毕业设计说明书中英文摘要范本--南京理工大学

南京理工大学紫金学院毕业设计(论文)外文资料翻译系：计算机系专业：计算机科学与技术姓名：谢裕鹏学号： 080601545外文出处：Pankaj Jalote. JSP in Practice(用外文写)Process for Executing SoftwareProjects at Infosys[Z]. AddisonWedsley Longman, Inc, 2009附件：1.外文资料翻译译文；2.外文原文。

注：请将该封面与附件装订成册。

附件1：外文资料翻译译文Overview of JSP TechnologyJSP provides the following benefits over servlets alone:A number of years ago, Marty was invited to attend a small 20-person industry roundtable discussion on software technology. Sitting in the seat next to Marty was James Gosling, inventor of the Java programming language. Sitting several seats away was a high-level manager from a very large software company in Redmond, Washington. During the discussion, the moderator brought up the subject of Jini, which at that time was a new Java technology. The moderator asked the manager what he thought of it, and the manager responded that it was too early to tell, but that it seemed to be an excellent idea. He went on to say that they would keep an eye on it, and if it seemed to be catching on, they would follow his company's usual "embrace and extend" strategy. At this point, Gosling lightheartedly interjected "You mean disgrace and distend."Now, the grievance that Gosling was airing was that he felt that this company would take technology from other companies and suborn it for their own purposes. But guess what? The shoe is on the other foot here. The Java community did not invent the idea of designing pages as a mixture of static HTML and dynamic code marked with special tags. For example, ColdFusion did it years earlier. Even ASP (a product from the very software company of the aforementioned manager) popularized this approach before JSP came along and decided to jump on the bandwagon. In fact, JSP not only adopted the general idea, it even used many of the same special tags as ASP did.So, the question becomes: why use JSP instead of one of these other technologies? Our first response is that we are not arguing that everyone should. Several of those other technologies are quite good and are reasonableoptions in some situations. In other situations, however, JSP is clearly better. Here are a few of the reasons..NET is well-designed technology from Microsoft. is the part that directly competes with servlets and JSP. The advantages of JSP are twofold.First, JSP is portable to multiple operating systems and Web servers; you aren't locked into deploying on Windows and IIS. Although the core .NET platform runs on a few non-Windows platforms, the ASP part does not. You cannot expect to deploy serious applications on multiple servers and operating systems. For some applications, this difference does not matter. For others, it matters greatly.Second, for some applications the choice of the underlying language matters greatly. For example, although .NET's C# language is very well designed and is similar to Java, fewer programmers are familiar with either the core C# syntax or the many auxiliary libraries. In addition, many developers still use the original version of ASP. With this version, JSP has a clear advantage for the dynamic code. With JSP, the dynamic part is written in Java, not VBScript or another ASP-specific language, so JSP is more powerful and better suited to complex applications that require reusable components.You could make the same argument when comparing JSP to the previous version of ColdFusion; with JSP you can use Java for the "real code" and are not tied to a particular server product. However, the current release of ColdFusion is within the context of a J2EE server, allowing developers to easily mix ColdFusion and servlet/JSP code.附件2：外文原文（复印件）JSP技术概述JSP提供下述好处：许多年前，Marty受到邀请,参加一个有关软件技术的小型(20个人)研讨会.做在Marty旁边的人是James Gosling--- Java编程语言的发明者。

英文The road (highway)The road is one kind of linear construction used for travel。

It is made of the roadbed，the road surface, the bridge, the culvert and the tunnel. In addition, it also has the crossing of lines, the protective project and the traffic engineering and the route facility。

The roadbed is the base of road surface, road shoulder，side slope, side ditch foundations. It is stone material structure, which is designed according to route's plane position .The roadbed, as the base of travel, must guarantee that it has the enough intensity and the stability that can prevent the water and other natural disaster from corroding.The road surface is the surface of road. It is single or complex structure built with mixture。

The road surface require being smooth，having enough intensity，good stability and anti—slippery function. The quality of road surface directly affects the safe, comfort and the traffic。

