| 1. |
- Ahlin, Karin, 1963-
(författare)
-
Benefits of Digital Technical Information
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- In our daily work life, we use a wealth of information, including a category of information produced as a part of products and their life-cycle phases, named digital technical information (DTI). Manufacturing organizations focus more often on the product than on DTI, because DTI’s impact seems almost invisible, despite its crucial role to the product and its life-cycle phases, development, production, maintenance, and destruction. Hence, the aim of this thesis is to describe DTI’s benefits and the research questions: “What are the benefits of the DTI?” and “What are the perceptions of how to measure benefits of DTI?” The thesis contains five studies related to identifying and measuring DTI’s benefits. The empirical material is based on semi-structured interviews and group interviews within five organizations and a survey among manufacturing organizations in Sweden.I used three characteristics of the DTI and two pairs of previously known benefit categories to analyse the benefits. The analysis shows that the benefits are recognized in the particular product’s life cycle phase where the DTI is published. However, the DTI continues to offer benefits in the product’s other life cycle phases. In relationship to the product, the benefits evolve from supporting an individual product to supporting more general product lines or all products and a more complex product is said to increase DTI’s benefits. DTI’s structure adds benefits as synthesized or aggregated DTI, where the DTI is synthesized or aggregated automatically or manually. The categorization predetermined benefits related to the change are less numerous than the emerging benefits. The predetermined benefits are strategic by nature, and the emerging ones are mainly used to achieve operational goals. Measuring DTI’s benefits is of importance for a formal comparison of its development and is of special interest for managers. Perceptions from the initial stages on how to measure show that to establish common interpretations among the stakeholders of the measurement process is of importance, especially when it comes to what is viewed as a benefit. The benefits are viewed as intangible by the respondents, which creates difficulties when one is evaluating, using conventional measurement methods. The only perceived way to measure is when DTI reduces co-worker’s workload and efficiency is achieved. The thesis’s contribution to academia consists of the analysis of DTI’s benefits, showing details of the relationships between the DTI and its benefits. For practice, the contributions focus on the systematic evaluation process, which can be used for further development of the DTI and comparison of the evolvement of the DTI itself and relating to other resources. One proposal for future research is to use the analysed benefits and compare various approaches to digitizing DTI, e.g. Industry 4.0. Another proposal is to list, in detail, various ways on how to measure DTI’s benefits and their usefulness. The latter can positively impact on any intangible benefits due to the general approach we have established of how to measure those benefits.
|
|
| 2. |
- Booth, Todd, Senior Research Engineer, 1959-
(författare)
-
Design Principles for Network Distributed Denial of Service Defense
- 2022
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- People, organizations and society are become more and more dependent upon access to Information Systems. Most Information Systems are accessible via the Internet. It is becoming easier and easier to perform successful network attacks against these Information Systems, which causes the system to become unavailable for its intended users. It is also very inexpensive to launch a successful network DRDoS attack against an organization’s servers. One type of distributed denial of service (DDoS) network attack sends a very large volume of traffic towards the victim’s servers. The most common of these volumetric DDoS attacks are described as reflective DDoS service (DRDoS) attacks and the DRDoS defense is the main contribution of this thesis. For years, you have been able to even rent network attack services from criminal organizations, which are often in the form of DRDoS network attacks.The Design Science Research (DSR) approach was used for my research. Included are the DSR cycles performed, including the artifact evaluations. The relationship between the DSR cycles and the published research papers is presented in the paper summary section. The first two papers formed the DSR problem definition. The next three papers used a variety of information hiding techniques to mitigate network attacks. The last paper proposed a different design principle, based on filtering traffic before it reached the public cloud providers. This proposed DRDoS defense approach is to have the public cloud provider request their IP neighbors to filter or drop certain traffic for a big IP block of IP addresses. Then the provider gives IP addresses to their customers, who want this protection, from the big IP block. This way the provider can provide DRDoS protection for hundreds of thousands of customers, with a few firewall rules and the filtering of malicious traffic occurs at the network edge. This solution prevents most of the DRDoS attack traffic from even reaching the public cloud provider. This last research is focused on protecting servers from DRDoS attacks, where the servers are accessible via the Internet and where the servers are or can be hosted via a public cloud provider. This public cloud provider hosting includes accessibility via cloud offerings, such as with Amazon’s Web Services (AWS), Google’s Compute Cloud (GCP), and Microsoft’s Azure. To simplify the discussion, this thesis will focus on Web servers, as the example.The research has been generalized into the following two research design principal contributions. My thesis, including the design principles, contributes to the state of the art network DDoS defense in the following ways:1. Divide and Search for Malicious Network Traffic. After the attack is detected, the IP, Web, and/or DNS address information is changed This mitigates the attacks since the attacker will not be able to quickly learn the new DNS, Web, or IP connectivity information. This has the effect to reduce or mitigate the effect of the DDoS attacks.2. Ask IPX Neighbors to Pre-process Network Traffic. With this design principle, we have two types of features. One feature is to stop malicious traffic. This mitigates the attacks at the public cloud provider’s neighbors, so that most of the malicious traffic never even arrives to the cloud provider. This way, the cloud provider no longer needs to process the malicious traffic to filter it out. The other feature is to provide a different quality of service (QoS) for incoming traffic. This allows the public cloud provider’s neighbor to treat the traffic as higher or lower priority traffic.In this thesis, the contributions are how to improve the state of the art DDoS defense solutions, concerning network attacks against Internet accessible servers. We believe that our DRDoS defense contribution is better, more efficient, and/or more effective than the current state of the art DDRoS solutions. Our contributions are focused on network layer attacks as opposed to application, presentation, or transport layer attacks.
|
|
| 3. |
- Crowston, Kevin, et al.
