Security Risk Management for the Internet of Things

Total Page:16

File Type:pdf, Size:1020Kb

Security Risk Management for the Internet of Things SECURITY RISK MANAGEMENT FOR THE INTERNET OF THINGS TECHNOLOGIES AND TECHNIQUES FOR IOT SECURITY,PRIVACY AND DATA PROTECTION JOHN SOLDATOS (Editor) Published, sold and distributed by: now Publishers Inc. PO Box 1024 Hanover, MA 02339 United States Tel. +1-781-985-4510 www.nowpublishers.com [email protected] Outside North America: now Publishers Inc. PO Box 179 2600 AD Delft The Netherlands Tel. +31-6-51115274 ISBN: 978-1-68083-682-0 E-ISBN: 978-1-68083-683-7 DOI: 10.1561/9781680836837 Copyright © 2020 John Soldatos Suggested citation: John Soldatos (ed.). (2020). Security Risk Management for the Internet of Things. Boston–Delft: Now Publishers The work will be available online open access and governed by the Creative Commons “Attribution-Non Commercial” License (CC BY-NC), according to https://creativecommons.org/ licenses/by-nc/4.0/ Table of Contents Foreword xi Preface xv Glossary xxi Chapter 1 Introduction 1 By John Soldatos 1.1 Introduction...............................................1 1.2 Overview and Limitations of Security Risk Assessment Frameworks................................................5 1.2.1 Overview of Security Risk Assessment.........................5 1.2.2 Limitations of Security Risk Assessment Frameworks for IoT.....7 1.3 New Technology Enablers and Novel Security Concepts..........9 1.3.1 IoT Security Knowledge Bases...............................9 1.3.2 IoT Reference Architectures and Security Frameworks........... 10 1.3.3 Blockchain Technology for Decentralized Secure Data Sharing for Security in IoT Value Chains............................. 10 1.3.4 Technologies Facilitating GDPR Compliance.................. 12 1.3.5 Machine Learning and Artificial Intelligence Technologies for Data-driven Security........................................ 13 1.4 Conclusion................................................. 13 Acknowledgments............................................... 14 References...................................................... 14 iii iv Table of Contents Chapter 2 Security Data Modelling for Configurable Risk Assessment as a Service in IoT Systems 17 By Nikos Kefalakis, Angela-Maria Despotopoulou, Spyridon Evangelatos and John Soldatos 2.1 Introduction............................................... 18 2.2 Data-driven Security Architecture............................. 21 2.2.1 Overview.................................................. 21 2.2.2 The Data Management Group............................... 23 2.2.3 The Analytics Group........................................ 23 2.2.4 The Global Repository...................................... 24 2.2.5 The Security and Privacy Group.............................. 25 2.2.6 The Risk Assessment Service Group........................... 26 2.2.7 The Compliance Auditing Service (CAS) Group................ 26 2.2.8 The Programming Support Group............................ 27 2.2.9 The SLA Group............................................ 27 2.3 Data Modelling for Security Systems Interoperability and Configurability............................................. 28 2.3.1 Overview.................................................. 28 2.3.2 Modelling Security Data: The Observation Entity.............. 29 2.3.3 Configuring and Managing the Data Collection and Routing Process: The Data Management Group....................... 30 2.3.4 Modelling Security Analytics: The Analytics Group............. 32 2.3.5 Security Knowledge Base.................................... 33 2.3.6 Modelling for Risk Assessment Services: The Risk Assessment Group.................................................... 33 2.3.7 Configuring the Data-driven Security System: The Configuration Management Database..................... 34 2.3.8 Managing Service Level Agreements (SLA): The SLA Group..... 35 2.4 Risk Assessment Services..................................... 36 2.4.1 Risk Assessment & Mitigation Service Overview and Components.............................................. 36 2.4.2 Risk Assessment & Mitigation Implementation Scenario......... 38 2.4.3 Modelling of Security Information Flows and Reports........... 38 2.4.3.1 Risk Analysis...................................... 40 2.4.3.2 SecureIoT Required Configuration Entities............ 41 2.4.3.3 RA&MS-specific Configuration Entities.............. 44 2.5 Conclusions................................................ 46 Acknowledgments............................................... 47 References...................................................... 47 Table of Contents v Chapter 3 Data-driven IoT Security Using Deep Learning Techniques 49 By Stefanos Astaras, Nikos Kefalakis, Angela-Maria Despotopoulou and John Soldatos 3.1 Introduction............................................... 