Talking about security loopholesRichard S. Kraus reference to the core network security business objective is to protect the sustainability of the system and data security, This two of the main threats come from the worm outbreaks, hacking attacks, denial of service attacks, Trojan horse. Worms, hacker attacks problems and loopholes closely linked to, if there is major security loopholes have emerged, the entire Internet will be faced with a major challenge. While traditional Trojan and little security loopholes, but recently many Trojan are clever use of the IE loophole let you browse the website at unknowingly were on the move.Security loopholes in the definition of a lot, I have here is a popular saying: can be used to stem the "thought" can not do, and are safety-related deficiencies. This shortcoming can be a matter of design, code realization of the problem.Different perspective of security loo phole sIn the classification of a specific procedure is safe from the many loopholes in classification.1. Classification from the user groups:● Public loopholes in the software category. If the loopholes in Windows, IEloophole, and so on.● specialized software loophole. If Oracle loopholes, Apach e, etc. loopholes.2. Data from the perspective include :● could not reasonably be read and read data, including the memory of thedata, documents the data, Users input data, the data in the database, network,data transmission and so on.● designa ted can be written into the designated places (including the localpaper, memory, databases, etc.)● Input data can be implemented (including native implementation,according to Shell code execution, by SQL code execution, etc.)3. From the point of view of the scope of the role are :● Remote loopholes, an attacker could use the network and directly throughthe loopholes in the attack. Such loopholes great harm, an attacker can createa loophole through other people's computers operate. Such loopholes and caneasily lead to worm attacks on Windows.● Local loopholes, the attacker must have the machine premise accesspermissions can be launched to attack the loopholes. Typical of the local authority to upgrade loopholes, loopholes in the Unix system are widespread, allow ordinary users to access the highest administrator privileges.4. Trigger conditions from the point of view can be divided into:● Initiative trigger loopholes, an attacker can take the initiative to use the loopholes in the attack, If direct access to computers.● Passive trigger loopholes must be computer operators can be carried out attacks with the use of the loophole. For example, the attacker made to a mail administrator, with a special jpg image files, if the administrator to open image files will lead to a picture of the software loophole was triggered, thereby system attacks, but if managers do not look at the pictures will not be affected by attacks.5. On an operational perspective can be divided into:● File opera tion type, mainly for the operation of the target file path can be controlled (e.g., parameters, configuration files, environment variables, the symbolic link HEC), this may lead to the following two questions: ◇Content can be written into control, the contents of the documents can be forged. Upgrading or authority to directly alter the important data (such as revising the deposit and lending data), this has many loopholes. If history Oracle TNS LOG document can be designated loopholes, could lead to any person may control the operation of the Oracle computer services;◇information content can be output Print content has been contained to a screen to record readable log files can be generated by the core users reading papers, Such loopholes in the history of the Unix system crontab subsystem seen many times, ordinary users can read the shadow ofprotected documents;● Memory coverage, mainly for memory modules can be specified, writecontent may designate such persons will be able to attack to enforce the code (buffer overflow, format string loopholes, PTrace loopholes, Windows 2000 history of the hardware debugging registers users can write loopholes), or directly alter the memory of secrets data.● logic errors, such wide gaps exist, but very few changes, so it is difficult todiscern, can be broken down as follows : ◇loopholes competitive conditions (usually for the design, typical of Ptrace loopholes, The existence of widespread document timing of competition) ◇wrong tactic, usually in design. If the history of the FreeBSD Smart IO loopholes. ◇Algorithm (usually code or design to achieve), If the history of Microsoft Windows 95/98 sharing password can easily access loopholes. ◇Imperfections of the design, such as TCP / IP protocol of the three-step handshake SYN FLOOD led to a denial of service attack. ◇realize the mistakes (usually no problem for the design, but the presence of coding logic wrong, If history betting system pseudo-random algorithm)● External orders, Typical of external commands can be controlled (via the PATH variable, SHELL importation of special characters, etc.) and SQL injection issues.6. From time series can be divided into:● has long found loopholes: manufacturers already issued a patch or repairmethods many people know already. Such loopholes are usually a lot of people have had to repair macro perspective harm rather small.● recently discovered loophole: manufacturers just made patch or repairmethods, the people still do not know more. Compared to greater danger loopholes, if the worm appeared fool or the use of procedures, so will result in a large number of systems have been attacked.