2024-03-29T14:04:20Zhttps://bibdigital.epn.edu.ec/oai/requestoai:bibdigital.epn.edu.ec:15000/196202019-04-08T03:34:33Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Aplicación de un framework de gestión de calidad de datos para el eje estratégico de docencia de la Escuela Politécnica Nacional
Chela Tipantaxi, Geovanna Marisol
This work aims the adoption and application of a data quality management framework for the National Polytechnic School. The study is proposed to be centered on the strategic axis of teaching. Away the frameworks analyzed, the framework "Executing Data Quality Projects: Ten steps to Quality Data and Trusted Information" is selected, which provides a systematic approach to improve and create quality data and information within any company. The framework is made up of ten steps and also considers the life cycle of information and a business approach to data, people and organization, technology and processes. For this study, we reach step 3 of the evaluation and step 10 of communication, in order to measure and define a baseline of data quality and establish a reporting scheme. As a final result, 8.75% of data quality problems are determined, considering the following quality dimensions: validity, precision, duplicity, compliance, presentation and consistency. About 3 million records were evaluated corresponding to 7.51 % of the total data source. The results correspond to the units: Student Welfare, General Secretary and Teaching Direction of the Strategic Teaching Axis of the National Polytechnic School. Based on the application of the framework, they were found several problems concerning data quality. It is recommended the adoption of a governance scheme that considers data quality as a sustainable process in the time.
2018-07-31
masterThesis
spa
Segura Morales, Marco Antonio, director
http://bibdigital.epn.edu.ec/handle/15000/19620
/var/dspace/bitstream/15000/19620/1/CD-9024.pdf
0b70d10fb205f169cfb2c054acb062c9
/var/dspace/bitstream/15000/19620/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19620/3/CD-9024.pdf.txt
1faae565deb05ef3b05548d71f11eb26
/var/dspace/bitstream/15000/19620/4/CD-9024.pdf.txt
1faae565deb05ef3b05548d71f11eb26
openAccess
CALIDAD DE DATOS
EXECUTING DATA QUALITY PROJECTS
oai:bibdigital.epn.edu.ec:15000/196232019-04-08T01:08:48Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Identificación de activos de información del eje estratégico de docencia de la escuela Politécnica Nacional orientado a una adecuada gestión de calidad de datos
Patiño Salazar, Edwin Rodrigo
At the present time, most organizations are aware of the importance of having the actual vision of the institution’s status and especially of its information technology platform. It means align its strategy with technology in order to be more effective and make the best decisions for their companies. The purpose of this research is to identify information assets and compare them with the computer systems that support the Strategic Axis of Teaching, at Escuela Poliécnica Nacional, as well as to identify the gaps on information for decision making. To detect these information assets, first, we identify the units aligned in the Strategic Axis of Teaching, in accordance with the structural organizational chart of the Escuela Politécnica Nacional, and existing statute. Next, we interviewed the representatives of these dependencies for comparing of the information that was found in the computer systems with the data obtained from the interviews, all this with the aim of establishing the information GAP. The final part of this research includes a section with results and conclusions, where a catalog of existing and non-existent information assets will be provided. This would allow that the competent authorities will conduct the management and creation of non-existing information assets, facilitating the compliance of the institutional responsibilities with information that is consistent, complete, easily accessible and secure.
Quito, 2018.
2018-07-31
bachelorThesis
spa
Segura Morales, Marco Antonio, director
http://bibdigital.epn.edu.ec/handle/15000/19623
/var/dspace/bitstream/15000/19623/1/CD-9023.pdf
3fba7eb4eb784820bc94c5ea2002dadc
/var/dspace/bitstream/15000/19623/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19623/3/CD-9023.pdf.txt
f75325d6a63b2f0f5433333aaa4cc960
/var/dspace/bitstream/15000/19623/4/CD-9023.pdf.txt
f75325d6a63b2f0f5433333aaa4cc960
/var/dspace/bitstream/15000/19623/5/CD-9023.pdf.txt
f75325d6a63b2f0f5433333aaa4cc960
openAccess
ACTIVOS DE INFORMACIÓN
TOMA DE DECISIONES
ARQUITECTURA EMPRESARIAL
oai:bibdigital.epn.edu.ec:15000/196662019-04-08T01:13:42Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Mapeo entre las áreas de proceso de “Gestión de decisiones y proveedores” y “Crear una cultura de excelencia” del modelo CMMI-DEV VER. 1.3 y la familia de normas ISO/IEC 330XX.
Mosquera Espinosa, Evelyn Marcela
Organizations evaluate their processes based on models and reference standards. The Capability Maturity Model Integration (CMMI) is a reference model that improves the competencies of an organization, through efficient and effective processes, reaching a greater performance of the organization. The ISO/IEC 330xx family is a revision of the ISO/IEC 15504 standard, it’s a set of standards for software development ant the improvement of the related business management functions. Due to the demands coming from the market or the clients, an organization has to adhere to multiple models or standards, which implies an investment of time and resources. For this reason, it’s necessary to know if the models cited above are related. Identify this relationship would help a company to pass from the CMMI certification and get certified in ISO/IEC330xx. The SFramework model facilitates the combination of several reference models. By using Common Structure of Process Elements (CSPE) it was possible to establish the Process Elements to be Integrated (PEBI), the specific practices of the CMMI-DEV 1.3 processes and the base practices of the processes defined in ISO/IEC 33073. After the selection of PEBIs, a mapping was made between both the areas of “Manage decisions and suppliers” and “Create a culture to sustain excellence” of CMMI-DEV 1.3 and the processes defined in ISO/IEC 33073. Therefore, the degrees of relationship and compliance between the processes were established.
Quito, 2018.
2018-08-15
masterThesis
spa
Sánchez Gordón, Sandra Patricia, director
http://bibdigital.epn.edu.ec/handle/15000/19666
/var/dspace/bitstream/15000/19666/1/CD-9072.pdf
635ad7839588ce7cfb8777b4a4f3683e
/var/dspace/bitstream/15000/19666/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19666/3/CD-9072.pdf.txt
293b690ce46f175f4f16544b6350fbba
openAccess
ISO/IEC 33073
CMMI-DEV (VERSION 3)
CALIDAD DEL PRODUCTO DE SOFTWARE
CALIDAD DEL PROCESO DE SOFTWARE
oai:bibdigital.epn.edu.ec:15000/197312019-04-08T01:12:16Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación de la calidad en uso de productos de software para gestión de historias clínicas
Ordoñez Calero, Hernán David
The present work presents the evaluation of quality in use of hospital management software, taking into consideration parts of the software for managing clinical histories. This evaluation tries to determine the level of quality with which medical records management software helps users (nurses, doctors, cashiers, etc.) in the development of their work. Prior to the evaluation, a literature systematic review of relevant works was developed. Through the analysis of selected studies, good practices for software development were found. However, an evaluation of the quality in use following a methodology or standard has not been proposed. This work followed ISO / IEC 25040 standard like the evaluation process and the standard ISO / IEC 25022 that describes a set of measures and provides guidance for measuring quality in use. Both standards are part of ISO 25000 standard to evaluate the quality of software products. A user satisfaction survey was applied in compliance with the established by the satisfaction level measure. The study was conducted in a private hospital and two public hospitals. The results of the evaluation show that the product evaluated in the private hospital has a very satisfactory level of quality, and in the public hospital has a satisfactory level. The data dispersion was very low, which allows to affirm that the perception of quality in use is common among all users. An analysis of results by characteristics and measures of quality in use is presented.
Quito, 2018.
2018-10-12
masterThesis
spa
Intriago Pazmiño, María Monserrate, director
http://bibdigital.epn.edu.ec/handle/15000/19731
/var/dspace/bitstream/15000/19731/1/CD-9132.pdf
e14b3468b8ea3212504728db2d42cb06
/var/dspace/bitstream/15000/19731/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19731/3/CD-9132.pdf.txt
7df7257ce17f004b9b6431d6701d1b73
openAccess
CALIDAD DE SOFTWARE
SOFTWARE HOSPITALARIO
HISTORIAS CLINICAS
oai:bibdigital.epn.edu.ec:15000/198802020-07-31T21:03:38Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Desarrollo de un Sistema de Gestión de Seguridad de la Información para bibliotecas basado en una metodología mejorada para análisis de riesgos compatible con la norma ISO/IEC 27001:2013
Bravo Ramos, María José
University libraries are guardians of information that share information with students, teachers and researchers for the university community. Libraries are centers for gathering information, and therefore, it is necessary to prioritize security. For this reason, an analysis and optimization of existing risk methodologies was proposed (Magerit V.3, Octave V.2 and NIST). Once the improved methodology for Quito’s public university libraries was obtained, it was applied in the library system of the Escuela Politécnica Nacional (EPN).
Quito, 2018.
2018-11-29
masterThesis
spa
Yoo, Sang Guun, director
http://bibdigital.epn.edu.ec/handle/15000/19880
/var/dspace/bitstream/15000/19880/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19880/3/CD-9295.pdf
36e45a40e21e8c82df96d6f59f53d40a
/var/dspace/bitstream/15000/19880/4/CD-9295.pdf.txt
51373adaadf76d1f29a9538f26b44145
/var/dspace/bitstream/15000/19880/5/CD-9295.pdf.txt
51373adaadf76d1f29a9538f26b44145
openAccess
SEGURIDAD DE LA INFORMACIÓN
SISTEMAS DE GESTIÓN DE LA SEGURIDAD DE LA INFORMACIÓN (SGSI)
METODOLOGÍAS DE ANÁLISIS DE RIESGOS
ISO/IEC 27001:2013
BIBLIOTECAS UNIVERSITARIAS
oai:bibdigital.epn.edu.ec:15000/199432019-04-08T11:16:10Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un modelo de calidad para el diseño de procesos organizacionales.
Gálvez Mosquera, Estefanía Patricia
Organizational processes are constantly evolving due to different factors. To meet this permanent transformation, these processes must be flexible enough, which implies their formalization and optimal design. To operate effectively, organizations must identify and manage all their processes. Therefore, it is important to ensure their quality. In Ecuador, there are companies specialized in providing advisory services in process management. For that purpose, they use methodologies, techniques and good practices in order to provide an optimum service accomplishing the expectations of their customers. However, this does not always happen.
The object of this work is to provide a quality model for design of processes. This would allows expert companies to achieve an efficient design following good practices defined in each phase of their lifecycle and to perform an evaluation of the quality based on the following perspectives: syntactic, semantic and pragmatic.
Quito, 2019.