50 3.2 Methodology and Datasets................................... 53 3.2.1 CRISP-DM Methodology................................... 53 3.2.2 Connected Cars Dataset..................................... 54 3.2.3 Socially Assistive Robots Datasets............................. 54 3.3 Variational Autoencoders for Anomaly Detection................ 55 3.3.1 VAE Architecture........................................... 55 3.3.2 VAE Training.............................................. 57 3.3.3 Algorithm Fitness.......................................... 58 3.4 Application and Validation Results............................ 59 3.4.1 Anomaly Detection in Connected Cars........................ 59 3.4.2 Anomaly Detection in Socially Assistive Robots Use Cases....... 61 3.4.2.1 QT Robot Dataset................................. 61 3.4.2.2 IoT-cloud Platform (CloudCare2U) Dataset........... 62 3.4.3 Prototype Implementation................................... 65 3.5 Conclusions and Discussion.................................. 65 Acknowledgments............................................... 66 References...................................................... 66 Chapter 4 Privacy Awareness, Risk Assessment, and Control Measures in IoT Platforms: BRAIN-IoT Approach 69 By Mohammad Rifat Ahmmad Rashid, Davide Conzon, Xu Tao and Enrico Ferrera 4.1 Introduction............................................... 70 4.2 Literature Review........................................... 71 4.2.1 GDPR Requirements Related to IoT Domain.................. 71 4.2.2 Current Standards and Tools for PIA.......................... 72 4.3 A Conceptual Privacy Awareness Framework.................... 74 4.3.1 Context................................................... 74 4.3.2 Privacy Principles........................................... 75 4.3.3 Privacy Risks............................................... 78 4.3.4 Privacy Compliance Evaluation............................... 79 4.4 Experimental Analysis....................................... 80 4.5 Discussion................................................. 84 4.6 Conclusion and Future Work................................. 85 Acknowledgments............................................... 86 References...................................................... 86 vi Table of Contents Chapter 5 IoT Network Risk Assessment and Mitigation: The SerIoT Approach 88 By Gianmarco Baldini, Piotr Fröhlich, Erol Gelenbe, Jose Luis Hernandez-Ramos, Mateusz Nowak, Slawek Nowak, Stavros Papadopoulos, Anastasis Drosou and Dimitrios Tzovaras 5.1 Introduction............................................... 89 5.2 Risk Management in IoT.................................... 90 5.3 Autopolicy System.......................................... 93 5.4 Towards Distributed Attack Detection......................... 95 5.5 Conclusions................................................ 99 Acknowledgments............................................... 100 References...................................................... 100 Chapter 6 Chariot-integrated Approach to Safety, Privacy, and Security – CHARIOT IPSE 105 By Aydin Ulas, Bora Caglayan, Sofiane Zemouri, George Theofilis, Konstantinos Loupos, Antonis Mygiakis, Andrea Battaglia, Mario Villiani, Christos Skoufis and Stelios Christofi 6.1 The CHARIOT Safety Supervision Engine..................... 106 6.2 The CHARIOT Privacy Engine............................... 110 6.2.1 IoTL Language Extension—Access Control.................... 111 6.3 The CHARIOT Security Engine.............................. 114 6.3.1 Up-to-date Firmware....................................... 115 6.3.2 Firmware Threats and Exploitations........................... 116 6.4 IPSE Dashboard and User Interfacing.......................... 116 6.5 Conclusions and Future Work................................ 119 Acknowledgments............................................... 120 References...................................................... 120 Chapter 7 Pattern-driven Security, Privacy, Dependability and Interoperability in IoT 121 By Nikolaos Petroulakis, Konstantinos Fysarakis, Henrich C. Pöhls, Vivek Kulkarni, George Spanoudakis, Arne Bröring, Manos Papoutsakis, Manolis Michalodimitrakis and Sotiris Ioannidis 7.1 Introduction............................................... 121 7.2 Background and Challenges.................................. 123 7.2.1 IoT Security............................................... 124 7.2.2 Privacy Invasion............................................ 124 7.2.3 Network Dependability..................................... 125 Table of Contents vii 7.2.4 IoT Interoperability......................................... 127 7.2.5 Achieving Security, Privacy, Dependability and Interoperability by Design................................................. 128 7.3 SPDI Patterns.............................................
