Skip to main content

Home/ SoftwareEngineering/ Group items tagged systems

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Access control - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Access_control

security models authentication authorization

shared by kuni katsuya on 31 Aug 12 - No Cached
  • Computer security
  • authentication, authorization and audit
  • In any access control model, the entities that can perform actions in the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects
  • ...39 more annotations...
  • Principle of least privilege
  • object-capability model, any software entity can potentially act as both a subject and object
  • Access control models used by current systems tend to fall into one of two classes:
  • those based on capabilities
  • those based on access control lists (ACLs)
  • Both capability-based and ACL-based models have mechanisms to allow access rights to be granted to all members of a group of subjects (often the group is itself modeled as a subject)
  • identification and authentication determine who can log on to a system, and the association of users with the software subjects that they are able to control as a result of logging in; authorization determines what a subject can do; accountability identifies what a subject (or all subjects associated with a user) did.
  • Authorization determines what a subject can do on the system
  • Authorization
  • Access control models
  • categorized as either discretionary or non-discretionary
  • three most widely recognized models are
  • Discretionary Access Control (DAC)
  • Mandatory Access Control (MAC)
  • Role Based Access Control (RBAC)
  • Attribute-based access control
  • Discretionary access control
  • Discretionary access control (DAC) is a policy determined by the owner of an object. The owner decides who is allowed to access the object and what privileges they have.
  • Every object in the system has an owner
  • access policy for an object is determined by its owner
  • DAC systems, each object's initial owner is the subject that caused it to be created
  • Mandatory access control
  • Mandatory access control refers to allowing access to a resource
  • if and only if rules exist
  • that allow a given user to access the resource
  • Management is often simplified (over what can be required) if the information can be protected using
  • hierarchical access control
  • or by implementing sensitivity labels.
  • Sensitivity labels
  • A subject's sensitivity label specifies its
  • level of trust
  • level of trust required for access
  • subject must have a sensitivity level equal to or higher than the requested object
  • Role-based access control
  • Role-based access control (RBAC) is an
  • access policy
  • determined by the system
  • not the owner
  • Access control
kuni katsuya

TH03-EP01-US001 - Media Management, Media Upload, Media Item Fields (Groomed BE21, FE8)... - 0 views

confluence.visualfrenzy.com/...viewpage.action

UserStory ECM Cube MediaManagement

shared by kuni katsuya on 19 Dec 12 - No Cached
  • Media Management,
  • upload a new media item
  • syndication and encoding - not part of this user story
  • ...26 more annotations...
  • definition
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      ie. attach the following metadata to the uploaded media item
  • Owner
  • Rights of owner
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      dependent on implementation of licensing/rights management system which is tbd, so these will be best guess stubs for now
  • Rights expiry date
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      dependent on implementation of licensing/rights management system which is tbd, so these will be best guess stubs for now
  • Syndication
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      dumbed down, feature parity implementation is just a list of idss allowed distribution (i believe) use existing legacy infrastructure? ultimate syndication system will depend on: - licensing - explicit list of syndication channels (much like legacy) - rule-based routing
  • Caption
  • Category
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      ota category assumed
  • Seasonality display rules
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      this is one (simple) example of rule-based syndication: rule type: temporal (which could include: time range, recurrence, end time, etc) rule: syndicate while startDate>=now() and endDate<=now()
  • Short description
  • Long description
  • Search keywords
  • Associated with
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      huh?
  • in the media library
  • can be viewed by users
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      not only new ecm users, but legacy viewers as well ie. content uploaded via ecm must be available for display in legacy viewers, at least until legacy system is replaced and shutdown for good
  • Uploaded by
  • Date uploaded
  • Date modified
  • Last modified by
  • Status
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      TO DO: for new domain model, should define explicit content life cycle with state diagram
  • File type
  • Media type
  • Dimensions
  • Aspect ratio
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      aspect ratio doesn't need to be stored in db as metadata, since it can be calculated cheaply based on the dimensions
  • File size
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      units: bytes
  • File name
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      is this the original name of the file that was uploaded? if not, and it supposed to be the medlib file name, imho, should not be exposed. the medlib file name should be immaterial to the ecm user and generally, vfml should treat them as opaque to allow future changes without customer dependencies the only time an ecm user should care about a 'file name' is when they're uploading or downloading. but... once the file is uploaded, who cares what the original file name was? it will be recorded, but should be inconsequential to anything since it would never, ever be referred to again on download, (save as...) the original file name *could* be used, but any file name is just as good, since the downloader would also be given the option to rename the file
  • Media units consumed
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      calculated/cached value pull from legacy system in future sprints, could start to build phased shell of the marketing xxx system 1. getMediaUnits()
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      TODO: confirm with david and/or henry.wu where/how to obtain 'media units consumed' for a media item
kuni katsuya