● 0day: not open the loophole in the private transactions. Usually such loopholes to the public will not have any impact, but it will allow an attacker to the targetby aiming precision attacks, harm is very great.Different perspective on the use of the loopholesIf a defect should not be used to stem the "original" can not do what the (safety-related), one would not be called security vulnerability, security loopholes and gaps inevitably closely linked to use.Perspective use of the loopholes is:● Data Perspective: visit had not visited the data, including reading and writing.This is usually an attacker's core purpose, but can cause very serious disaster (such as banking data can be written).● Competence Perspective: Major Powers to bypass or p ermissions. Permissionsare usually in order to obtain the desired data manipulation capabilities.● Usability perspective: access to certain services on the system of controlauthority, this may lead to some important services to stop attacks and lead to a denial of service attack.● Authentication bypass: usually use certification system and the loopholes willnot authorize to access. Authentication is usually bypassed for permissions or direct data access services.● Code execution perspective: mainly procedures for the importation of thecontents as to implement the code, obtain remote system access permissions or local system of higher authority. This angle is SQL injection, memory type games pointer loopholes (buffer overflow, format string, Plastic overflow etc.), the main driving. This angle is usually bypassing the authentication system, permissions, and data preparation for the reading.Loopholes explore methods mustFirst remove security vulnerabilities in software BUG in a subset, all software testing tools have security loopholes to explore practical. Now that the "hackers" used to explore the various loopholes that there are means available to the model are:● fuzz testing (black box testing), by constructing procedures may lead toproblems of structural input data for automatic testing.● FOSS audit (White Box), now have a series of tools that can assist in thedetection of the safety procedures BUG. The most simple is your hands the latest version of the C language compiler.● IDA anti-compilation of the audit (gray box testing), and above the sourceaudit are very similar. The only difference is that many times you can obtain software, but you can not get to the source code audit, But IDA is a very powerful anti-Series platform, let you based on the code (the source code is in fact equivalent) conducted a safety audit.● dynamic tracking, is the record of proceedings under different conditions andthe implementation of all security issues related to the operation (such as file operations), then sequence analysis of these operations if there are problems, it is competitive category loopholes found one of the major ways. Other tracking tainted spread also belongs to this category.● patch, the software manufacturers out of the question usually addressed in thepatch. By comparing the patch before and after the source document (or the anti-coding) to be aware of the specific details of loopholes.More tools with which both relate to a crucial point: Artificial need to find a comprehensive analysis of the flow path coverage. Analysis methods varied analysis and design documents, source code analysis, analysis of the anti-code compilation, dynamic debugging procedures.Grading loopholesloopholes in the inspection harm should close the loopholes and the use of the hazards related Often people are not aware of all the Buffer Overflow Vulnerability loopholes are high-risk. A long-distance loophole example and better delineation:●R emote access can be an OS, application procedures, version information.●open unnecessary or dangerous in the service, remote access to sensitiveinformation systems.● Remote can be restricted for the documents, data reading.●remotely important or res tricted documents, data reading.● may be limited for long-range document, data revisions.● Remote can be restricted for important documents, data changes.● Remote can be conducted without limitation in the important documents, datachanges, or for general service denial of service attacks.● Remotely as a normal user or executing orders for system and network-leveldenial of service attacks.● may be remote management of user identities to the enforcement of the order(limited, it is not easy to use).● can be remote management of user identities to the enforcement of the order(not restricted, accessible).Almost all local loopholes lead to code execution, classified above the 10 points system for:●initiative remote trigger code execution (such a s IE loophole).● passive trigger remote code execution (such as Word gaps / charting softwareloopholes).DEMOa firewall segregation (peacekeeping operation only allows the Department of visits) networks were operating a Unix server; operating systems only root users and users may oracle landing operating system running Apache (nobody authority), Oracle (oracle user rights) services.An attacker's purpose is to amend the Oracle database table billing data. Its possible attacks steps:● 1. Access pea cekeeping operation of the network. Access to a peacekeepingoperation of the IP address in order to visit through the firewall to protect the UNIX server.● 2. Apache services using a Remote Buffer Overflow Vulnerability direct accessto a nobody's competence hell visit.● 3. Using a certain operating system suid procedure of the loophole to upgradetheir competence to root privileges.● 4. Oracle sysdba landing into the database (local landing without a password).● 5. Revised target table data.Over five down for process analysis:●Step 1: Authentication bypass●Step 2: Remote loopholes code execution (native), Authentication bypassing ● Step 3: permissions, authentication bypass● Step 4: Authentication bypass● Step 5: write data安全漏洞杂谈Richard S. Kraus 网络安全的核心目标是保障业务系统的可持续性和数据的安全性，而这两点的主要威胁来自于蠕虫的暴发、黑客的攻击、拒绝服务攻击、木马。