2019-01-28
masterThesis
spa
Santórum Gaibor, Marco Oswaldo , director
http://bibdigital.epn.edu.ec/handle/15000/19943
/var/dspace/bitstream/15000/19943/1/CD-9403.pdf
449ee1cba2b13d0f7a63db03a7f1c560
/var/dspace/bitstream/15000/19943/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/19943/3/CD-9403.pdf.txt
d6dcf7b47d550f53b4cfa8239d4b1af2
openAccess
GESTIÓN DE PROCESOS
CALIDAD DE PROCESOS
NOTACIÓN BPM
MODELAMIENTO
oai:bibdigital.epn.edu.ec:15000/200072019-04-08T11:21:07Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis y mejora de la usabilidad de las interfaces Web de un sistema de tele-rehabilitación para pacientes de cirugía de sustitución de cadera utilizando métodos de inspección.
Pilco Quinaluiza, Hennry Mauricio
The goal of a telerehabilitation platform is to facilitate the rehabilitation of patients through the use of telecommunication technologies complementing with the use of biomedical smart sensors. Guaranteeing the correct use of a telerehabilitation platform with safety and security requires continuous improvement of its usability. Without a system usability study, a platform of this type can cause problems of confusion, error, delay or even injuries to the patient and, therefore, the abandonment of the rehabilitation therapy. The purpose of this study is to perform a usability evaluation of a telerehabilitation platform and involves users through all the stages of its development based on an exploratory prototype, with the aim of showing its refinement process and improvement of the level of usability using inspection methods. Usability issues originally cataloged as catastrophic were reduced to zero, minor usability problems were decreased to 141 (38.74%), major usability problems were reduced to ten (2.75%). This study also intends to serve as a guide to improve usability of e-Heath systems in alignment with the software development cycle.
Quito, 2019.
2019-01-22
masterThesis
spa
Sánchez Gordón, Sandra Patricia, directora
http://bibdigital.epn.edu.ec/handle/15000/20007
/var/dspace/bitstream/15000/20007/1/CD-9404.pdf
ddd7913d48e4210bfa2c0c6eb377e68c
/var/dspace/bitstream/15000/20007/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20007/3/CD-9404.pdf.txt
a3fa66adea861060a98b86d3a6635365
openAccess
TELEREHABILITACIÓN
TELEMEDICINA
CALIDAD DE SOFTWARE
oai:bibdigital.epn.edu.ec:15000/200092019-04-08T11:20:07Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Implementación de métricas para la evaluación del proceso de control de calidad en proyectos de desarrollo de software para la empresa logiciel
Caiza Chacón, Gabriela Alexandra
In the present project we present the development of metrics to evaluate the process of quality control in projects of software development for the company LOGICIEL. The objective of the work lies in helping the executives of the company to make decisions that improve the quality of the testing process and the final product.
Prior to the development of the metrics, a study was made about the quality control process implemented in LOGICIEL. The objective was to know in detail the defined testing process. Additionally, a literature review was made about the fundamentals related to the testing process, quality models and measurement methodologies.
We followed a Research-Action approach, which allowed us to achieve the objective set out in this work. To do this, a diagnosis of the testing process was performed and, based on the results obtained, actions were planned to implement the metrics. According to the literature review previously carried out, it was observed that there were some metrics to evaluate the testing process; however, there were no specific metrics adapted to the objectives pursued by LOGICIEL. Therefore, it was necessary to implement some metrics that allow evaluating the testing process according to the objectives set by the company.
For the implementation of the metrics, the ISO/IEC 25023 standard and the foundations of ISTQB (International Board of Qualifications for Software Testing) were taken as a basis. According to the results obtained from the evaluation carried out using the metrics implemented, improvements were made to the testing process and it was found that the quality of the testing process influences the quality of the final product.
2019-02-07
masterThesis
spa
Loza Aguirre, Edison Fernando, director
http://bibdigital.epn.edu.ec/handle/15000/20009
/var/dspace/bitstream/15000/20009/1/CD-9449.pdf
2cf949e9ece27cb0afcab14dce7abeb0
/var/dspace/bitstream/15000/20009/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20009/3/CD-9449.pdf.txt
cfc375ea30e9bf81cce7b5223a3c77ed
/var/dspace/bitstream/15000/20009/4/CD-9449.pdf.txt
cfc375ea30e9bf81cce7b5223a3c77ed
openAccess
CONTROL DE CALIDAD
CALIDAD DE SOFTWARE
oai:bibdigital.epn.edu.ec:15000/200102019-04-08T11:21:38Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Aseguramiento de calidad basado en CMMI en los procesos de mantenimiento de software para la Unidad de Análisis Financiero y Económico
Mendoza Colimba, Ximena de los Ángeles
The development project contains the proposal of the catalog of processes based on CMMI to ensure the quality of software maintenance tasks of the UAFE, which allows developers to have a baseline of the processes that must be carried out in software maintenance to meet product and process quality standards by taking care of software deterioration.
In this project, the Science of Design methodology was applied, with which it was possible to establish the proposed proposal. The first steps to establish the diagnostic of the maintenance process was supported by interviews, and based on this the needs were established and the proposal was developed, which was evaluated by the selected focus group.
The present project is summarized as follows:
Chapter I: This chapter contains the introduction of the development project, definition and process areas of CMMI, SCAMPI evaluation model, the fundamentals of software maintenance, key factors, techniques, standards, methodologies; and types of maintenance that exist.
Chapter II: This chapter contains the methodology with which the development project has been carried out, with the description of each one of the cycles of the Science of Design and the elaboration of the proposal.
Chapter III: This chapter contains the analysis and discussions of the results once the proposal was presented.
Chapter IV: This chapter contains the Conclusions and Recommendations obtained in the development of the project.
2019-02-07
masterThesis
spa
Loza Aguirre, Edison Fernando, director
http://bibdigital.epn.edu.ec/handle/15000/20010
/var/dspace/bitstream/15000/20010/1/CD-9450.pdf
425eace5114f3b48bcf3c6344c5b0a3f
/var/dspace/bitstream/15000/20010/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20010/3/CD-9450.pdf.txt
7af1c681dff378ba02536f75f3159ed7
/var/dspace/bitstream/15000/20010/4/CD-9450.pdf.txt
7af1c681dff378ba02536f75f3159ed7
openAccess
ASEGURAMIENTO DE CALIDAD
SOFTWARE
oai:bibdigital.epn.edu.ec:15000/200282019-04-08T11:21:25Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Definición de mejores prácticas para mejorar la calidad de procesos de software basadas en la norma ISO/IEC 29110-5-1-2: Perfil Básico en MIPYMES
Castillo Salinas, Luis Alberto
The competitiveness of software development enterprises depends on their ability to offer software products with quality attributes. The vast majority of very small entities (VSEs) that develop software do not see the benefits that result from applying software quality standards in their organisations. Consequently, they limit their potential to be recognised as quality software development enterprises. In this study, the authors present results obtained through the application of empirical software engineering in an experiment in which the standard ISO/IEC 29110-5-1-2: 2011 “Software engineering -- Lifecycle profiles for Very Small Entities (VSEs) -- Part 5-1-2: Management and engineering guide: Generic profile group: Basic profile” was used. Two experimental teams adopted the standard, while two other experimental teams did not have any standard guidance but developed the same product within the same timeframe and scope. The goal was to determine the best practices for the improvement of the software process implementation. The usability of the standard, as process guidance for software implementation, enabled the experimental teams that adopted the standard to execute the process activities with better quality.
Quito, 2019.
2019-02-08
masterThesis
spa
Sánchez Gordón, Sandra Patricia, director
http://bibdigital.epn.edu.ec/handle/15000/20028
/var/dspace/bitstream/15000/20028/1/CD-9370.pdf
a513d58040c61d1a0a2a6652736c460e
/var/dspace/bitstream/15000/20028/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20028/3/CD-9370.pdf.txt
445ff7a3648194aa1eceb0590cb123d0
openAccess
INGENIERÍA DE SOFTWARE
CALIDAD DE SOFTWARE
ISO/IEC 29110
oai:bibdigital.epn.edu.ec:15000/201192019-04-08T09:59:43Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un marco de trabajo para el aseguramiento de la calidad en el diseño de videojuegos serios orientados a la rehabilitación física de acuerdo a la norma ISO/IEC/IEEE 42010
Escobar Cárdenas, José Luis
This Master Thesis shows the process of creation of an Architecture Framework for the Design of Serious Games oriented to Physical Rehabilitation. This work is based on the standard ISO/IEC/IEEE 42010 and the MDA Framework. The result of this work is a guide that will help all Serious Game development key stakeholders to identify important elements in order to focus the design process towards the fulfillment of a Physical Therapy Rehabilitation Program. In addition, it also helps to identify restrictions that could cause health side effects or injuries due to the use of a serious game of this type. This framework also includes an Architecture Description Language defined according to the requirements of the standard ISO/IEC/IEEE 42010 that could be used to diagram and interpret the architecture of this type of games. Finally, an evaluation of the proposed work was made via a survey based on the GQM Methodology answered by the group of stakeholders defined in the framework, the last part of this work include a result analysis and a future work proposal.
Quito, 2019.
2019-03-12
masterThesis
spa
Sánchez Gordón, Sandra Patricia, directora
http://bibdigital.epn.edu.ec/handle/15000/20119
/var/dspace/bitstream/15000/20119/1/CD%209554.pdf
e1a0cf555d08e12185273da92f535410
/var/dspace/bitstream/15000/20119/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20119/3/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/3/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/4/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/5/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/6/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/6/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/7/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/8/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
/var/dspace/bitstream/15000/20119/9/CD%209554.pdf.txt
c05553f43a134141bdd21f4a7d9f693a
openAccess
MARCO DE ARQUITECTURA
DISEÑO DE VIDEOJUEGOS
oai:bibdigital.epn.edu.ec:15000/202452019-06-03T17:53:46Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Mapeo entre las áreas de proceso de “Administración y monitoreo del desarrollo” del modelo CMMI-DEV VER. 1.3 y la familia de normas ISO/IEC 330XX
Tapia Moreno, Daniel Alejandro
An organization can implement the common areas of the reference model CMMI-DEV and the family of standards ISO / IEC 330XX, it should be mentioned that the missing elements of one model can be compensated by the other. Based on this it is necessary to carry out a comparative study between the models that is synthesized by a mapping. The objective of this work is mapping the processes of the areas “Manage and Monitor the Development” and “Make work explicit and measurable” of CMMI-DEV version 1.3 model and the processes of the ISO/IEC 33073:2017 standard.