Fiddler Web Debugger - Configuring clients - 0 views

www.fiddler2.com/...hookup.asp

https debug SSL ManInTheMiddle Fiddler proxy

shared by kuni katsuya on 20 Feb 13 - No Cached
  • Debug traffic from another machine (even a device or Unix box)
  • Allow remote clients to connect
  • kuni katsuya on 20 Feb 13
     
    "HTTP application to use Fiddler? You can either directly configure the WinHTTP application to point to Fiddler, in code, or you can use the following command at the command prompt to tell WinHTTP to use Fiddler: On XP or below: proxycfg -p http=127.0.0.1:8888;https=127.0.0.1:8888 ...or this one to force WinHTTP to use WinINET's proxy settings: proxycfg -u On Vista or above, use an Elevated (admin) command prompt: netsh winhttp set proxy 127.0.0.1:8888 Note: On Windows 7 and earlier, netsh is bitness specific, so you may want to run the above command twice: first using the 32bit NETSH and then using the 64bit NETSH. This blog has more information. This issue was fixed in Windows 8; you can call either NetSh just once to set the proxy for both 32bit and 64bit WinHTTP hosts. Capture traffic from a different account, like ASP.NET on IIS or from a Windows Service? Trying to capture SOAP calls coming from ASP.NET or some background service process?  By default, Fiddler registers as the proxy only for the current user account (ASP.NET runs in a different user account). To get a background process (like the ASP.NET or IIS process) to use Fiddler, you must configure that process to use Fiddler. Typically, this is done by editing web.config or machine.config for the ASP.NET installation, or the configuration for the code running within the Windows Service. Please see http://msdn.microsoft.com/en-us/magazine/cc300743.aspx#S4 or the section on .NET or WinHTTP, depending on which network stack the service is using. Configure Windows Phone 7 to use Fiddler? Please see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx for actual device hardware, or http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx for the emulator. Configure Google Nexus 7 (Andoid 4.1 Jellybean) to use Fiddler? Please see this page. Configure Android Emulator to use Fiddler? Please see http://au
kuni katsuya

FAQ How do I run Eclipse? - Eclipsepedia - 0 views

wiki.eclipse.org/FAQ_How_do_I_run_Eclipse%3F

eclipse jvm configuration

shared by kuni katsuya on 17 Jul 12 - Cached
  • Find the JVM If a JVM is installed in the eclipse/jre directory, Eclipse will use it; otherwise the launcher will consult the eclipse.ini file and the system path variable
  • Eclipse DOES NOT consult the JAVA_HOME environment variable
  • eclipse.ini The most recommended way to specify a JVM for Eclipse to run in is to put startup configuration into the eclipse.ini file
  • ...3 more annotations...
  • To specify a JVM using configuration file, include the -vm argument in eclipse.ini, for example: -vm c:/jre/bin/javaw.exe
  • Note: there are no quotes around this path as would be required when executing the same from the command-line were the path to contain white space, etc. This is a common mistake when using Windows.
  • You should always use -vm so you can be sure of what VM you are using. Installers for other applications sometimes modify the system path variable, thus changing the VM used to launch Eclipse without your knowing about it.
  • kuni katsuya on 17 Jul 12
     