(författare)
-
Introduction to genres in communication and digital documents minitrack
- 2008
-
Ingår i: Proceedings of the Annual Hawaii International Conference on System Sciences. - Washington, DC : IEEE Computer Society. - 1530-1605.
-
Tidskriftsartikel (refereegranskat)abstract
- Rhetoricians since Aristotle have attempted to classify communications into categories or "genres" with similar form, topic or purpose. Given a socially recognized need to communicate, individuals will typically express similar social motives, themes and topics in a communication with similar physical and linguistic characteristics, that is, they will communicate in a recognized genre.
|
|
| 4. |
- Westerlund, Parvaneh, 1985-
(författare)
-
Designing for Automated Digital Preservation : Model, Pre-Ingest, and Error Handling
- 2020
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- With the rapid increase in the amount and complexity of data that is needed to be preserved, manual preservation activities produce complex, lengthy, and costly processes. Therefore, automation of preservation processes, together with modeling of workflows and streamlining, can help reduce costs and enhance the focus on preservation processes. Accordingly, the research question is defined as: “How to establish an automated many-to-many interaction between Information Systems and digital preservation systems?”This research proposes a model and instantiation of middleware as a standalone system, which could be hosted in the cloud, for bridging between ISs and DPSs including three sub-parts making both many-to-many capacity and automation of interactions possible: pre-ingest workflow, Context-aware Preservation Manager (CaPM), and error-handling workflow. A Design Science Research (DSR) approach was taken to conduct this research consisting of three design cycles to design and develop each of the three sub-parts of the solution artifact, i.e. the middleware. The middleware consists of several action-based components and an administrative component (CaPM) which carries out the automation of the tasks in the middleware. The action-based components are designed to complete a pre-ingest workflow to prepare digital content sent from an information system to be transferred into a digital preservation system. The path for the pre-ingest workflow, i.e. which components are going to process the digital content and in what order, is automatically defined by CaPM according to the information system’s preservation policies. Standard interfaces are used for middleware’s internal or external communications to promote its scalability in the long run as well as its capability of embedding additional workflows or processes developed in the future, e.g. post-access workflow.An additional outcome of this research is proposing five design principles aiming to contribute to the knowledge for future design practices: DP1. Provide rule-based definition of workflow execution path so that the middleware affords IS to implement their preservation policy and metadata extraction requirements. DP2. Provide capability of executing alternative workflow routes so that the middleware affords IS to ensure a successful encapsulation and submission of SIP. DP3. Provide features for gathering preservation data in the middleware so that the middleware affords preservation planning support. DP4. Provide an automated error-handling workflow with compensating action so that the middleware affords to minimize manual intervention in case of errors in a workflow. DP5. Provide capability of executing concurrent workflows so that the middleware affords IS and DPS many-to-many interactions via the middleware.The results of this thesis contribute to the state-of-the-art in a few aspects:Compared to existing solutions, such as pre-ingest tool developed for Finnish National Archives and UAM for Estonia, that need to be installed on a user’s system, integration with the middleware is carried out with less complexity. This is achieved by designing the middleware as a standalone system that could be hosted in the cloud along with using standard communication interfaces, which further make the middleware adaptable to changes or upgrades in the environment it operates in. Such capability of the middleware in handling many-to-many interactions goes beyond what was introduced in previous middleware architectures for Digital Preservation System’s integration with Information Systems.The middleware solution for pre-ingest in this thesis, in comparison with the similar recent solutions, promotes automation capabilities especially for preserving complex digital content (e.g. databases, workflows), automatic execution of the pre-ingest workflow, or in case of a need for using multiple external digital preservation solutions or services.CaPM monitors the execution of workflows and can update or abort a workflow path if needed. An aborted workflow caused by an error/failure will automatically be replaced by an error-handling workflow with compensation action, hence increasing the level of automation. Automation of such functionalities, as well as the approach for handling errors, has not been applied in previous tools.CaPM can also contribute to the current stream of research on decisions making regarding preservation planning and strategies by providing logged data about the digital objects passing through the middleware.While the solution artifact of this research provides middleware to perform as a bridge for automated many-to-many interactions between information systems and digital preservation systems, the resulted design and implementation of the middleware components cover only one direction of such interaction, from information system to digital preservation system (pre-ingest).
|
|