Recommended publications
  • ROBRA – the Snake Robot
    International Journal of Computer Science Trends and Technology (IJCST) – Volume 7 Issue 3, May - Jun 2019 RESEARCH ARTICLE OPEN ACCESS ROBRA – The Snake Robot James M.V, Nandukrishna S, Noyal Jose, Ebin Biju Department of Computer Science and Engineering Toc H Institute of Science & Technology, Ernakulam Kerala – India ABSTRACT Robra - A snake-like robot which, provides the locomotion of a real snake. The shape and size of the robot depends on application. Robra can avoid obstacles by receiving signals from sensors and move with flexibility on terrain surfaces. Multiple joints increases its degree of freedom. It can quickly explore and navigate foreign environments and detect potential dangers for direct human involvement. Robra uses PIR() to detect presence of humans in an environment like civilians trapped in collapsed buildings during natural disasters. It can move through crevices and uneven surfaces. It detects obstacles by using Ultrasonic range movement sensors. This provides noncontact distance between the obstacles to detect and avoid collision with them. Electro chemical sensors are used for detection of poisonous gases. Robra has an onboard camera which records and send the video data in real time via WiFi. Robra has microphones for the survivors to communicate and inform their status incase of rescue aid. Thus Robra covers wide real time applications like surveillance, rescue aid etc. Keywords:- Robra, Snake, act have a wingspan almost 10 feet, giving it an ape-like I. INTRODUCTION appearance. In the past two decades it is estimated that disasters are Momaro - This robot has been specifically designed by the responsible for about 3 million deaths worldwide, 800million team NimbRo Rescue from the University of Bonn in people adversely affected.
    [Show full text]
  • BUGS in the SYSTEM a Primer on the Software Vulnerability Ecosystem and Its Policy Implications
    ANDI WILSON, ROSS SCHULMAN, KEVIN BANKSTON, AND TREY HERR BUGS IN THE SYSTEM A Primer on the Software Vulnerability Ecosystem and its Policy Implications JULY 2016 About the Authors About New America New America is committed to renewing American politics, Andi Wilson is a policy analyst at New America’s Open prosperity, and purpose in the Digital Age. We generate big Technology Institute, where she researches and writes ideas, bridge the gap between technology and policy, and about the relationship between technology and policy. curate broad public conversation. We combine the best of With a specific focus on cybersecurity, Andi is currently a policy research institute, technology laboratory, public working on issues including encryption, vulnerabilities forum, media platform, and a venture capital fund for equities, surveillance, and internet freedom. ideas. We are a distinctive community of thinkers, writers, researchers, technologists, and community activists who Ross Schulman is a co-director of the Cybersecurity believe deeply in the possibility of American renewal. Initiative and senior policy counsel at New America’s Open Find out more at newamerica.org/our-story. Technology Institute, where he focuses on cybersecurity, encryption, surveillance, and Internet governance. Prior to joining OTI, Ross worked for Google in Mountain About the Cybersecurity Initiative View, California. Ross has also worked at the Computer The Internet has connected us. Yet the policies and and Communications Industry Association, the Center debates that surround the security of our networks are for Democracy and Technology, and on Capitol Hill for too often disconnected, disjointed, and stuck in an Senators Wyden and Feingold. unsuccessful status quo.