    Find the JVM If a JVM is installed in the eclipse/jre directory, Eclipse will use it; otherwise the launcher will consult the eclipse.ini file and the system path variable. Eclipse DOES NOT consult the JAVA_HOME environment variable.
kuni katsuya

OpenTravel Forum - 0 views

www.opentravelcommunityforum.com/...viewtopic.php

OTA forum community RoomTypeCode RoomType

shared by kuni katsuya on 27 Feb 13 - No Cached
  • OpenTravel Codes in Schema
  • If you are an inventory supplier, you would reference a rate plan code known to your system, such as “DELUXE” or “Deluxe Room”
  • RoomTypeCode
  • ...2 more annotations...
  • assigned by the inventory supplier
  • If you are not a supplier, you need to work with your supplier trading partners to get a list of room types supported by their CRS (central reservation system) or PMS (property management system.)
kuni katsuya

Uninstall Flash Player | Windows - 0 views

helpx.adobe.com/...tall-flash-player-windows.html

shared by kuni katsuya on 28 Oct 12 - No Cached
  • C:\Windows\system32\Macromed\Flash
  • Delete all the files in this folder.
  • C:\Windows\SysWOW64\Macromed\Flash
  • ...7 more annotations...
  • %appdata%\Adobe\Flash Player
  • %appdata%\Macromedia\Flash Player
  • Flash Player uninstaller
  • uninstaller&nbsp;(674 KB)
  • Exit all browsers
  • uninstaller does not work if any programs that use Flash are running
  • . Run the uninstaller
  • kuni katsuya on 28 Oct 12
     
    "C:\Windows\system32\Macromed\Flash"
kuni katsuya

MySQL :: MySQL 5.7 Reference Manual :: 5.1.4 Server System Variables - 0 views

dev.mysql.com/...server-system-variables.html

mysql reference

shared by kuni katsuya on 08 Aug 13 - No Cached
kuni katsuya

Download Update for Windows 7 for x64-based Systems (KB976422) from Official Microsoft ... - 0 views

www.microsoft.com/...details.aspx

SD SDCard Windows7 Windows7x64 driver >32GB

shared by kuni katsuya on 16 Mar 13 - No Cached
  • Update for Windows 7 for x64-based Systems (KB976422)
  • Install this update to support Secure Digital (SD) cards that are larger than 32 GB
kuni katsuya

Global Distribution System (GDS)and ODD Frequently Asked Questions - 0 views

www.onressystems.com/services_gds_FAQ.html

GDS GlobalDistributionSystem Sabre Amadeus Worldspan ODD OnlineDistributionDatabase Pegasus OTA OnlineTravelAgent

shared by kuni katsuya on 07 Jan 13 - No Cached
  • What are GDS / ODD? GDS / ODD are connectivity modules which allow hotels to connect with Travel Agents and Online Customers.
  • four networks: Sabre, Amadeus, Worldspan and Galileo
  • reaches 300,000+ IATA registered travel agents
  • ...3 more annotations...
  • GDS (Global Distribution System)
  • Pegasus ODD (Online Distribution Database)
  • connects 100’s of Internet travel portals or OTA's (online travel agents) such as Orbitz, TravelNow, Expedia, and Hotwire
kuni katsuya

SSD - Install and transfer the Operating System - Windows 7 Support Forums - 0 views

www.sevenforums.com/...transfer-operating-system.html

windows7 SSD HDD

shared by kuni katsuya on 13 Feb 13 - No Cached
  • Prepare the SSD
  • initialize the SSD to create the MBR
  • Disk Management
  • ...6 more annotations...
  • align the SSD and define an active partition on it
  • Diskpart List disk Select disk n (where n is the number that was given for your SSD in List disk) Clean Create partition primary align=1024 Format fs=ntfs quick Active (assuming you want to install an OS) Exit
  • verify that the alignment is correct
  • Diskpart List disk Select disk n List partition
  • Disk Defragmentation
  • set the service to Disabled.
kuni katsuya