Through a Systematic Literature Review, important studies are analyzed and the research questions that support the development of mapping are answered.
Then the SFramework methodology is applied, where the models are homogenized and be defined the elements to compare: the specific practices of the CMMI-DEV processes and the base practices of the ISO/IEC 33073 processes, the comparison is made, and a comparison level is established. The following relationships are identified: a relationship with the level of strong coverage in Organizational Performance Management (OPM); nine relationships with a wide coverage level for Configuration Management (CM), Project Planning (PP), Measurement and Analysis (MA), Organizational Performance Management (OPM), Quantitative Project Management (QPM), Causal Analysis and Resolution (CAR) y Organizational Process Performance (OPP); 22 relationships classified with a partial coverage level for Project Monitoring and Control (PMC), Configuration Management (CM), Project Planning (PP), Measurement and Analysis (MA), Organizational Performance Management (OPM) y Causal Analysis and Resolution (CAR). These results can serve as a guide for an organization that wants to achieve the organizational maturity of their processes.
Quito, 2019.
2019-03-19
masterThesis
spa
Larco Ampudia, Enrique Andrés, director
http://bibdigital.epn.edu.ec/handle/15000/20245
/var/dspace/bitstream/15000/20245/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20245/1/CD%209639.pdf
e99f5b405b2a195327642c618bf04203
openAccess
oai:bibdigital.epn.edu.ec:15000/202472019-06-03T17:54:00Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Mapeo entre las áreas de proceso de “Administración y monitoreo del desarrollo” del modelo CMMI-DEV VER. 1.3 y la familia de normas ISO/IEC 330XX
Tapia Moreno, Daniel Alejandro
An organization can implement the common areas of the reference model CMMI-DEV and the family of standards ISO / IEC 330XX, it should be mentioned that the missing elements of one model can be compensated by the other. Based on this it is necessary to carry out a comparative study between the models that is synthesized by a mapping. The objective of this work is mapping the processes of the areas “Manage and Monitor the Development” and “Make work explicit and measurable” of CMMI-DEV version 1.3 model and the processes of the ISO/IEC 33073:2017 standard.
Through a Systematic Literature Review, important studies are analyzed and the research questions that support the development of mapping are answered.
Then the SFramework methodology is applied, where the models are homogenized and be defined the elements to compare: the specific practices of the CMMI-DEV processes and the base practices of the ISO/IEC 33073 processes, the comparison is made, and a comparison level is established. The following relationships are identified: a relationship with the level of strong coverage in Organizational Performance Management (OPM); nine relationships with a wide coverage level for Configuration Management (CM), Project Planning (PP), Measurement and Analysis (MA), Organizational Performance Management (OPM), Quantitative Project Management (QPM), Causal Analysis and Resolution (CAR) y Organizational Process Performance (OPP); 22 relationships classified with a partial coverage level for Project Monitoring and Control (PMC), Configuration Management (CM), Project Planning (PP), Measurement and Analysis (MA), Organizational Performance Management (OPM) y Causal Analysis and Resolution (CAR). These results can serve as a guide for an organization that wants to achieve the organizational maturity of their processes.
Quito, 2019.
2019-03-19
masterThesis
spa
Larco Ampudia, Enrique Andrés, director
http://bibdigital.epn.edu.ec/handle/15000/20247
/var/dspace/bitstream/15000/20247/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20247/1/CD%209639.pdf
e99f5b405b2a195327642c618bf04203
openAccess
SOFTWARE
INGENIERÍA
CALIDAD
oai:bibdigital.epn.edu.ec:15000/202512019-06-03T17:54:25Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Impacto de la aplicación de un enfoque de entrega continua en la calidad del software bancario
Romero Fernández, José Guillermo
This work evaluates the impact on software quality by applying a continuous delivery approach. The continuous delivery consists of three phases: Continuous Exploration that allows to determine the needs of the client beyond the requirements, Continuous Integration that allows the automation of builds and automatic tests, and Continuous Deployment that allows the passage of new functionalities to different environments such as: Development, Testing and even Production, not necessarily released to be used immediately, but to be enabled at any time. The result of this work is for software suppliers or internal developers in banking entities that want a shorter reaction time, risk reduction, exposure of defects and costs, among other benefits of applying this technique. To determine the impact on quality, a case study was carried out, which measures and records the behavior of the people involved in the phenomenon studied, number of errors, rework, delivery of functionalities before and after applying the Continuous Delivery approach. The case study will allow us to observe the results of changes introduced in similar contexts under the same conditions, applying different approaches.
Quito, 2019.
2019-05-22
masterThesis
spa
Flores Naranjo, Pamela Catherine, directora
http://bibdigital.epn.edu.ec/handle/15000/20251
/var/dspace/bitstream/15000/20251/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/20251/1/CD%209701.pdf
553e27a9ed1a60e1b8e2332807afaf1d
openAccess
INGENIERÍA DE SOFTWARE
CALIDAD SOFTWARE
SOFTWARE BANCARIO
oai:bibdigital.epn.edu.ec:15000/213562021-02-11T17:12:32Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación de la calidad de software respecto al criterio de usabilidad de las interfaces web del sistema I-PAT a implementarse en el Ministerio del Interior
Tutillo Sánchez, Doris Karina
The crime rate has increased in Ecuador. Violations, femicides, homicides and assaults, are all having a negative impact on society. For this reason, the government of Ecuador has developed a mobile application based on Android technology known as I-Pat (Intelligent Police Patrolling System. This system covers one of the fundamental needs for the Ecuadorian community that is safety. This research summarizes the evaluation of the usability of this application, with the use of Think Aloud (TA) and Focus Group (FG) methods. The combination of these methods allowed covering aspects of usability such as consistency, functionality, navigability, workflow and application control. The findings have led to a number of technical recommendations being made to improve the application’s functionality and the user’s experience of it, and so it can be used to support the patrol work of the National Police of Ecuador.
Quito, 2019.
2019-06-06
masterThesis
spa
Calle Jiménez, Tania Elizabeth, directora
http://bibdigital.epn.edu.ec/handle/15000/21356
/var/dspace/bitstream/15000/21356/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21356/1/CD%209733.pdf
49953ae248c7db62a4b3ad7f3e05703d
openAccess
CRIMINALIDAD ECUADOR
CALIDAD DE SOFTWARE
HOMICIDIO
ECUADOR
oai:bibdigital.epn.edu.ec:15000/213582021-02-11T17:12:56Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Estudio de prácticas de calidad en los procesos de desarrollo de software en Universidades del Ecuador
González Flores, Graciela Susana
Nowadays, the universities and polytechnic schools of Ecuador rely on the use of state-of-the-art technology to cover the parameters of quality demanded by their control organisms. Among these assets we can find information systems for the management of their core processes. These systems requires software, whose development has been traditionally internal and where a large amount of sensitive information is manipulated. Therefore, within a perspective of continuous improvement, it is necessary to investigate which practices are implemented or be implemented by higher education institutions to manage and guarantee quality in software development processes.
In the absence of a previous study, a methodology of qualitative exploratory research was followed, whose technique used for the collection of information was the semi-directive interview with the directors and heads of development of several universities (nine institutions and 13 participants), whose words were analyzed and classified.
In the present work, the results of the study are reported around expectations, motivators (proactive and reactive), barriers, models and practices (previous, current and future) in the context of software quality, ending with the author’s conclusions and recommendations.
Quito, 2019.
2019-06-20
masterThesis
spa
Loza Aguirre, Edison Fernando, director
http://bibdigital.epn.edu.ec/handle/15000/21358
/var/dspace/bitstream/15000/21358/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21358/1/CD%209754.pdf
310e5a6a9c8acb892151076b8e19cc8f
openAccess
INGENIERÍA DE SOFTWARE
CALIDAD DE SOFTWARE
UNIVERSIDADES
ECUADOR
oai:bibdigital.epn.edu.ec:15000/213602021-02-11T17:13:16Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Mapeo entre los grupos de áreas de procesos de “Gestión de Decisiones y Proveedores” y “Crear una Cultura de Excelencia” del Modelo CMMI-DEV 1.3 con la Norma ISO 9000-3:2014
Viera Bautista, Daniel Benjamin
Software development organizations today have chosen to implement practices and methods to improve the quality of software products and services. Currently there are multiple standards and standards that help organizations manage and control the software development process. However, since there are multiple norms and standards, it is difficult to determine which of them best fits the objectives of the organization. For this reason, the objective of this Master's thesis is to describe the relationship between two quality standards in software development that are widely used (CMMI-DEV v1.3 and ISO / IEC 90003: 2014), through mapping. The SFramework model was used for development, an agile structured model with generic phases that helps the combination of reference models. The result of this work is the mapping between the areas of "Decision and supplier management" and "Creating a culture of excellence" of CMMI-DEV v1.3 and the clauses defined in ISI / IEC 90003: 2014, identifying the degree of relationship and compliance, so that this work serves as a guide from the CMMI certification to achieve the ISO / IEC 90003: 2014 certification.
Quito, 2019.
2019-07-10
masterThesis
spa
Sánchez Gordón, Sandra Patricia, directora
http://bibdigital.epn.edu.ec/handle/15000/21360
/var/dspace/bitstream/15000/21360/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21360/1/CD%209818.pdf
6dc8bd15c44d4b332dbc0c74568a81de
openAccess
DESARROLLO (SOFTWARE)
CALIDAD DE SOFTWARE
GESTIÓN DE PROCESOS
oai:bibdigital.epn.edu.ec:15000/213622021-02-11T17:13:39Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Lineamientos metodológicos para aplicar integración y entrega continua en el área de desarrollo de software para mejorar la calidad de productos de software en la dirección de gestión de la información y procesos de la Escuela Politécnica Nacional
Castro Lima, Wilson Castro
The purpose of this work is to establish the methodological guidelines to implement the integration and continuous delivery as software development techniques to improve the quality of the software product that is developed within the Área de Desarrollo de la Dirección de Gestión de la Información y Procesos. In order to establish the methodological guidelines and apply them to the Área de Desarrollo de la Dirección de Gestión de la Información y Procesos, a State of the Art has been carried out to identify possible existing frameworks, techniques or methodologies to implement the integration and Continuous delivery within a development process. In addition, a case study focused on the Development Area of the Information and Process Management Department was carried out in order to extract all the necessary information that provides the possibility of identifying: shortcomings and benefits in terms of the development process of software and subsequently create a research model that generates the methodological guidelines to implement integration and continuous delivery in the software development processes. Finally, the guidelines for a software development process were executed, thus obtaining results of task execution, identification of errors and identification of efforts to solve future problems.