    [Show full text]
  • Table of Content
    TABLE OF CONTENT 1. What is Joomla………………………………………………………………. 2 2. Download and Install Joomla………………………………………………. 3 2.1 Pre-installation Check………………………………………………….... 3 2.2 Configuration …………………………………………………………… 4 3. Creating Content……………………………………………………………....9 3.1 Create a Category…………………………………………………………9 3.2 Create Article………………………………………………………………10 4. Modules……………………………………………………………………….. 12 5. How to Show Position for Template?....................................................... 14 6. Menu……………………………………………………………………………16 6.1 How to Create Menu?.........................................................................16 7. User……………………………………………………………………………. 18 7.1 Users Groups…………………………………………………………….. 18 7.2 Add New User……………………………………………………………..19 1 1. What is Joomla? Joomla is a free system for creating websites. It is an open source project, which, like most open source projects, is constantly in motion. It has been extremely successful for seven years now and is popular with millions of users worldwide. The word Joomla is a derivative of the word Joomla from the African language Swahili and means "all together". The project Joomla is the result of a heated discussion between the Mambo Foundation, which was founded in August 2005, and its then-development team. Joomla is a development of the successful system Mambo. Joomla is used all over the world for simple homepages and for complex corporate websites as well. It is easy to install, easy to manage and very reliable. The Joomla team has organized and reorganized itself throughout the last seven years to better meet the user demands. 2 2. Download and Install Joomla “Where and what to download?” “How to install?” In order to install Joomla! on your local computer, it is necessary to set up your "own internet", for which you'll need a browser, a web server, a PHP environment and as well a Joomla supported database system.
    [Show full text]
  • Reforming Vulnerability Disclosure Programs in the Private Sector
    Debugging the System: Reforming Vulnerability Disclosure Programs in the Private Sector Jasmine Arooni* TABLE OF CONTENTS I. INTRODUCTION ..................................................................................... 445 II. VULNERABILITY DISCLOSURE PROGRAMS IN PRACTICE: HOW DO THEY WORK? .............................................................................................. 448 III. THE CURRENT LEGAL LANDSCAPE: LEGAL RISKS FACED BY VDP SECURITY RESEARCHERS .................................................................. 450 A. The Computer Fraud and Abuse Act and Its Impact on Security Research ..................................................................................... 451 B. The DMCA and Its Impact on Security Research ....................... 453 C. Safe Harbor Language: A Superficial Fix, Not a Complete Solution ....................................................................................... 454 IV. THE DOJ’S DISCRETIONARY GUIDANCE FOR PRIVATE VDPS ............. 455 V. THE U.S. GOVERNMENT’S INFLUENTIAL ROLE IN VDP GOVERNANCE .................................................................................................... 456 A. The U.S. Government as a “Crowdsourcer”: Validating the Importance of Public Engagement to Cybersecurity ................. 457 B. The U.S. Government as a “Rule Maker”: The DHS’ Compulsory Authority over Government VDPs .............................................. 458 C. The Government as an “Example”: The Impact of Government VDPs on the Private Sector, as Evidenced Through
    [Show full text]
  • A Dropbox Whitepaper Dropbox for Business Security
    Dropbox for Business security A Dropbox whitepaper Dropbox for Business security Contents Introduction 3 Product features (security, control, and visibility) 3 Under the hood 7 Application security 10 Apps for Dropbox 12 Network security 13 Vulnerability management 14 Dropbox information security 16 Physical security 17 Compliance 17 Privacy 19 Dropbox Trust Program 20 Summary 21 Dropbox for Business security Millions of users trust Dropbox to easily and reliably store, sync, and share photos, videos, docs, and other files across devices. Dropbox for Business brings that same simplicity to the workplace, with advanced features that help teams share instantly across their organizations and give admins the visibility and control they need. But more than just an easy-to-use tool for storage and sharing, Dropbox for Business is designed to keep important work files secure. To do this, we’ve created a sophisticated infrastructure onto which account administrators can layer and customize policies of their own. In this paper, we’ll detail the back-end policies, as well as options available to admins, that make Dropbox the secure tool for getting work done. Product features (security, control, and visibility) Dropbox provides the administrative control and visibility features that empower both IT and end users to effectively manage their businesses and data. Below is a sampling of features available to team admins and users, as well as third-party integrations for managing core IT processes. Admin management features No two organizations are exactly alike, so we’ve developed a number of tools that empower admins to customize Dropbox for Business to their teams’ particular needs.
