National Repository of Grey Literature 6 records found  Search took 0.01 seconds. 
New Approaches Towards Automated XSS Flaw Detection
Steinhauser, Antonín ; Tůma, Petr (advisor) ; Vorobyov, Kostyantyn (referee) ; Bureš, Miroslav (referee)
Cross-site scripting (XSS) flaws are a class of security flaws particular to web applications. XSS flaws generally allow an attacker to supply affected web application with a malicious input that is then included in an output page without being properly encoded (sanitized). Recent advances in web applica- tion technologies and web browsers introduced various prevention mechanisms, narrowing down the scope of possible XSS attacks, but those mechanisms are usually selective and prevent only a subset of XSS flaws. Among the types of XSS flaws that are largely omitted are the context- sensitive XSS flaws. A context-sensitive XSS flaw occurs when the potentially malicious input is sanitized by the affected web application before being included in the output page, but the sanitization is not appropriate for the browser con- text of the sanitized value. Another type of XSS flaws, which is already better known, but still insufficiently prevented, are the stored XSS flaws. Applica- tions affected by the stored XSS flaws store the unsafe client input in persistent storage and return it in another HTTP response to (possibly) another client. Our work is focused on advancing state-of-the-art automated detection of those two types of XSS flaws using various analysis techniques ranging from purely static analysis to dynamic graybox analysis.
Rámec Test Governance pro vývoj IS formou outsourcingu - procesy řízení softwarového vývoje v sociálním kontextu
Doležel, Michal ; Buchalcevová, Alena (advisor) ; Molnár, Zdeněk (referee) ; O Connor, Rory (referee) ; Bureš, Miroslav (referee)
[Context] Outsourced information systems development (ISD) represents an important and widely used software delivery strategy for mid-size and large non-IT companies. In such companies, testing activities are conducted by a contracted party, and are hidden from continuous checks on the part of the client, who is typically only provided with insight during the system hand-over. Such an approach is risky; the testing activities might be executed in a loose and sloppy manner by the contractor. Consequently, the risk of unsatisfactory quality may be shifted de-facto to the client, who will bear any negative consequences (e.g., project delays, increased effort) during user acceptance testing (UAT). [Objective] The main objective of this doctoral dissertation is to design and evaluate a management artefact - Test Governance Framework (TeGoF) - that can be used by the client company; the framework thus focuses on client's perspective on exercising control. To this end, the artefact is evaluated in the context of three outsourced ISD projects. [Method] The research is grounded in control theory, which originates in organizational studies. The principles of design science were applied in the development of the TeGoF, and the principles of ethnographically informed action research were used to evaluate the management artefact. This form of evaluation underscores the social dimension of the problem. In particular, the concepts of trust, control, and power are examined using an interpretive epistemological position. [Results] Of a total of three projects, the TeGoF was applied successfully in only one case. A detailed analysis describes the factors contributing to the difficulties implementing the TeGoF principles in the two remaining projects. The resulting interpretation stresses the fact that such difficulties were caused by differences among the contexts in which the evaluation took place. Specifically, there were varying dynamics of the abovementioned factors of trust, control, and power. [Conclusion] The contribution of this doctoral dissertation consists in (1) the development of the TeGoF as a tool that pinpoints significant limitations in the current research related to control issues in the domain of outsourced ISD; (2) the evaluation of the TeGoF and analysis of the key success factors; and (3) a proposal of a novel methodological approach combining design science research with ethnographically informed action research.
Methodology and problems of data transformation and determine its importance in the integration of heterogeneous information sources
Bartoš, Ivan ; Papík, Richard (advisor) ; Dvořák, Jan (referee) ; Bureš, Miroslav (referee)
Methodology and issues of data transformation and its information value estimation during the integration of the heterogenous information sources PhDr. Ivan BARTOŠ Abstract This study focuses mainly on the data and information transformation issue. This topic is currently critical in several scientific and commercial areas. Information value, information quality and the quality of the source data differs between the various systems. This is not only due to the different topologies of the information sources but also because of its different understanding and a manner of storing the information describing the entity of the enterprise. Such information systems, respectively database systems in the scope of the thesis, could perform well as the stand alone systems. The issue appears in the moment when such heterogeneous systems are required to be integrated and the information shall be migrated between each other. The thesis is logically divided into four major parts based on these issues. The first part describes the methods that can be used to classify the data quality of the source system (the one to be integrated) from which the information can be extracted. Based on assumption of the common lack of project and system documentation hereby introduced methods can be used for such qualification even when the...
Database application for Innovation databank for further professional education - design and implementation
Velický, Tomáš ; Kučerová, Helena (advisor) ; Bureš, Miroslav (referee)
Cílem práce je popis návrhu a implementace databázového systému pro Inovační databanku dalšího profesního vzdělávání - Andromedia. Databanka je budována jako informační zázemí pro oblast dalšího profesního vzdělávání, kde se budou postupně soustřeďovat informace o trendech a analýzách v oblasti dalšího vzdělávání, náměty a postupy, metody, metodické pomůcky, případové studie, testy a další metodické a informační zdroje. Autor zdokumentuje výsledky analýzy problému a návrhu řešení a vyhodnotí úspěšnost implementace databázové aplikace.
The Evaluation the Financial Situation of the Firm
Zeman, Karel ; Bureš, Miroslav (referee) ; Luňáček, Jiří (advisor)
The aim of this master’s thesis is to propose the steps leading to the improvement of the financial situation of a mid-sized manufacturing company. In order to achieve this aim, the financial analysis is performed. It defines the company’s weaknesses and it serves as a background for a suggestion for corrective actions leading to the improvement. Based on the measurability of the corrective actions, the comparison of the current and predicted situation is made in the final conclusion. It is realized with the Index IN05 bankruptcy model. The corrective actions proposed aim in particular at the operational and production management. They focus mainly on the weaknesses defined by the financial analysis – reduction of inventories and increase of marginal profit in order to strengthen liquidity, reduce debt ratio and improve financial health score in general.
Position of Czech savings bank on the czech banking market
Gavlasová, Zuzana ; Kuncová, Martina (advisor) ; Bureš, Miroslav (referee)
The main goal of this thesis is to analyse the position of the Ceska sporitelna bank (Czech savings bank) on the czech banking market by applicaion of multiple criteria decision making methods. Analysis is concetrate in two parts - the bank in its complexity and also in the product portfolio mainly in the area of current account as a most strategic banking product. The comparsion of banking products or banks at all is not a goal of this thesis. The thesis is concerned on a basic analysis based on certain presumpions and restrictions.

See also: similar author names
17 BUREŠ, Michal
5 Bureš, M.
2 Bureš, Marek
1 Bureš, Marian
17 Bureš, Martin
17 Bureš, Michal
1 Bureš, Miloš
1 Bureš, Mojmír
Interested in being notified about new results for this query?
Subscribe to the RSS feed.