Evolveum's commitment to evolution and innovation emerged into natural cooperation with Academia. We strive to combine past experience and expertise with modern theoretical findings. We avoid repeating the same mistakes from the past by exploring new approaches, where theoretical research is a foundation for future improvements. Through the volunteers, mostly students (bachelors, masters, engineers, phds), we lay down theoretical basis for future development. When the results from the research are proven to be usable in practice then we are trying, again preferably with student cooperation, to "productize" them.
If you are interested in starting cooperation with us, please do not hesitate to contact us.
Abstract: Thesis analyzes various languages for schema description. It analyzes them in various fields: construction, extensibility, extension, and also their usability.
Furthermore it compares these languages and identifies requirements of identity management, and the compliance with the analyzed languages. This thesis also indicates the suitability of the languages for identity management problem.
Abstract: Identity management provides managing user’s information in various systems, their access rights and accounts. These information are usually stored in various heterogeneous databases or identity stores. Analyzing and maintaining these data is complicated because of data incompleteness and inconsistency.
Identity management systems deals with integration of user’s accounts and access rights, usually stored in various identity stores. In the thesis we explain main principles of identity management systems and main technologies. Later we describe methods for data correlation and compare four existing systems with focus on correlation mechanisms.
Author: Erik Suta
Type: Bachelor Thesis
Work on my bachelor thesis was closely linked with Java platform, specifically its performance and profiling. I have managed to implement a prototype - simple client-server profiling tool, which introduced popular profiling features such as profiling of only selected methods or selection of aspects of java application performance which would be monitored. One completely new profiling method, profiling based on method parameter values, was also introduced. I have successfully defended my thesis (angel) and received praise for exceptional thesis by the Dean of our faculty, FIIT STU (Faculty of Information and Informational Technologies, Slovak University of Technology, Bratislava) in June 2013.
In September 2013, I have partially integrated the results and ideas from my BP into our identity management software, midPoint. This partial implementation is available since midPoint version 2.2.1. In version 3.0 (planned for May 2014), midPoint will contain full implementation of profiling subsystem based on my bachelor thesis. Of course, the implemented profiling subsystem is vastly different from prototype implemented in bachelor thesis, mainly because it was designed specifically for midPoint purposes.
Main differences are:
• Thesis used external java agent to connect to profiled application and then collected performance information using dynamic runtime bytecode injection and JMX. In midPoint, we are still using JMX, but the need for external agent is not present here and we are using build-in AspectJ profiling module to collect performance information.
• Thesis used sockets to transfer profiling information to server, where they were evaluated and published. In midPoint, profiling information are partially evaluated by midPoint itself and then published in the logs. To perform detailed analysis, we use special external tool. This step was taken for simple reason – to overcome performance overhead that is linked with all profiling tools. Profiling in midPoint causes almost none or very low profiling overhead.
If you are interested in reading my bachelor thesis, you can do it here: BT_Java_performance_monitoring_12/13.pdf
If you are interested in midPoint implementation of concepts described in my bachelor thesis, please refer to development documentation (bear in mind, that the implementation is still in progress) or if you want to use it yourself, refer to profiling configuration in administration interface.
Author: Katarina Valalikova
Type: Diploma Thesis
The aim of my diploma thesis was to find a way how to ensure the consistency between different databases/systems in the field of identity management. I designed the algorithm which was influenced by three basic principles:
- relative changes,
- CAP Theorem,
The mechanism tries to minimize risk of inconsistencies and if they even happen, it tries to reasonably react and bring the data to the consistent state. This proposed mechanism was implemented and tested in one of the open-source identity management solution called midPoint. After I successfully defended my diploma thesis I started to enhance the mechanism to be usable also in the real deployments. Some of the improvements were made and today, the mechanism is part of the midPoint product since version 2.1.
I received a praise of the dean of the faculty and I was also suggested for the dean price. My diploma thesis was also selected as one of the top 10 diploma thesis of all diploma theses in the school year (2011/2012) and you can find my diploma thesis in the gallery of the best from Czech and Slovakia (http://www.acm-spy.cz/index.php?cid=13&rocnik=2012 topic: "Konzistencia údajov pri správe podnikových identít") and full text is available here: http://www.acm-spy.cz/data/gallery2012/acmspy2012_submission_16.pdf
Description of consistency mechanism which is practically used in midPoint can be found in the section Consistency Mechanism.