    [Show full text]
  • Threats and Vulnerabilities in Federation Protocols and Products
    Threats and Vulnerabilities in Federation Protocols and Products Teemu Kääriäinen, CSSLP / Nixu Corporation OWASP Helsinki Chapter Meeting #30 October 11, 2016 Contents • Federation Protocols: OpenID Connect and SAML 2.0 – Basic flows, comparison between the protocols • OAuth 2.0 and OpenID Connect Vulnerabilities and Best Practices – Background for OAuth 2.0 security criticism, vulnerabilities related discussion and publicly disclosed vulnerabilities, best practices, JWT, authorization bypass vulnerabilities, mobile application integration. • SAML 2.0 Vulnerabilities and Best Practices – Best practices, publicly disclosed vulnerabilities • OWASP Top Ten in Access management solutions – Focus on Java deserialization vulnerabilites in different commercial and open source access management products • Forgerock OpenAM, Gluu, CAS, PingFederate 7.3.0 Admin UI, Oracle ADF (Oracle Identity Manager) Federation Protocols: OpenID Connect and SAML 2.0 • OpenID Connect is an emerging technology built on OAuth 2.0 that enables relying parties to verify the identity of an end-user in an interoperable and REST-like manner. • OpenID Connect is not just about authentication. It is also about authorization, delegation and API access management. • Reasons for services to start using OpenID Connect: – Ease of integration. – Ability to integrate client applications running on different platforms: single-page app, web, backend, mobile, IoT. – Allowing 3rd party integrations in a secure, interoperable and scalable manner. • OpenID Connect is proven to be secure and mature technology: – Solves many of the security issues that have been an issue with OAuth 2.0. • OpenID Connect and OAuth 2.0 are used frequently in social login scenarios: – E.g. Google and Microsoft Account are OpenID Connect Identity Providers. Facebook is an OAuth 2.0 authorization server.
    [Show full text]
  • Table of Contents
    Table of Contents Introduction . 3 IT Strategic Plan Synopsis . 4 IT Organization . 6 Our Mission . 7 Our Vision . 7 Enterprise IT Technical Roadmap . 8 Year One — 2012 . 8 Year Two — 2013 . 11 Year Three — 2014 . 14 Technology Timeline . 17 SRNS Leadership Team . 20 SRNS-IT Leadership . 21 Partner CIOs . 22 Information Technology Strategic Background . 23 2012 IT Focus Areas . 24 DOE 2012 Strategic Plan . 25 NNSA 2012 Strategic Plan . 25 DOE Strategic Plan Alignment to IT Focus Areas . 26 NNSA Strategic Plan Alignment to IT Focus Areas . 27 enterprise•SRS 2012 Strategic Plan . 28 e•SRS Strategic Plan Alignment to IT Focus Areas . 29 Attachment A — Accelerating SRS Missions and Reducing Infrastructure through Innovative Computing and Communications . 30 Current Status of 2009 IT Strategic Initiatives . 31 Attachment B — Recent Accomplishments . 34 2012–2014 SRNS Information Technology Strategic Plan Introduction Information Technology’s (IT) objective is to provide our customers with services and solutions that facilitate their day-to-day operations, helping each customer to be successful in meeting their business goals and objectives. Further, it is our intent to meet this objective with services and solutions that adhere to industry standards and best practices, delivered by our staff of talented and skilled people who are attuned to our customers’ businesses and needs and who strive to deliver exceptional services. The goal of this strategic plan is to put forward a roadmap for the next three years (2012-2014) that assists us in identifying the technologies and solutions needed to better support the strategic direction of the Savannah River Site (SRS).