Advanced Searching - JIRA 5.1 - Atlassian Documentation - Confluence - 0 views

confluence.atlassian.com/...Advanced+Searching

jira search

shared by kuni katsuya on 04 Feb 13 - No Cached
  • It is safer to search by Custom Field ID than by Custom Field nameIt is possible for a Custom Field to have the same name as a built-in JIRA system field, in which case JIRA will search on the system field (not your custom field). It is also possible for your JIRA administrator to change the name of a Custom Field, which could break any saved filters which rely on that name. Custom Field IDs, however, are unique and cannot be changed.
  • Custom Field
  • It is safer to search by filter ID than by filter nameIt is possible for a filter name to be changed, which could break a saved filter that invokes another filter by name. Filter IDs, however, are unique and cannot be changed.
  • ...3 more annotations...
  • Alias: ?cf[CustomFieldID]
  • An Advanced Searching statement in your typed query will override an ORDER BY statement in the saved filter.
  • Original Estimate
kuni katsuya

databene benerator - 0 views

databene.org/databene-benerator

database testing TestDataGeneration

shared by kuni katsuya on 08 Nov 12 - No Cached
  • Databene Benerator
  • framework for generating realistic and valid high-volume test data for your system under test
  • reduces the amount of time for creating a useful data setup
  • ...15 more annotations...
  • plugin interfaces for custom extensions and mappings, allowing virtually any platform to be targeted with data generation
  • Out of the box
  • supports database systems, XML, XML Schema, CSV, Flat Files and Excel(TM) sheets
  • generators for creating domain-specific data as
  • names
  • addresses
  • How Benerator Works
  • Out of the box it supports
  • MySQL
  • XML Files
  • XMLSchema
  • CSV Files
  • Excel Sheets.
  • checking similar products!
  • Similar Products
kuni katsuya

Enterprise Architect - Product Demonstrations - 0 views

www.sparxsystems.com/...index.html

enterprisearchitect overview video

shared by kuni katsuya on 27 Jun 12 - Cached
  • Part 2 Subversion Setting up a Subversion repository for use with Enterprise Architect models.
  • Part 4 Configure &amp; Connect Configuring Enterprise Architect and connecting to your Version Control system.
  • Part 5 Controlled Packages Working with version controlled UML packages in Enterprise Architect.
  • ...19 more annotations...
  • Eclipse A tour of MDG Integration for Eclipse.
  • Baseline Diagram Comparison Conduct a visual diagram comparison between your current diagram and a previous baseline .
  • Personal Information Window See how the Personal Information Window in Enterprise Architect can help you organize your daily tasks and workflow.
  • Working Sets As you perform work on your model, you open various windows, diagrams and views. Working Sets allow you to return to these same views in a later work session.
  • Business Rules A car rental system is used to illustrate how to generate executable business rules using Enterprise Architect.
  • Menu Customization Quickly and easily suppress individual menu items or entire categories of commands to create custom menu layouts.
  • Floating and Dockable Windows Save the position and layout of Floating and Dockable Windows using a Working Set in the Personal Information Window.
  • Build and Debug a Java Application Set up Enterprise Architect to build and debug a Java Application, using a VEA sample project.
  • Sequence Diagrams Learn how to create a simple Sequence diagram. The video also illustrates how to bring your Sequence diagram to life using model simulation.
  • HTML Report Generation This brief introduction illustrates how to automatically generate a HTML Report using Enterprise Architect.
  • Basic Use Case Demonstration A guide to constructing a Use Case model in under 30 seconds, including use cases, notes and issues.
  • Traceability within Enterprise Architect This video examines Traceability and discusses how to use Enterprise Architect to conduct an Impact Analysis.
  • Requirements Reporting A brief overview of requirements reporting in Enterprise Architect. Topics include document generation in web and RTF formats, report customization and virtual documents, including Model and Master documents.
  • Requirements Traceability An examination of requirements traceability in Enterprise Architect. Topics include traceability views, tracing to external artifacts, conducting an impact analysis, viewing the Relationship Matrix and using Enterprise Architect's Auditing capabilities.
  • Requirements Modeling A brief overview of requirements modeling in Enterprise Architect. Topics include requirements capture and definition, custom properties, tabular editing, auto-naming and screen prototypes.
  • Installing EA An introductory walk through and discussion of Enterprise Architect in the Software Development Lifecycle.
  • Enterprise Architect 7.5 Overview An overview of Enterprise Architect features released&nbsp;with version 7.5.
  • Introduction to Enterprise Architect An introductory walk through and discussion of Enterprise Architect in the Software Development Lifecycle.
  • Brief Overview The 10 minute guide to Enterprise Architect, from Requirements Management and Business Process Modeling to MDA and Code Engineering.
kuni katsuya

