aktarılmasını sağlamaktır. JAVA teknolojilerini baz alan bir istemci mimarisi ile, yerel XML veri tabanı arasında oluşturulan dağıtık sistemlerde çalışabilen, RMI tabanlı bir iletişim katmanı oluşturulmuş ve sistemde toplanan ürün bilgisinin SOAP servisleri kullanılarak, Internet’e aktarılması sağlanmıştır. Sunulan sistemle ilgili analiz, tasarım, ve uygulama safhaları detaylı olarak ele alınmış; çeşitli testlerle, uygulama platformunun performans incelenmiştir.Effective representation of the product information is a crucial matter for companies. This problem was being solved by using the paper catalogs as a marketing strategy for a long time. But the widespread usage of the internet and the foundation of the electronic commerce made a reformation for the companies and it became a must for a company to represent its product information in the electronic media, which created a new concept: “Electronic Catalog”. Relational database systems were used to constitute an electronic catalog system at first, but it cannot provide all needs of an electronic catalog system. This thesis, offers a new electronic catalog system that uses XML as a data structure. The striking idea is to collect the detailed product information in one platform, and distribute them to various platforms such as web site and CD-ROM in order to avoid inconsistency in product integrity. Client architecture, based on the JAVA technologies communicates with the native XML database system with the help RMI protocol which enables working on distributed systems. All the product data is published to internet by using the SOAP services. Analyze, design and the application phases of the offered system are described in detail, and the performance analysis of the whole platform is measured by various test cases.Yüksek LisansM.Sc

Representação dinâmica de dados de fontes heterogéneas

Mestrado em Engenharia de Computadores e TelemáticaEsta dissertação surge no contexto de Open Data. O objectivo é propor uma solução que permita às instituições que aderem a este princípio representar de forma dinâmica os dados disponibilizados, bem como compreender quais as diferenças na implementação dessa solução na representação de dados heterogéneos provenientes de uma só fonte e na representação de dados provenientes de fontes heterogéneas. Após uma apresentação do conceito de Open Data, dando-se a conhecer alguns portais web que o aplicam, bem como do conceito de Linked Open Data derivado do primeiro, são abordadas algumas técnicas e heurísticas que podem ser utilizadas na criação de visualizações gráficas de dados, apresentando-se também algumas ferramentas que podem ser utilizadas para esse fim. Nesta dissertação procura-se ainda dar a conhecer algumas ferramentas que podem ser utilizadas na criação de reports. O cenário utilizado para o desenvolvimento desta solução foi a Universidade de Aveiro, sendo que o mesmo permitiu a criação de um protótipo para uma aplicação que possibilita a representação e visualização de forma dinâmica dos dados facultados por esta instituição por meio de tabelas, gráficos e reports, independentemente da proveniência dos mesmos.This dissertation is inserted in the Open Data context. Its objective is to propose a solution that allows institutions adherent to this principle the ability to represent data in a dynamic fashion, as well as to understand the main differences in the implementation of this solution for the representation of heterogeneous data from only one source and the representation of data from heterogeneous sources. After a presentation of the Open Data and Linked Open Data concepts, enumerating some web portals that apply these principles, some techniques and heuristics that can be used in the creation of graphic data visualizations, as well as some tools that can be used to this end are described. Also, some tools that permit the creation of reports are described in this dissertation. The scenario used to develop this solution was Aveiro University. This allowed the creation of a prototype application that permits the dynamic representation and visualization of data provided by this institution by means of tables, charts and reports, independently of its source