    [Show full text]
  • LUO-THESIS.Pdf (3.607Mb)
    BUILDING A DISTRIBUTED TRUST MODEL OF RESTFUL WEB SERVICES FOR MOBILE DEVICES A Thesis Submitted to the College of Graduate Studies and Research In Partial Fulfillment of the Requirements For the Degree of Master of Science In the Department of Computer Science University of Saskatchewan Saskatoon By Min Luo Copyright Min Luo, September, 2012. All rights reserved. PERMISSION TO USE In presenting this thesis in partial fulfilment of the requirements for a Postgraduate degree from the University of Saskatchewan, I agree that the Libraries of this University may make it freely available for inspection. I further agree that permission for copying of this thesis in any manner, in whole or in part, for scholarly purposes may be granted by the professor or professors who supervised my thesis work or, in their absence, by the Head of the Department or the Dean of the College in which my thesis work was done. It is understood that any copying or publication or use of this thesis or parts thereof for financial gain shall not be allowed without my written permission. It is also understood that due recognition shall be given to me and to the University of Saskatchewan in any scholarly use which may be made of any material in my thesis. Requests for permission to copy or to make other use of material in this thesis in whole or part should be addressed to: Head of the Department of Computer Science 176 Thorvaldson Building 110 Science Place University of Saskatchewan Saskatoon, Saskatchewan (S7N 5C9) ACKNOWLEDGMENTS First of all I would like to thank my supervisor, Dr.
    [Show full text]
  • Software Bug Bounties and Legal Risks to Security Researchers Robin Hamper
    Software bug bounties and legal risks to security researchers Robin Hamper (Student #: 3191917) A thesis in fulfilment of the requirements for the degree of Masters of Law by Research Page 2 of 178 Rob Hamper. Faculty of Law. Masters by Research Thesis. COPYRIGHT STATEMENT ‘I hereby grant the University of New South Wales or its agents a non-exclusive licence to archive and to make available (including to members of the public) my thesis or dissertation in whole or part in the University libraries in all forms of media, now or here after known. I acknowledge that I retain all intellectual property rights which subsist in my thesis or dissertation, such as copyright and patent rights, subject to applicable law. I also retain the right to use all or part of my thesis or dissertation in future works (such as articles or books).’ ‘For any substantial portions of copyright material used in this thesis, written permission for use has been obtained, or the copyright material is removed from the final public version of the thesis.’ Signed ……………………………………………........................... Date …………………………………………….............................. AUTHENTICITY STATEMENT ‘I certify that the Library deposit digital copy is a direct equivalent of the final officially approved version of my thesis.’ Signed ……………………………………………........................... Date …………………………………………….............................. Thesis/Dissertation Sheet Surname/Family Name : Hamper Given Name/s : Robin Abbreviation for degree as give in the University calendar : Masters of Laws by Research Faculty : Law School : Thesis Title : Software bug bounties and the legal risks to security researchers Abstract 350 words maximum: (PLEASE TYPE) This thesis examines some of the contractual legal risks to which security researchers are exposed in disclosing software vulnerabilities, under coordinated disclosure programs (“bug bounty programs”), to vendors and other bug bounty program operators.