Quito, 2019.
2019-09-10
bachelorThesis
spa
Flores Naranjo, Catherine Flores, directora
http://bibdigital.epn.edu.ec/handle/15000/21362
/var/dspace/bitstream/15000/21362/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21362/1/CD%209971.pdf
4f9143b7cffd3a6fc89e8bce92cab07e
openAccess
DESARROLLO (SOFTWARE)
CALIDAD DE SOFTWARE
GESTIÓN DE LA INFORMACIÓN
oai:bibdigital.epn.edu.ec:15000/213632021-02-11T17:13:56Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación y mejora de la calidad interna y calidad de uso de un computer-aided diagnostic y detection system para el reconocimiento automático de patologías de la mama en imágenes mamográficas
Bello Nieves, David de Jesus
The following work aims to guarantee the quality in each of the stages of the development cycle of a Computer-Aided Diagnostic and Detection System for the Automatic Recognition of Pathologies of the breast in Mammographic Images, as one of the products of the Research Project REDU: PREDU-2016-013. For this purpose, the ISO 25000 standard, the usability heuristic rules and the ISO 19505-2 standard were combined. The construction of the system was framed in the 4 phases proposed in the methodology of the agile unified process (AUP) and in each phase an incremental prototype was built. To achieve this, the activities specified in said methodology were carried out: 1) Survey of software and stakeholder requirements; 2) Diagramming phase; 3) Interface design; 4) Development phase and 5) Product evaluation. Then, a user satisfaction questionnaire was designed focusing on two types of users: normal and experts. The results of the evaluation in this first version show that the product evaluated has a satisfactory quality level obtaining 9.86/10 in the evaluation of quality in use and 8.45/10 in the internal quality evaluation.
Quito, 2019.
2019-09-30
bachelorThesis
spa
Pérez Hernández, María Gabriela, directora
http://bibdigital.epn.edu.ec/handle/15000/21363
/var/dspace/bitstream/15000/21363/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21363/1/CD%209984.pdf
94f7de7587d6cc1d4d683414f0784941
openAccess
DESARROLLO (SOFTWARE)
CALIDAD DE SOFTWARE
NORMAS ISO
oai:bibdigital.epn.edu.ec:15000/213642021-02-11T17:14:08Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de Ingeniería de Requerimientos para mejorar la calidad del desarrollo de software en Cooperativas de Ahorro y Crédito, utilizando la norma ISO/IEC 29110-5-1-2. Caso de Estudio Cloudstudio
Quito Carrión, Fredy Asdrubal
For the preparation of this work, we start from a systematic mapping, which seeks to know how requirements engineering is carried out for the development of new technological solutions in Cooperativas de Ahorro y Crédito (COACs); these developments are generally made by small software companies. The norms how for the best practices are generally non-adaptive, to the reality of a small enterprise, and sometimes expensive in their implementation. Once known how requirements engineering is performed in small companies (often empirically performed), a case study is taken to implement a specialized standard for these types of companies such as ISO / IEC 29110. Applying this standard a comparison was made between empirical and best practices; finally, generate a proposal for a framework so that requirements engineering substantially improves the quality of the technological solutions delivered to the COACs. As a result of this case study, an improvement of more than 100% was obtained, by applying best practices to an empirical process.
Quito, 2020.
2020-01-06
masterThesis
spa
Sánchez Gordón, Sandra Patricia, directora
http://bibdigital.epn.edu.ec/handle/15000/21364
/var/dspace/bitstream/15000/21364/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21364/1/CD%2010118.pdf
8def62bc51575ab68fd8a35c015dc09d
openAccess
DESARROLLO (SOFTWARE)
INGENIERÍA DE SOFTWARE
EMPRESAS
oai:bibdigital.epn.edu.ec:15000/213672021-02-11T17:14:36Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Aplicación de un Framework para la evaluación de la calidad en uso del SII-Académico de la Escuela Politécnica Nacional
Maldonado Pila, Juan Carlos
The Student Administration System of the National Polytechnic School supports in important processes of academic management, but it is working with old versions of software, so it is being migrated to a new version called the Integrated Academic Information System, for this reason the main objective of this Master's thesis is to evaluate the quality in use of the modules already migrated to the SII-Academic through a framework.
Through a literature review, it was found that the aspects to obtain a quality software product in use are: use of a standard, use of metrics applied to the attributes of quality and efficiency perceived by users when fulfilling their objectives; selecting activities proposed in the ISO / IEC 25040 standard and quality metrics in use proposed in the ISO / IEC 25022 standard.
Additionally, a satisfaction survey was carried out on teachers and students of the EPN, in the modules: login, entry of grades and hetero-evaluation to determine satisfaction regarding the use of the system, allowing to give recommendations to improve the quality of use of the system SII-ACADEMIC and so be understood, learned and used, managing to increase the productivity and satisfaction of the users of the system.
Quito, 2020.
2020-02-18
masterThesis
spa
Segura Morales, Marco Antonio, director
http://bibdigital.epn.edu.ec/handle/15000/21367
/var/dspace/bitstream/15000/21367/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21367/1/CD%2010291.pdf
d538175e90db4da7a94a1a8ece8ee6b2
openAccess
DESARROLLO (SOFTWARE)
CALIDAD
SATISFACCIÓN
oai:bibdigital.epn.edu.ec:15000/213682021-02-11T17:14:46Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de modelo de Scrum seguro aplicado a un caso de estudio
Panjón Quinde, Wilson Geovanny
This Master Thesis creates a secure software development model with agile methodologies. Scrum is used as base methodology to adding security components taking advantage of current security standards and best practices in software companies. There is a fact that secure product is due to early detection of security requirements, flaws and bugs in software development cycle. The proposed model bundles the Scrum events in stages such as: planification, identification, verification and acting to list task involved
in each stage. Model proposes a new Scrum role to coordinate and verify security tasks are executed in each event defined in model. Besides, model creates checklist for the security tasks executed in the Scrum events to verify if they were is executed in the specific sprint and detect learning opportunities for the Scrum team. This model could contribute to software development teams to include security in development cycle.
Quito, 2020.
2020-04-21
masterThesis
spa
Torres Olmedo, Jenny Gabriela, directora
http://bibdigital.epn.edu.ec/handle/15000/21368
/var/dspace/bitstream/15000/21368/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21368/1/CD%2010357.pdf
4bcc2f8be6e47991806c7ea93718f8c6
openAccess
INGENIERÍA DE SOFTWARE
CALIDAD DE SOFTWARE
SCRUM SEGURO
oai:bibdigital.epn.edu.ec:15000/215812021-05-03T17:38:20Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis correlacional entre métricas de proceso y defectos de seguridad en scripts de infraestructura como código (IaC)
Cueva Anchapaxi, Carlos Andrés
Infrastructure as Code (IaC) is fundamental in DevOps practice and is important to make sure that IaC scripts are security defects free so we can avoid introduce security weakness to the technological infrastructure or systems managed. To accomplish this goal is necessary to identify associated factors with these kinds of anomalies and fix each one. This work executes a correlational analysis with process metrics, related to software defects in source code, and security defects in IaC scripts, so we can find out the correlation level between these variables and know whether process metrics are factors correlated to security defects in scripts Puppet. Puppet repositories are downloaded from GitHub to collect process metrics and security defects are identified using static code analysis. Results allow to know that process metrics such number of revisions, number of authors revisions, number of modified lines, average number of modified lines per revision, scripts age, and security defects such admin by default, empty password, hard-coded secret, invalid IP address binding, suspicious comment, HTTP without TLS and weak cryptography algorithm, are very low correlated, with Spearman coefficient equal or less than 0.23.
Quito, 2020.
2020-04-24
masterThesis
spa
Flores Naranjo, Pamela Catherine, directora
http://bibdigital.epn.edu.ec/handle/15000/21581
/var/dspace/bitstream/15000/21581/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21581/1/CD%2010358.pdf
29925de0d08b5d4fd322bf2efbb92716
openAccess
INGENIERÍA DE SOFTWARE
INFRAESTRUCTURA
MÉTRICAS DE PROCESO
oai:bibdigital.epn.edu.ec:15000/213692021-02-11T17:14:59Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de mejoras para equipos de pruebas en base al análisis de incidencias negativas reportadas por clientes
Pulgar Salazar, Paúl Gerardo
This study presents an alternative that can be applied to improve the area of software testing
within companies dedicated to providing software as a service. At present, the applications provided are critical for the proper functioning of companies, so if they present problems, they will cause companies not to be able to comply with their activities. Although the agile environment in which applications are developed provides the tools to discover most of the errors, many of them are not found in time and can cause malfunctioning problems, affecting the compliance of business activities. In order to solve this situation, formal practices defined in the Capability Maturity Model
Integration (CMMI) framework have been adopted to improve and scale the processes in the testing area. This work has been developed in a real company that provides software as a service, so it has been possible to analyze the records of failures recorded during a year, in order to determine the most common causes of the failures experienced and discover its counterpart within CMMI.
Quito, 2019.
2019-12-09
masterThesis
spa
Navarrete Rueda, Rosa del Carmen, directora
http://bibdigital.epn.edu.ec/handle/15000/21369
/var/dspace/bitstream/15000/21369/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21369/1/CD%2010365.pdf
6d6f4d392c6f3af06395034557cbc6c1
openAccess
RETROSPECTIVA
DESARROLLO (SOFTWARE)
INCIDENCIAS
oai:bibdigital.epn.edu.ec:15000/213702021-02-11T17:15:09Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis de factibilidad en la implementación de Blockchain sobre un prototipo de infraestructura IoT-MQTT
Andrade Salinas, Guillermo Gabriel.
The Internet of Things (IoT) has shown exponential growth in recent years. However, due to the limited resources and centralized architecture, there are difficult-to-solve problems such as centralized server overload, single point of failure, and possibility of malicious use of information. Blockchain presents unique features such as consensus mechanism, peer communication, trusted implementation without a reliable third party and smart contract-based transactions. These features seem to be suited to build a distributed and autonomous IoT system in order to overcome IoT issues. High processor performance, high bandwidth, and delays are not suitable scenarios for IoT, but are common in Blockchain applications. This research presents the feasibility of deploying Blockchain by considering IoT devices as Peer nodes on a Hyperledger Fabric network. Bandwidth measurements and performance tests were performed in transactional scenarios. Additionally, a high-level model for implementation of Hyperledger Fabric platform on IoT devices is proposed.
Quito, 2020.