Entity-attribute-value model - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Entity-attribute-value_model

eav sparse open schema

shared by kuni katsuya on 01 Jul 12 - Cached
  • Entity–attribute–value model
  • Entity–attribute–value model (EAV) is a data model to describe entities where the number of attributes (properties, parameters) that can be used to describe them is potentially vast, but the number that will actually apply to a given entity is relatively modest
  • also known as object–attribute–value model, vertical database model and open schema
  • ...21 more annotations...
  • In an EAV data model, each attribute-value pair is a fact describing an entity, and a row in an EAV table stores a single fact
  • EAV tables are often described as "long and skinny": "long" refers to the number of rows, "skinny" to the few columns
  • Data is recorded as three columns: The entity: the item being described. The attribute or parameter: a foreign key into a table of attribute definitions. At the very least, the attribute definitions table would contain the following columns: an attribute ID, attribute name, description, data type, and columns assisting input validation
  • The value of the attribute
  • Row modeling, where facts about something (in this case, a sales transaction) are recorded as multiple rows rather than multiple columns
  • differences between row modeling and EAV (which may be considered a generalization of row-modeling) are:
  • A row-modeled table is homogeneous in the facts that it describes
  • The data type of the value column/s in a row-modeled table is pre-determined by the nature of the facts it records. By contrast, in an EAV table, the conceptual data type of a value in a particular row depend on the attribute in that row
  • In the EAV table itself, this is just an attribute ID, a foreign key into an Attribute Definitions table
  • The Attribute
  • The Value
  • Coercing all values into strings
  • larger systems use separate EAV tables for each data type (including binary large objects, "BLOBS"), with the metadata for a given attribute identifying the EAV table in which its data will be stored
  • Where an EAV system is implemented through RDF, the RDF Schema language may conveniently be used to express such metadata
  • access to metadata must be restricted, and an audit trail of accesses and changes put into place to deal with situations where multiple individuals have metadata access
  • quality of the annotation and documentation within the metadata (i.e., the narrative/explanatory text in the descriptive columns of the metadata sub-schema) must be much higher, in order to facilitate understanding by various members of the development team.
  • Attribute metadata
  • Validation metadata include data type, range of permissible values or membership in a set of values, regular expression match, default value, and whether the value is permitted to be null
    • kuni katsuya
      kuni katsuya on 01 Jul 12
       
      jsr-299 bean validation anyone?  :)
  • Presentation metadata: how the attribute is to be displayed to the user
  • Grouping metadata: Attributes are typically presented as part of a higher-order group, e.g., a specialty-specific form. Grouping metadata includes information such as the order in which attributes are presented
  • Advanced validation metadata Dependency metadata:
kuni katsuya