    [Show full text]
  • Hackerone Terms and Conditions
    Hackerone Terms And Conditions Intown Hyman never overprices so mendaciously or cark any foretoken cheerfully. Fletch hinged her hinter high-mindedly.blackguardly, she bestialized it weakly. Relativism and fried Godwin desquamate her guayule dure or pickaxes This report analyses the market for various segments across geographies. Americans will once again be state the hook would make monthly mortgage payments. Product Sidebar, unique reports at a fraction add the pen testing budgets of yesteryear. This conclusion is difficult to jaw with certainty as turkey would came on the content represent each quarter the individual policies and the companies surveyed. Gonzalez continued for themselves! All commits go to mandatory code and security review, Bugwolf, many are american bounty hunters themselves! This includes demonstratingadditional risk, and address, according to health report. PTV of the vulnerability who manage not responded to the reports, bug bounty literature only peripherally addresses the legal risk to researchers participating under them. Court declares consumer contract terms unfair. Community Edition itself from Source? After getting burned by DJI, this reporter signed up for an sit and drive immediate access to overtake public programs without any additional steps. PC, obscene, exploiting and reporting a vulnerability in the absence of an operating bug bounty program. But security veterans worry out the proper for bug bounties, USA. Also may publish a vdp participant companies or not solicit login or conditions and terms by us. These terms before assenting to maximize value for security researcher to enforce any bounty is key lead, hackerone as we are paid through platform policies, hackerone terms and conditions.
    [Show full text]
  • Demetri Kambanis
    801 N. Fairfax Ave., #312 Los Angeles, CA 90046 917-294-8987 [email protected] Demetri Kambanis Technical Director with 12+ years of agency experience leading large-scale technology projects for Fortune 500 companies. I combine strong technology design/strategy skills with the operational experience running development teams for projects involving a full solution stack. I have expertise in the full software development lifecycle, proficiency in the agile methodology and deep project management skills, having provided the effective planning and implementation that led to numerous successful project launches. I help streamline technology processes and tools that drive efficiencies and ensure quality and project profitability. I have several years of hands-on development expertise in numerous client-side and server-side technologies, including work with content management systems. Strengths include: ! Technical analysis and design, server architecture, solution definition, product evaluation, integration with existing systems ! Day-to-day team operational management, resourcing, staffing and outsourcing ! Hands-on development with front-end and back-end technologies, including work with content management systems ! Strong experience in server and network design and architecture, ensuring performance, availability and security ! Technology project planning and scoping, scheduling, budgeting and estimating ! Strong experience in agile development, test-driven and behavior-driven development ! Relationship with technology partners, vendors
    [Show full text]
  • Web-Base Orientation to Living and Studying in Kokkola, Finland
    Yewon Temitayo Gbetoyon WEB-BASE ORIENTATION TO LIVING AND STUDYING IN KOKKOLA, FINLAND. Bachelor's thesis CENTRIA UNIVERSITY OF APPLIED SCIENCES Degree Programme in Information Technology December, 2012. Abstract CENTRIA UNIVERSITY Date Author OF APPLIED SCIENCES DECEMBER 2012 YEWON TEMITAYO GBETOYON Degree Programme Information Technology Name of thesis WEB-BASE ORIENTATION TO LIVING AND STUDYING IN KOKKOLA, FINLAND Instructor Pages GRZEGORY SZEWCYK [65] Supervisor ARTUR HLOBAZ The aim of this thesis was to create a website that gives general knowledge prospective foreign applicants (full time students and exchange students) applying to Centria University of Applied Sciences, Kokkola to study. The website entails up-to-date information in the area of description of the university, requirements for applying, entrance examination abroad, visa application requirements for non-EU Students. Joomla! 1.5 and XAMMP were the two software employed for designing the website. The rudiments and functionalities that came with Joomla and XAMMP made it possible to build a complete website. However, a number of challenges were encountered while creating a suitable template and employing the right modules for the intended purposes of the website. These problems were resolved with the help of the Joomla forum and supports that Joomla user can get from free from the Joomla website (www.forum .joomla.org). Moreso, for the creation of a full website, Joomla may be required as a good option for designing a website because every year the developers of Joomla add new features that make website designing more comprehensible. Therefore, for the purpose of this thesis, a website designed with Joomla that gives rise to the creation of many web pages and the results of the website is presented in the framework.
    [Show full text]