2020-05-05
masterThesis
spa
Salazar Chacón, Gustavo David, director
http://bibdigital.epn.edu.ec/handle/15000/21370
/var/dspace/bitstream/15000/21370/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21370/1/CD%2010367.pdf
555f6a28ec7ddfa8d71afa60f9510b2e
openAccess
SEGURIDAD
INFORMACIÓN
CONTRATOS INTELIGENTES
APLICACIONES BLOCKCHAIN
oai:bibdigital.epn.edu.ec:15000/213712021-02-11T17:15:21Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un marco de trabajo para el aseguramiento de calidad de migraciones de datos en implementaciones de software ERP
Yánez Reinoso, Diego Mauricio
The success of the implementations of ERP projects, is largely influenced by the data migration quality of the process. Most companies don’t understand the importance of the data migration and about 60-70% of all the ERP implementations at organizations around the world end in failure.
In consequence, the strategy and approach of the ERP implementation must be properly designed and documented in order to provide enough details to define the strategy, extent and the proposed activities related to the data migration. In this research the authors present strategies for the data migration process in terms of freezing the data, obtain and provide the access to the data in legacy systems and third party; guaranteeing they are enabled in the ERP destination system. All of this once the data have been cleaned and validated before and after the data loading.
The framework proposal of this research is mainly focused in the data to be gathered and migrated from the company to the new ERP, is the strictly necessary in order to the current processes of the company keeps functional in the system.
Also focuses on the ERP provider who is an expert, has the same and/or a greater responsibility of the information the ERP needs for its operation.
Quito, 2020.
2020-02-18
masterThesis
spa
Segura Morales, Marco Antonio, director
http://bibdigital.epn.edu.ec/handle/15000/21371
/var/dspace/bitstream/15000/21371/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21371/1/CD%2010376.pdf
c4ac7136c336ee1178e40ebc87acf554
openAccess
CALIDAD
MIGRACIÓN DE DATOS
DESARROLLO (SOFTWARE)
oai:bibdigital.epn.edu.ec:15000/213722021-02-11T17:15:32Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis de mantenibilidad y portabilidad del framework react native aplicando la norma ISO/IEC 25010 mediante un caso de estudio en la aplicación de gestión de eventos OAQ
Mena Alvarado, Darwin Antonio
This Master Thesis aims to evaluate the maintainability and portability of the React Native(RN) framework, as it is a new development environment companies and developers ask themselves questions about how easy it is to modify and transfer a software product from one environment to other. For which it makes use of a standardized quality model such as the one proposed in the ISO / IEC 25010 standard through a case study, in this way all the metrics of the sub-characteristics are evaluated, generating quantitative results that indirectly indicate how portable and maintainable it is the React Native framework and also the methodology applied in this study is a tool that allows generating good development practices that notably increase the quality of the software product.
Quito, 2020.
2020-06-01
masterThesis
spa
Santórum Gaibor, Marco Oswaldo, director
http://bibdigital.epn.edu.ec/handle/15000/21372
/var/dspace/bitstream/15000/21372/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21372/1/CD%2010421.pdf
c01b5f2fe6ccd09a8f59b28132ce7356
openAccess
CALIDAD DE SOFTWARE
GESTIÓN
EVENTOS
oai:bibdigital.epn.edu.ec:15000/213742021-02-11T17:15:50Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis comparativo a nivel transaccional de brokers MQTT (Mosquitto, Mosca y Emq) con respecto a la disponibilidad en infraestructuras IoT ante ataques DDoS
Amaguaya Ramos, Richard Xavier
In this project, the development of IoT (Internet of things) infrastructures is presented as proofs of concept evaluating three different MQTT Brokers (Mosquitto, Mosca and EMQ) against DDoS attacks. The objective of the project is to provide information on which of them is optimal with respect to availability, considering four quality metrics (KPI's-Key performance indicator): 1) MTTD-Mean Time to Detect, 2) MTTR-Mean Time to Resolve, 3) MTTF-Mean Time to Failure, and 4) MTBF-Mean Time Between Failures. For the development of the project, two methodologies were applied. The first methodology corresponds to the XP development methodology and the second corresponds to the comparative method, which allowed us to satisfactorily fulfill each objective set forth in the project. For this, we start with the identification of the central problem and data collection for subsequent analysis. In accordance with the literature review, a practical case was prepared. During the implementation of the IoT infrastructures, certain differences were evident with each of the MQTT Brokers and during the tests with two tools used for DDoS attacks: Metasploit (SYNFLOOD) and LOIC (Low Orbit Ion Cannon), essential data was collected for subsequent interpretation of results. As conclusion, it was possible to determine which broker is optimal. Additionally, recommendations were prepared before starting a project with this type of emerging technologies.
Quito, 2020.
2020-06-15
masterThesis
spa
Salazar Chacón, Gustavo David, director
http://bibdigital.epn.edu.ec/handle/15000/21374
/var/dspace/bitstream/15000/21374/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21374/1/CD%2010446.pdf
22feca0eadaf7bb5d4d3e665ef72cf82
openAccess
DESARROLLO (SOFTWARE)
BROKERS
INFRAESTRUCTURA
oai:bibdigital.epn.edu.ec:15000/213752021-02-11T17:16:02Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Diseño de un Sistema Criptográficamente Seguro de Dinero electrónico
Vargas Salazar, Mónica Patricia
The project is a prototype analysis that consists on a design of a cryptographically secure system for electronic money, for which the Ecuadorian legislation was applied. This led to raising of requirements by taking into account that each banking institution has its own data system.
This project presents hypothetical intercommunication between banks that protect transactions that take place between these institutions and propose those to be regulated by the Central Bank of Ecuador.
The study was carried out using Design Methodology and NIST Standards, Hyperledger Fabric as the main tool, to stablish recommendations related to vulnerability.
Quito, 2020.
2020-07-08
masterThesis
spa
Mafla Gallegos, Luis Enrique, director
http://bibdigital.epn.edu.ec/handle/15000/21375
/var/dspace/bitstream/15000/21375/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21375/1/CD%2010485.pdf
9741c099cab776bb02a3a7b072d46f13
openAccess
DESARROLLO (SOFTWARE)
CONTRATOS INTELIGENTES
CRIPTOGRAFÍA
oai:bibdigital.epn.edu.ec:15000/213762021-12-14T13:54:03Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un modelo para la calidad del proceso de desarrollo de juegos serios educativos
Cevallos López, Andrés Alejandro
This work describes the development of an educational serious game development process quality model. The proposed model aims to serve as a guide to develop serious educational games with quality.
For the model development, a systematic literature review was performed about methods, frameworks and existing quality models for serious games development. Through the studies analysis, process quality criteria and good practices were obtained to incorporate them into an existing quality model. Additional quality criteria were obtained through the study of serious educational game development projects.
After obtaining the quality criteria and good practices, existing software development quality models were studied, of which CMMI-Dev 1.3 was selected as reference for the elaboration of the model. The quality criteria were added to the CMMI-Dev 1.3 quality model resulting in a model extension called CMMI-Dev 1.3 Educational Serious Games extension.
Quito, 2019.
2019-12-18
masterThesis
spa
Santorum Gaibor, Marco Oswaldo, director
http://bibdigital.epn.edu.ec/handle/15000/21376
/var/dspace/bitstream/15000/21376/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21376/1/CD%2010585.pdf
54c265944389e3b1970c4a7124e33693
openAccess
TECNOLOGÍA
CALIDAD
CONECTIVIDAD
oai:bibdigital.epn.edu.ec:15000/213772021-02-11T17:16:25Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Estrategia para la evaluación de vulnerabilidades del sistema de notas de instituciones educativas utilizando técnicas de hacking ético. caso de estudio: Instituto Tecnológico Quito
Galarza García, David Esteban
The present Master's degree work develops a guide with the aim of executing a strategy for evaluating vulnerabilities in the grade system of educational institutions. To carry out
this analysis procedure, check the following stages of ethical hacking: recognition, scanning, obtaining access, maintaining access and covering or deleting fingerprints, which allows identifying security breaches that directly affect the note system. The tools, guides and techniques on which they will be based on the evaluation are: Kali Linux and OWASP since they have an adequate ecosystem presenting results that serve as input to execute each stage of ethical hacking.
Educational institutions have seen the need to safeguard the information generated and processed in the academic system, for this reason, a specific guide will be developed based on the information collected from ethical hacking. This guide will serve as a strategy to assess vulnerabilities that directly affect the note system using analytical criteria aligned to ethical hacking and the aforementioned tools.
Quito, 2020.
2020-09-07
masterThesis
spa
Barona López, Lorena Isabel, directora
http://bibdigital.epn.edu.ec/handle/15000/21377
/var/dspace/bitstream/15000/21377/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21377/1/CD%2010605.pdf
48979545e31fd798054d401aada859f3
openAccess
DESARROLLO (SOFTWARE)
HACKING ÉTICO
VULNERABILIDAD
oai:bibdigital.epn.edu.ec:15000/213782021-02-11T17:16:33Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Procesamiento de imágenes de twitter o urls asociados, clasificados como sospechosos de estar relacionados con trata de personas
Granizo Pilataxi, Sergio Leonardo
The use of the internet is an essential part of today's life. However, it has also become a door for extortion, kidnapping, fraud, human trafficking, among other crimes. In this context, this Master's thesis intends to process and classify images published by Twitter users to determine whether or not there is possible human trafficking, for which faces and torsos are detected in said photos. The images were obtained from a list of Twitter messages that were already labeled as suspects of the crime of human trafficking, within the work carried out in the research project PIS-17 10.
The aforementioned seed project works to detect scenarios related to the crime of human trafficking using natural language processing and focuses exclusively on the group of minors to identify people who are being abused and who are promoted by the media. digital. In such a way that in this thesis it is proposed to carry out the processing of images that allow classifying people under 14 years of age through their photographs published on Twitter that serve to attract “clients”. It should be noted that, in most countries, the law defines that any person under the age of 14 who is being used for sexual exploitation is directly considered a victim of human trafficking.
Quito, 2020.
2020-09-19
masterThesis
spa
Hernández Álvarez, Myriam Beatriz, directora
http://bibdigital.epn.edu.ec/handle/15000/21378
/var/dspace/bitstream/15000/21378/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21378/1/CD%2010633.pdf
c58f5bc141141d6b3ae649484d21e088
openAccess
MACHINE LEARNING
REDES SOCIALES
PROCESAMIENTO DE IMÁGENES
oai:bibdigital.epn.edu.ec:15000/213792021-02-11T17:16:42Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Marco de trabajo para el proceso de migración de datos de productos financieros en cooperativas de ahorro y crédito del Ecuador
Guerrero Cueva, Marcos Damián
We propose a framework called Financial Migration Framework that exposes guidelines for the process of information migration that protects the legacy information and ensures the quality of information for correct operation of the target application. For validation purposes, the framework was applied in two Entities, allowing the evaluation of the financial information clients' privacy and
the process duration. To visualize these results, surveys were applied to the stakeholders who participated in each activity, and the results indicate for both Entities the quality of the migrated information allows the correct operation of the new target system, even though the process duration did not meet their expectations.