Shiro Developer - Role "Nesting" or "Inheriting" and RolePermissionResolvers - 0 views

shiro-developer.582600.n2.nabble.com/issionResolvers-td5858003.html

ApacheShiro security permission inheritance

shared by kuni katsuya on 29 Aug 12 - No Cached
  • Shiro support the concept of role inheritance ­ roleA inherits permissions from roleB
  • A given realm knows only its roles, but my application understands the mapping of roles to permissions (or nested roles). &nbsp;I have a single RolePermissionResolver that ties permissions to roles
  • Example: My security Manager: https://github.com/sonatype/security/blob/master/security-system/src/main/java/org/sonatype/security/DefaultRealmSecurityManager.java#L63
  • ...1 more annotation...
  • My RolePermissionResolver https://github.com/sonatype/security/blob/master/security-realms/security-xml-realm/src/main/java/org/sonatype/security/realms/XmlRolePermissionResolver.java#L47
kuni katsuya

UML Class Diagrams - structure diagrams which show architecture of the designed system ... - 0 views

www.uml-diagrams.org/class-diagrams.html

UML ClassDiagram

shared by kuni katsuya on 03 Sep 12 - No Cached
  • «Boundary»
  • Boundary is a stereotyped class or object that represents some system boundary
  • «Control»
  • ...31 more annotations...
  • Control is a stereotyped class or object that is used to model flow of control or some coordination in behavior
  • usually describe some "business logic"
  • «Entity»
  • Entity is a stereotyped class or object that represents some information or data, usually but not necessarily persistent.
  • Features of a class are
  • attributes
  • operations
  • Static features are underlined
  • «Boundary»
  • «Boundary»
  • «Control»
  • «Entity»
  • «Control»
  • Interface
  • An interface is a classifier that declares of a set of coherent public features and obligations
  • specifies a contract.
  • Data Type
  • A data type is a classifier - similar to a class - whose instances are
  • identified only by their value
  • typical use of data types would be to represent value types
  • «dataType»
  • Enumeration
  • An enumeration is a data type whose values are enumerated in the model as user-defined enumeration literals.
  • «enumeration».
  • Multiplicity
  • Multiplicity allows to specify cardinality (allowed number of instances) of described element
  • Visibility
  • UML has the following types of visibility: public package protected private
  • Package visibility is represented by '~' literal.
  • Protected visibility is represented by '#' literal.
  • Private visibility is represented by '-' literal.
kuni katsuya

Spring Security - Features - 0 views

static.springsource.org/...features.html

Java security SpringSecurity

shared by kuni katsuya on 09 Aug 12 - Cached
  • Domain object instance security: In many applications it's desirable to define Access Control Lists (ACLs) for individual domain object instances. We provide a comprehensive ACL package with features including integer bit masking, permission inheritance (including blocking), an optimized JDBC-backed ACL repository, caching and a pluggable, interface-driven design.
  • OpenID Support: the web's emerging single sign-on standard (supported by Google, IBM, Sun, Yahoo and others) is also supported in Spring Security
  • Easy integration with existing databases: Our implementations have been designed to make it easy to use your existing authentication schema and data (without modification). Of course, you can also provide your own Data Access Object if you wish. Password encoding: Of course, passwords in your authentication repository need not be in plain text. We support both SHA and MD5 encoding, and also pluggable "salt" providers to maximise password security.
  • ...5 more annotations...
  • Caching: Spring Security optionally integrates with Spring's Ehcache factory. This flexibility means your database (or other authentication repository) is not repeatedly queried for authentication information when using Spring Security with stateless applications.
  • Run-as replacement: The system fully supports temporarily replacing the authenticated principal for the duration of the web request or bean invocation. This enables you to build public-facing object tiers with different security configurations than your backend objects.
  • Tag library support: Your JSP files can use our taglib to ensure that protected content like links and messages are only displayed to users holding the appropriate granted authorities. The taglib also fully integrates with Spring Security's ACL services, and obtaining extra information about the logged-in principal.
  • User Provisioning APIs: Support for groups, hierarchical roles and a user management API, which all combine to reduce development time and significantly improve system administration.
  • Enterprise-wide single sign on using CAS 3: Spring Security integrates with JA-SIG's open source Central Authentication Service (CAS)
1 - 20 of 53 Next › Last »
Showing 20 items per page