Npm-pakettiekosysteemin uhat

Tässä kandidaatintutkielmassa luodaan katsaus npm-pakettivarastoon liittyviin tietoturvauhkiin. Tutkimus käy läpi, minkälaisia uhkia npm-pakettivaraston liittyy ja pohtii myös, mitä sovelluskehittäjä voi tehdä mahdollisten uhkien suhteen. Lopuksi toteamme, ettei npm sinällään ole erityisen vaarallin...

Full description

Bibliographic Details
Main Author: Heimonen, Antti
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Informaatioteknologia, Information Technology, Jyväskylän yliopisto, University of Jyväskylä
Format: Bachelor's thesis
Language:fin
Published: 2022
Subjects:
Online Access: https://jyx.jyu.fi/handle/123456789/80916
_version_ 1826225796614717440
author Heimonen, Antti
author2 Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_facet Heimonen, Antti Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä Heimonen, Antti Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_sort Heimonen, Antti
datasource_str_mv jyx
description Tässä kandidaatintutkielmassa luodaan katsaus npm-pakettivarastoon liittyviin tietoturvauhkiin. Tutkimus käy läpi, minkälaisia uhkia npm-pakettivaraston liittyy ja pohtii myös, mitä sovelluskehittäjä voi tehdä mahdollisten uhkien suhteen. Lopuksi toteamme, ettei npm sinällään ole erityisen vaarallinen, mutta sovelluskehittäjän kannalta on ehkä tärkeintä tiedostaa ulkoisen koodin käyttöön liittyvät riskit. In this bachelor’s thesis we take a look at the security issues concerning npm packet ecosystem. We investigate some security issues that npm may have and what a developer can do to protect against these issues. At the end we reason that npm is not very dangerous itself, but it is important for a developer to know of these security concerns.
first_indexed 2024-09-11T08:49:03Z
format Kandityö
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Lakanen, Antti-Jussi", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Heimonen, Antti", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2022-05-06T05:46:26Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2022-05-06T05:46:26Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2022", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/80916", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "T\u00e4ss\u00e4 kandidaatintutkielmassa luodaan katsaus npm-pakettivarastoon liittyviin\ntietoturvauhkiin. Tutkimus k\u00e4y l\u00e4pi, mink\u00e4laisia uhkia npm-pakettivaraston liittyy ja pohtii\nmy\u00f6s, mit\u00e4 sovelluskehitt\u00e4j\u00e4 voi tehd\u00e4 mahdollisten uhkien suhteen. Lopuksi toteamme, ettei\nnpm sin\u00e4ll\u00e4\u00e4n ole erityisen vaarallinen, mutta sovelluskehitt\u00e4j\u00e4n kannalta on ehk\u00e4 t\u00e4rkeint\u00e4\ntiedostaa ulkoisen koodin k\u00e4ytt\u00f6\u00f6n liittyv\u00e4t riskit.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "In this bachelor\u2019s thesis we take a look at the security issues concerning npm packet ecosystem. We investigate some security issues that npm may have and what a developer\ncan do to protect against these issues. At the end we reason that npm is not very dangerous\nitself, but it is important for a developer to know of these security concerns.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2022-05-06T05:46:26Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2022-05-06T05:46:26Z (GMT). No. of bitstreams: 0\n Previous issue date: 2022", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "14", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.title", "value": "Npm-pakettiekosysteemin uhat", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202205062569", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietotekniikka", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Mathematical Information Technology", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "602", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietotekniikka", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "sovelluskehittimet", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "ohjelmistokehitt\u00e4j\u00e4t", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
id jyx.123456789_80916
language fin
last_indexed 2025-02-18T10:56:13Z
main_date 2022-01-01T00:00:00Z
main_date_str 2022
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/76df8319-ea5a-4f0e-9bcc-20b53c716985\/download","text":"URN:NBN:fi:jyu-202205062569.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2022
record_format qdc
source_str_mv jyx
spellingShingle Heimonen, Antti Npm-pakettiekosysteemin uhat Tietotekniikka Mathematical Information Technology 602 tietotekniikka sovelluskehittimet tietoturva ohjelmistokehittäjät
title Npm-pakettiekosysteemin uhat
title_full Npm-pakettiekosysteemin uhat
title_fullStr Npm-pakettiekosysteemin uhat Npm-pakettiekosysteemin uhat
title_full_unstemmed Npm-pakettiekosysteemin uhat Npm-pakettiekosysteemin uhat
title_short Npm-pakettiekosysteemin uhat
title_sort npm pakettiekosysteemin uhat
title_txtP Npm-pakettiekosysteemin uhat
topic Tietotekniikka Mathematical Information Technology 602 tietotekniikka sovelluskehittimet tietoturva ohjelmistokehittäjät
topic_facet 602 Mathematical Information Technology Tietotekniikka ohjelmistokehittäjät sovelluskehittimet tietotekniikka tietoturva
url https://jyx.jyu.fi/handle/123456789/80916 http://www.urn.fi/URN:NBN:fi:jyu-202205062569
work_keys_str_mv AT heimonenantti npmpakettiekosysteeminuhat