Quito, 2020.
2020-09-21
masterThesis
spa
Segura Morales, Marco Antonio, director
http://bibdigital.epn.edu.ec/handle/15000/21379
/var/dspace/bitstream/15000/21379/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21379/1/CD%2010671.pdf
a3b0236012ef52e88370e170cbf461a1
openAccess
FINANZAS
DATOS FINANCIEROS
CONTROL DE CALIDAD
oai:bibdigital.epn.edu.ec:15000/213802021-02-11T17:16:52Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Diseño e implementación de un framework para la evaluación de la calidad de datos en un datawarehouse en el sistema de registro fuente (clientes) de una entidad financiera
Torres Tipantiza, Freddy Rubén
The objective of this work is the design and implementation of a framework for the evaluation of data quality of a data warehouse, in the source registration system (clients) of a financial institution. The proposed framework was based on a bibliographic review of similar sources that fit the needs, which provides a framework composed of phases that facilitate and guarantee quality information.
Based on the content of the information, four dimensions with their respective seven quality factors were selected for the evaluation of the data warehouse. Understanding these concepts allowed for a broader perception of the evaluation process. In the same way, it was determined that the dimension of completeness of the density factor (null and blank fields) obtains the lowest average of the analysis, which corresponds to 8.27/10.
With the results obtained in the evaluation, a total average of 9.347 is determined, which places it in a satisfactory range. With this, it can be seen that the quality of the data warehouse is admissible; however, for a financial institution, it is required to achieve a highly satisfactory degree, because its line of business demands quality information.
In a business environment such as finance, its successes are based on the quality and enrichment of data; however, although it is true that the evaluated financial entity presents an average data quality of 9.35/10 in the source record, this is not enough, since an adequate data quality strategy must also be considered, which will allow the entity to improve its image and brand.
Quito, 2020.
2020-12-15
bachelorThesis
spa
Molina Bustamante, Marco Eduardo, director
http://bibdigital.epn.edu.ec/handle/15000/21380
/var/dspace/bitstream/15000/21380/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21380/1/CD%2010812.pdf
93cb81b882d4bbf4bd1bd9d45281b58c
openAccess
FINANZAS
DESARROLLO (SOFTWARE)
CALIDAD DE DATOS
oai:bibdigital.epn.edu.ec:15000/213812021-02-11T17:17:03Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Aplicación de controles del estándar iso 27002 para la prevención de vulnerabilidades en la privacidad de datos en servicios web del framework laravel
Páez Ortiz, Pablo Santiago
This research project has as main goal the application of ISO 27002 and ISO 27701 guidelines controls in order to prevent data privacy vulnerabilities among Laravel Framework web services and, through its application, the generation of a specific improvement guidance manual. For the theoretical development it is made a review of related works, in which is applicated the Action Research methodology. With all the basic concepts knowns, the methodology was applied counting on ground basis for its execution like: diagnosis, planning future actions, evaluation of these actions and identification of methodology application findings.
After identifying SECAP initial status, privacy data vulnerabilities analysis was performed. Also, the evaluation of data, access systems and networking threats; obtaining a very high measured risk.
After all the analysis and evaluations, it was defined policies that included specific measures in order to mitigate any identified threats over informatic goods. Every one of the measures is based on the probability of occurrence of a malicious even and the related risk. All of that to reduce the total weight of the measured risk.
As part of the results of the analysis, it was found several vulnerabilities on Authentication module web services, as part of the studied module. Based on those vulnerabilities and the related threats, it was developed an improvement policies plan, in order to SECAP can prevent all found vulnerabilities.
Quito, 2020.
2020-12-12
masterThesis
spa
Loza Aguirre, Edison, director
http://bibdigital.epn.edu.ec/handle/15000/21381
/var/dspace/bitstream/15000/21381/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21381/1/CD%2010854.pdf
e470c4e781a3c43e8ee04a273f4d9f68
openAccess
DESARROLLO (SOFTWARE)
SEGURIDAD INFORMÁTICA
PRIVACIDAD DE DATOS
oai:bibdigital.epn.edu.ec:15000/213822021-02-11T17:17:14Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Mapeo entre las áreas de proceso de “Definición e ingeniería del producto” y “Aseguramiento del éxito del producto” del modelo CMMI-DEV ver. 1.3 y la familia de estándares ISO/IEC 330XX
Reyes Cifuentes, Víctor Humberto
In the present work, first, through a Systematic Literature Review, the relevant studies of these frameworks in the selected process areas are analyzed. Then, the SFramework methodology is applied, which allows to homogenize and define the elements and structures to be compared between both frameworks. Based on this, the mapping of the frames of reference is carried out and a level of correspondence between these is established.
The results of the research serve as a guidance tool so that any organization that wishes to simultaneously apply these frameworks can reach a greater degree of maturity in its processes related to "Product Definition and Engineering" and "Product Success Assurance".
Quito, 2021.
2021-01-19
masterThesis
spa
Montenegro Armas, Carlos Estalesmit William, director
http://bibdigital.epn.edu.ec/handle/15000/21382
/var/dspace/bitstream/15000/21382/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21382/1/CD%2010863.pdf
10e26f12857783992e4878f179ccef79
openAccess
DESARROLLO (SOFTWARE)
GESTIÓN DE CALIDAD
NORMAS ISO
oai:bibdigital.epn.edu.ec:15000/213832021-02-11T17:17:24Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis de seguridad de aplicaciones Android en base al top 10 de OWASP 2016
Borja Saltos, Thomás Ricardo
Mobile Applications have become part of our daily lives so that almost every web or desktop application can be executed from a smartphone, i.e., social networking, Internet shopping, on-line banking, gaming applications, among others. Furthermore, most of the existing mobile applications in digital stores are Android-based applications. Security in these kinds of applications is an issue that must be addressed because they handle sensitive personal information exposed to be exploited or misused by malicious agents. In this context, we have performed a complete security penetration testing on several Android applications following the most common risks according to OWASP mobile 2016 and using different tools such as Drozer, Dex2jar, Android Debug Bridge, among others. For each of the scenarios, we describe the vulnerability, type of attack, application analyzed, and external used tools. Once the vulnerabilities are exposed, we show a summary of the performed attacks, a risk analysis, and security recommendations for each scenario are provided. The novelty of this work is the provisioning of a risk matrix that resumes the main points of each attack and the whole vulnerability analysis in mobile devices, as it does not exist in the official site of OWASP.
Quito, 2021.
2021-01-11
masterThesis
spa
Barona López, Lorena Isabel, directora
http://bibdigital.epn.edu.ec/handle/15000/21383
/var/dspace/bitstream/15000/21383/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21383/1/CD%2010866.pdf
bb6b14ab5aac8b132b235c4b85c560fc
openAccess
SEGURIDAD DE SOFTWARE
CALIDAD DE SOFTWARE
APLICACIÓN MÓVIL
oai:bibdigital.epn.edu.ec:15000/213842021-02-11T17:17:36Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un ciclo de gestión de riesgos utilizando modelos de amenazas y controles de seguridad ISO/EC 27002 / EGSI / RGPD
Perugachi Cartagena, Ricardo Alcibiadis
At present, a greater number of information systems consume and store sensitive data of their different actors, considering that information is a valuable asset, every day there are more attacks that try to steal this data, thus violating not only the systems, but also also the privacy of people. Faced with this reality, it is necessary to carry out adequate risk management, which considers the privacy of the information and allows organizations to protect the sensitive data they possess.
The objective of this Master's thesis is to propose a "Risk Management Cycle", which makes use of the guidelines provided by the ISO 27005 standard, taking into consideration the controls proposed by the international standard ISO 27002, as well as the guidelines of the "Government Information Security Scheme” of the Ecuadorian state and finally considering the European “General Data Protection Regulation” in order to ensure the privacy of sensitive personal data.
The risk management cycle to be proposed will be evaluated through a case study based on different attacks on sensitive information reported in the network, once the study is defined, an automated threat model will be carried out and risk assessment will be carried out they will use attack and defense trees. During the risk management cycle, work will be done with both inherent risk and residual risk, which are the values that will determine how effective the cycle has been.
Quito, 2021.
2021-01-19
masterThesis
spa
Flores Armas, Denys Alberto, director
http://bibdigital.epn.edu.ec/handle/15000/21384
/var/dspace/bitstream/15000/21384/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21384/1/CD%2010869.pdf
3fa25266f58a1f150fa6653de0d719fe
openAccess
GESTIÓN DE RIESGOS
SEGURIDAD DE LA INFORMACIÓN
NORMAS ISO
oai:bibdigital.epn.edu.ec:15000/214982021-03-23T14:39:14Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación de la eficiencia de ataques de tipo clickjacking y touchjacking en entornos controlados
Cajías Borja, Eduardo Fabricio
This degree project evaluates the methodologies of clickjacking and touchjacking attack in a controlled environment, being the main objective to determine the level of efficiency of each of these attacks under certain conditions, likewise mitigation measures suggested by authors within the research conducted are implemented, for the development of the research the following steps were performed: 1) Development of the attack scenario 2) Threat assessment of the attack scenario 3) Development of the attack tree 4) Critical vectors of the proposed scenario 5) Evaluation of attack and mitigation techniques.
For the research project an experimental method is used in order to modify each of the variables of the proposed scenarios and determine the effects caused in each of them, also a qualitative method is implemented in order to determine characteristics and conditions that may present a higher risk against this type of attacks.
The result of the analysis of clickjacking and touchjacking techniques seeks to establish sanitization measures and implementation of good practices, as well as the use of standards in web development to improve security within web applications.
Quito, 2020.
2020-12-18
masterThesis
spa
Flores Armas, Denys Alberto, director
http://bibdigital.epn.edu.ec/handle/15000/21498
/var/dspace/bitstream/15000/21498/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21498/1/CD%2010910.pdf
3cb7d53221674de215d4bf426c814ecc
openAccess
SEGURIDAD INFORMÁTICA
EFICIENCIA DE ATAQUES
VULNERABILIDAD WEB
oai:bibdigital.epn.edu.ec:15000/216022021-05-07T20:00:48Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de modelo de gestión documental académica inteligente empleando Blockchain.
Ronquillo Maigua, Gladys Maribel
This Master's thesis presents a smart academic document management model using
Blockchain for private Educational Institutions, this model is supported on ISO 15489
standard as a base guideline for identification the principles and characteristics that a
document management system must present, allowing contribute and support the
management of academic documents, such as: documents, processes, policies and
responsibilities. In addition, with the support of the broad technological portfolio that
Amazon Web Services (AWS) provides, it establishes an architectural guide that bases
the guidelines for a possible implementation. Therefore, this solution will ensure the
security, availability, integrity and authenticity of documents through the use of
HyperLedger Fabric’s smart contracts. This model does not present costs involved in
implementing on AWS.
Quito, 2021
2021-05-04
masterThesis
Torres Olmedo, Jenny Gabriel, director
http://bibdigital.epn.edu.ec/handle/15000/21602
/var/dspace/bitstream/15000/21602/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21602/1/CD%2011087.pdf
34a0f0b44887008cbc952829c2be4352
openAccess
NORMA ISO 15849
SISTEMA DE GESTIÓN DOCUMENTAL
oai:bibdigital.epn.edu.ec:15000/216182021-05-15T01:47:22Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de modelo para perfilamiento de usuarios de e-Learning con consideraciones de Accesibilidad
Aguilar Mayanquer, Carmen Rocío
In this study, a model for the generation of profiles of users with disabilities is proposed. This model allows e-Learning platforms to have information on the accessibility needs of users as an input for the automated adaptation of their interfaces. This would allow equitable access for all students with and without disabilities. In this context, different studies related to the creation of user profiles on e-Learning platforms were identified and analyzed. The presented model considers the Web Content Accessibility Guidelines (WCAG) that can be implemented in the interfaces of e-Learning platforms and the metadata that represent the accessibility needs of users based on Schema.org. The prototype testing was carried out using WAVE and the ARC Toolkit. The validation with the support of forty-four users was carried out using the System Usability Scale (SUS). The most prominent results of this study are the identification of the WCAG success criteria that can be implemented automatically, the inclusion of two special categories for the combined accessibility needs related to the elderly and linguistics, and the automatic generation of the profile as an XML file that contains the metadata.
Quito, 2021
2021-04-23
masterThesis
Sánchez Gordón, Sandra Patricia, directora
http://bibdigital.epn.edu.ec/handle/15000/21618
/var/dspace/bitstream/15000/21618/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21618/1/CD%2011102.pdf
3b9b16ac0e0e2fdf6d45c8e2148656a6
openAccess
DISCAPACIDADES
WEB
oai:bibdigital.epn.edu.ec:15000/216632021-06-03T17:42:01Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619col_15000_19619
Análisis del impacto de un ataque DoS en la calidad de servicio de sistemas streaming multimedia en redes SDN.
Mantilla Yunga, Christian Giovanny
Software Defined Networks (SDN) stand out for their flexibility to adapt to new services and reduce
management costs. Additionally, multimedia streaming applications are one of the most important
services in the network, although they demand high requirements on the quality of service (QoS). Despite
the benefits that SDN offers over multimedia streaming services, vulnerabilities can use can cause various
attacks on the network, such as Denial of Service (DoS) attacks. The effects of a DoS attack on the QoS
of multimedia services in SDN networks have not been thoroughly analyzed. For this reason, this work
proposes a proposes an arquitecture to test and analyze the effect of different types of DoS attacks to be
carried out on the elements of an SDN network that transmit multimedia information in real time. The
architecture enables the comparison between two scenarios (normal vs. under attack) and the effect on
QoS / QoE in terms of Detail Loss Metric / ADM2 (DLM / ADM2), Structural Similarity Index Measure
(SSIM), Peak Signal to Noise Ratio (PSNR) and Video Multimethod Assessment Fusion (VMAF). The
test attacks carried out are: spoofing to the SDN network, flooding to the multimedia streaming server and
the client server. The results obtained show that the attack on the multimedia client is more effective: in
QoS, the ADM2 which is reduced by 20 %, PSNR by 56 %, SSIM by 24 %, and for QoE with VMAF,
you get a score of 54 \% video quality perception.
Quito, 2021
2021-06-03
masterThesis
Valdivieso Caraguay, Ángel Leonardo, director
http://bibdigital.epn.edu.ec/handle/15000/21663
/var/dspace/bitstream/15000/21663/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21663/1/CD%2011143.pdf
4b617200d4b712e74b1d68b139fa387d
openAccess
SOFTWARE
VIDEO STREAMING
oai:bibdigital.epn.edu.ec:15000/216702021-06-07T21:18:07Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Análisis sistémico de ataques de Spear Phishing utilizando inspección profunda de paquetes.
Cáceres Díaz, Iván Fernando
In the present Master's degree work, an experimental platform is implemented to analyze the traffic of a data network and detect Spear Phishing attacks through the use of the Deep Packet Inspection (DPI) technique. The architecture is based on virtual network environments, together with open source tools used to raise controlled environments to simulate targeted mail attacks (Spear Phishing), which will be analyzed using the deep packet inspection (DPI) technique. In addition, the performance of the resources that make up the architecture is evaluated during the execution of the simulated attacks. Finally, a technical guide for the installation, implementation and configuration of the proposed architecture is generated in order to provide an input for the lifting of experimental solutions aimed at the early detection of targeted attacks.
Quito, 2021
2021-02-01
bachelorThesis
Flores Armas, Denys Alberto, director
http://bibdigital.epn.edu.ec/handle/15000/21670
/var/dspace/bitstream/15000/21670/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21670/1/CD%2011150.pdf
21d452264b8797ceead65860ba2611a0
openAccess
SURICATA
ARQUITECTURA DE SEGURIDAD
oai:bibdigital.epn.edu.ec:15000/217552021-08-04T16:05:57Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Plan de mejora de gestión de calidad de datos para la Agencia de Regulación y Control de Electricidad.
Cáceres Tarco, Carolina Elizabeth
The purpose of this master’s dissertation is to propose a plan to improve the data quality management of the Agency for Regulation and Control of Energy and Non-Renewable Natural Resources. The plan was proposed over the methodology used in executing data quality projects. The scope of the project focuses on the following activities: i) Defining the business need and scope ii) Analyze the information environment iii) Assessing the business impact iv) Identify root causes; and, v) Develop the improvement plan. This plan can help the agency in its quest to increase the level of quality of the data used for decision making in the ecuadorian electricity sector. It would allow generate benefits for the citizens and the country. With this approach, the plan links the applicable legal regulations for the public sector information and information technology practices, resulting in the proposition of five projects aimed at improving data quality.
Quito, 2021
2021-08-02
masterThesis
spa
Loza Aguirre, Edison Fernando, director
http://bibdigital.epn.edu.ec/handle/15000/21755
/var/dspace/bitstream/15000/21755/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/21755/1/CD%2011237.pdf
c14caea013be8e3d755df3d84d718c39
openAccess
SOFTWARE
CALIDAD
oai:bibdigital.epn.edu.ec:15000/218712021-11-17T14:19:34Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Implementación de una arquitectura basada en blockchain para secuenciar la ocurrencia de eventos en bases de datos distribuidas.
Alcívar Rodríguez, Gustavo Alfonso
Auditing distributed databases could be very challenging due to the difficulty of determining the time of
occurrence of any transaction. In fact, the higher the number of distributed transactions in a short period
of time, the harder it is to order their occurrence. Despite the importance of solving this problem, very
little research has been done in the last years, which has been mostly focused on improving databases'
performance rather than their security. Meanwhile, the emerging blockchain technology in recent years
has devised elegant solutions to guarantee transactional integrity between distributed database nodes. In
this paper, we propose a blockchain-based architecture focused on transactional sequencing of events in a
distributed environment. We use an open source blockchain technology to demonstrate its functionality
for auditing purposes. We enhance audit controllers proposed in previous research to make them
blockchain-compliant. Finally, we evaluate the architectural performance and its distributed consistency
using high transactional workload within a commercial Cloud platform. Besides providing detailed
implementation guidelines using open source blockchain technology, our main contribution is
demonstrating its application for generating, collecting, and preserving audit trails in a distributed
database
Quito, 2021
2021-10-11
masterThesis
spa
Flores Armas, Denys Alberto, director
http://bibdigital.epn.edu.ec/handle/15000/21871
/var/dspace/bitstream/15000/21871/3/CD%2011358.pdf
9640a0622c84719f23d93def41d28b50
/var/dspace/bitstream/15000/21871/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
openAccess
BASES DE DATOS
AUDITORÍA
oai:bibdigital.epn.edu.ec:15000/220132021-12-27T20:18:00Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Herramienta para la evaluación del nivel de confianza de los miembros postulantes de una organización virtual basada en la ISO 27001.
Caguana Pozo, Javier Eduardo
Virtual organizations represent modern forms of organizing based on new technologies.
Even though the concept is not new, how potential members of a virtual organization interact
with each other and the risks associated with the formation and operation of these
organizations have evolved.
The present work intends to give alternative solutions to the recurrent challenge of selecting
the members, to be more specific, to maximize the outcome of the trust invested in a certain
member aspirating to be part of the organization. Which will consider various perspectives
that will allow the determination of what criteria is more relevant or highly prioritized when
the organization is being formed. The selection process will take place following the ISO
27001 regulations, the same framework that provides guidelines and controls to assure the
protection of the active information from diverse points of view.
In conclusion, the criteria consulted with diverse sources altogether with the controls (ISO
27001) allow us to elaborate a checklist that evaluates the applicants. At last, algorithms will
be applied which lead to obtaining qualifications that will serve as a reliability measurement
for each candidate and as a milestone to analyze the possible acceptance of an applicant in
the virtual organization which is in the formation process.
Quito, 2021
2021-12-27
masterThesis
spa
López, Cindy Pamela, director
http://bibdigital.epn.edu.ec/handle/15000/22013
/var/dspace/bitstream/15000/22013/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/22013/1/CD%2011508.pdf
fe96ccfc1e477fa70cde116dc0774e9e
openAccess
ORGANIZACIÓN VIRTUAL
SOCIOS
oai:bibdigital.epn.edu.ec:15000/222172022-03-02T16:44:32Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación de la usabilidad del modelo DPQ “Design Process Quality” mediante su aplicación a un caso de estudio del modelado de procesos organizacionales aplicando la norma ISO/IEC 25010.
Luzuriaga Paredes, Jorge Francisco
The best way in which an organization can carry out its business objectives, goals and expectations using
organizational processes, in which all its information is managed. For which it is important to consider that a
well-designed process requires some attention from the organization, think about a nomenclature, a
standardization, use the best effort, all this is part of a set of tools that support the improvement of the quality of
their design. Based on this idea, in 2018 in the city of Quito, a quality model was proposed for the design of
organizational processes (Galvez, 2018); which was based on the construction of a template supported by
semantic, syntactic and pragmatic perspectives; whose main objective was to build a model that replaces
traditional techniques by organizations when designing processes. Currently in this work this model known as
the "Design Process Quality" model is being evaluated, with the aim of validating its usability, which is
measured in the capacity in which it can be understood, learned and used by a specific user. Thus evaluating, if
its application continues being adequate for diverse needs, allowing its learning and correct handling; in
addition to verifying if the model pleases and satisfies in the interaction with users with different capacities,
protecting them from not making mistakes. This evaluation is carried out through the application of a case
study of an organization.
Quito, 2022
2022-03-02
bachelorThesis
spa
Santórum Gaibor, Marco Oswaldo, director
http://bibdigital.epn.edu.ec/handle/15000/22217
/var/dspace/bitstream/15000/22217/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/22217/1/CD%2011718.pdf
b8dffa7cce94ef1716e114f85787beab
openAccess
PROCESOS DE CALIDAD
SISTEMAS DE INFORMACIÓN
oai:bibdigital.epn.edu.ec:15000/245142023-08-08T16:03:13Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación experimental de la calidad de software utilizando la norma iso/iec 29110-5-1-2 con desarrolladores de software novatos.
Zúñiga Ortiz, David Fabián
In a highly competitive market, the quality of a software product is crucial as it allows the developer organization to have an advantage over other organizations. However, implementing quality standards represents a significant challenge for novice developers due to various factors such as lack of knowledge of the standards and lack of experience. Additionally, the limited resources of novice developer teams can also be an obstacle to implementing quality standards, thus limiting the growth of these teams. This study presents the results of an experiment carried out with six teams of novice software developers to explore the impact of implementing the standard ISO/IEC TR 29110-5-1-2:2011 on both the software process and product quality. In the experiment, three teams used this standard to guide developing a software product, while the other three did not. All teams used the same scope and requirements specification for the development of the product. The results of the experiment provide evidence that there is a positive impact on the quality of both process and product when ISO/IEC TR 29110 -5-1-2:2011 is implemented in novice developer environments. The software process quality assessment conducted identified the strengths and weaknesses of the process in question. The performance of the controlled teams was superior to the performance of the non-controlled teams. Likewise, the results of the product quality assessment indicate a marked difference between the controlled and non-controlled teams.
Quito : EPN, 2023.
2023-06
bachelorThesis
spa
http://bibdigital.epn.edu.ec/handle/15000/24514
/var/dspace/bitstream/15000/24514/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/24514/1/CD%2013443.pdf
3a92ea5477812ed260290c63d3a62154
openAccess
PROGRAMA DE ORDENADOR
NORMA ISO/IEC 29110
NORMA ISO 25010
EXPERIMENTACIÓN
CALIDAD DE PROCESO
CALIDAD DE PRODUCTO
oai:bibdigital.epn.edu.ec:15000/247512023-08-10T14:38:53Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Propuesta de un método de preservación de privacidad para la aplicación de inteligencia de fuentes abiertas (OSINT) durante investigaciones digitales forenses.
Guevara Camas, Jhonny Javier
This work proposes a privacy preservation method for the application of open-source intelligence
(OSINT) during digital forensic investigations. For the design of the method, a mapping of phases of a
forensic investigation, privacy principles, generic ethical principles given by PRECEPT and the phases of
the osint cycle were carried out, from this, privacy requirements were defined together with references to
articles of the LOPD (Organic Law on Data Protection). The phases of acquisition, collection and
preservation were particularly considered. Subsequently, the method was put into practice through a web
crawler using design security techniques, access control methods and security controls. The evaluation of
the method was carried out through a case study where functionality, performance and resilience were
evaluated. Functional evaluation, the effectiveness of the guidelines and privacy requirements of the
method during searches with the crawler versus a conventional browser was demonstrated. In terms of
performance, resource consumption was evidenced by three scenarios with different load where memory
was the most consumed. With regard to resilience, a threat modeling based on the adversary and another
with Microsoft Threat Modeling Tool was performed, on these threats, risk was managed through
controls of the proposed method and critical operating requirements were defined. Finally, attack
scenarios were executed where the system showed resilience according to the expected results in each
scenario.
Quito : EPN, 2023.
2023-06
masterThesis
spa
http://bibdigital.epn.edu.ec/handle/15000/24751
/var/dspace/bitstream/15000/24751/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/24751/1/CD%2013462.pdf
63e145ed59a165cbf021aefc452e9f68
openAccess
PROGRAMA DE ORDENADOR
PRESERVACIÓN DE PRIVACIDAD
INVESTIGACIÓN DIGITAL FORENSE
ISO 9001:2015
| INSTITUCIÓN PÚBLICA
OSINT
PRECEPT
oai:bibdigital.epn.edu.ec:15000/248702023-10-18T16:07:38Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Detección de ataques de denegación de servicio activados mediante botnets en redes definidas por software.
Tamayo Portero, Jaime Orlando
In recent years, the volume of traffic circulating on public and private networks has increased thanks to the
emergence of new online services. For this reason, networks periodically suffer from significant saturation and
complexity problems. Additionally, the number of IoT devices connected to the network constantly grows.
Thus, software-defined network (SDN) is a new architecture which offers innovative advantages that helps to
reduce saturation problems. Despite its advantages, SDNs introduce new security challenges. Both traditional
and SDNs networks are victims of the same types of attacks despite the difference in how their architecture
works. On this context, Distributed Denial of Service (DDoS) is considered one of the most important attacks
which can damage the normal operation of an SDN network. Furthermore, if these attacks are executed through
the use of botnets, they can harness the power of thousands of compromised devices to overwhelm and disrupt
critical online services. This paper proposes a framework for detecting DDoS attacks generated by a group of
botnets in an SDN network. The framework is implemented using open-source tools such as Mininet and
OpenDaylight and tested in a centralized network topology using BYOB and SNORT. The results of the
experiments demonstrate that the system can rapidly identify an attack in real-time by implementing an
intrusion detection mechanism in the victim client. Our proposed solution offers a quick and effective detection
method against DDoS attacks in SDN networks. The framework can successfully differentiate the type of attack
with high accuracy in a short time
Quito : EPN, 2023.
2023-09-18
masterThesis
spa
http://bibdigital.epn.edu.ec/handle/15000/24870
/var/dspace/bitstream/15000/24870/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/24870/1/CD%2013552.pdf
23d57ec53fa56e6ee74d57f81a832fc7
openAccess
SEGURIDAD DE LA INFORMACIÓN
DENEGACIÓN DE SERVICIO
REDES DEFINIDAS POR SOFTWARE
BOTNETS
SISTEMA DE DETECCIÓN DE INTRUSOS
Protección de datos
oai:bibdigital.epn.edu.ec:15000/250392023-11-09T22:15:12Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Aplicación y análisis de rendimiento de bases de datos cifradas para el almacenamiento seguro de registros médicos electrónicos: caso de estudio cryptdb.
García Bautista, Fabián Santiago
This study presents an investigation into the performance of CryptDB, a database system providing practical and provable confidentiality in the face of an adversary who captures all stored data, under different cloud-based architectures. The research aims to determine how different configurations impact the scalability and efficiency of CryptDB. The cloud architectures examined include an encrypted environment with no scaling (EENS), an encrypted environment with scaling (EEWS), and an unencrypted data (UE) architecture. A load testing tool, k6, is used to simulate various concurrent user scenarios. The results demonstrate that the proposed EEWS architecture can reduce latency by up to 50%, though it also highlights CryptDB's limitations, including poor CPU utilization and inadequate documentation. Recommendations are provided for future enterprise projects considering CryptDB. Further research can expand upon this work by considering other alternative tools and their performance under high concurrency.
Quito : EPN, 2023.
2023-10
masterThesis
spa
http://bibdigital.epn.edu.ec/handle/15000/25039
/var/dspace/bitstream/15000/25039/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/25039/1/CD%2013869.pdf
4e62ddc0399bffeba6ebcc2bb0cb5bff
openAccess
PROGRAMA DE ORDENADOR
CRYPTDB
ARQUITECTURA BASADA EN LA NUBE
EVALUACIÓN DE RENDIMIENTO
PRUEBAS DE CARGA
ESCALABILIDAD
SEGURIDAD
oai:bibdigital.epn.edu.ec:15000/252232023-11-23T19:59:15Zcom_15000_19618com_15000_7598com_15000_7595com_15000_23col_15000_19619
Evaluación de riesgos de seguridad de la información y generación del plan de gestión de incidentes. Caso de estudio fondo para la protección del agua (FONAG).
Chicaiza Chabla, Paul Vinicio
In a highly competitive market, the quality of a software product is crucial as it allows the developer organization to have an advantage over other organizations. However, implementing quality standards represents a significant challenge for novice developers due to various factors such as lack of knowledge of the standards and lack of experience. Additionally, the limited resources of novice developer teams can also be an obstacle to implementing quality standards, thus limiting the growth of these teams. This study presents the results of an experiment carried out with six teams of novice software developers to explore the impact of implementing the standard ISO/IEC TR 29110-5-1-2:2011 on both the software process and product quality. In the experiment, three teams used this standard to guide developing a software product, while the other three did not. All teams used the same scope and requirements specification for the development of the product. The results of the experiment provide evidence that there is a positive impact on the quality of both process and product when ISO/IEC TR 29110 -5-1-2:2011 is implemented in novice developer environments. The software process quality assessment conducted identified the strengths and weaknesses of the process in question. The performance of the controlled teams was superior to the performance of the non-controlled teams. Likewise, the results of the product quality assessment indicate a marked difference between the controlled and non-controlled teams.
Quito : EPN, 2023.
2023-09
masterThesis
spa
http://bibdigital.epn.edu.ec/handle/15000/25223
/var/dspace/bitstream/15000/25223/2/license.txt
8a4605be74aa9ea9d79846c1fba20a33
/var/dspace/bitstream/15000/25223/1/CD%2013883.pdf
9e37a5780b3dd97b98e2efae3b1dd899
openAccess
PROGRAMA DE ORDENADOR
ANÁLISIS DE RIESGOS
GESTIÓN DE INCIDENCIAS
VULNERABILIDAD
AMENAZA
SALVAGUARDAS