湖南大学毕业设计 第 I 页X4市给水工程初步设计摘 要本设计的主要内容包括：取水构筑物设计；净水厂设计；输配水管网设计；工程总概算与制水成本分析四部分。

经用水量计算知，新水厂近期供水规模为5.4万3/m d ，远期为11万3/m d ，以地表水为水源。

取水工程由菱形箱式取水头部、自流管以及取水泵房组成。

取水泵房内径16.5m ，近期1台30019S 型水泵（Q=612-9353/m h ，H=22-14m ，N ＝103kw,n=970r/min ）和2台50022S A 型水泵（其中1台为备用泵）（Q=1400-20203/m h ，H=20-14m ，N ＝185kW,n=970r/min ）。

远期将30019S 型水泵换成50022S A 型水泵，并再增设一台50022S A 型水泵，即3台50022S A 工作，1台50022S A 备用。

净水工程常规工艺采用折板絮凝池、平流沉淀池、V 型滤池、液氯消毒工艺，絮凝剂选用碱式氯化铝。

絮凝池与沉淀池合建，采用2组，每组设计水量为32.7/q m d =万。

絮凝池设计絮凝时间为19.9min ，絮凝池尺寸：15.68.20 3.50L B H m m m ⨯⨯=⨯⨯，有效水深为3.20m 。

平流沉淀池设计停留时间为2h ，尺寸：868.2 3.6L B H m m m ⨯⨯=⨯⨯，有效水深：3.3H m =，池内平均水平流速：11/v mm s =，弗劳德数：51.1810Fr -=⨯（在510-～410-范围内），雷诺数：Re 14880=（一般为4000－15000）。

V 型滤池设两组，每组设计水量为32.7/q m d =万，共四格，单格池宽 3.0B m =，池长10.5L m =，面积为422m 。

设计滤速采用9/v m h =，强制滤速v '＝11/m h 。

滤池采用单层石英砂均粒滤料，有效粒径在0.95～1.35m ，不均匀系数80 1.30K =。

南京理工大学紫金学院毕业设计(论文)外文资料翻译系：机械工程系专业：机械工程及自动化姓名：徐华俊学号：100104348外文出处：WASTE FOOD DISPOSAL SYSTEM(3)(用外文写)附件：1.外文资料翻译译文；2.外文原文。

指导教师评语：该生翻译了一篇有关《废弃食物处理系统》的论文，论文内容跟课题的研究领域相关，在将来的课题设计中可以借鉴。

译文语句基本通顺，专业术语正确，标点符号运用无误。

说明该生具备一定的英语水平和翻译能力。

但文中仍有部分语句组织得不够完善，可以进一步修改。

签名：年月日注：请将该封面与附件装订成册。

附件1：外文资料翻译译文垃圾食物处理系统（3）打开功率继电器32的驱动，关闭与其相连的常闭开关118，从而消除了在此之前被施加到定时器单元40的控制终端146的触发信号，并且需要注意的是，功率继电器30的电源开关108供应了一个类似的功能，如本文所述的，启动系统10每天第一次激活功率继电器30的时候，这个功能中断了定时器单元40的控制终端146，即先前追踪的触发信号电路，如本文所述。

进一步，在与功率继电器32相连的开关被关闭的时候，它的驱动被触发的结果是非常明显的，断开常开继电器开关119，为高流量水阀22的电磁阀80建立了一个到地面的备用路径，也就是可以追踪到电源线200；通过导线202；电磁阀80；导线204；导线416和现在被断开的功率继电器32的闭合开关119到地面，如此一来就能明显并且很方便的注意到，与功率继电器30相连的开关109执行同样的功能，通过一个完全可追踪的功率继电器30，而不是功率继电器32，使功率继电器30处于启动状态，所以在任何时期，控制单元12的电动机46可在任意一个方向操作（这取决于功率继电器30或功率继电器32处于激活状态），电磁阀80也将保持通电，来保持高流量水阀22在该段时期内处于闭合状态，这样的话，水流将会在需要大幅率的时候流通，通过管道76和78流到控制单元12，这个控制单元12的机构52正积极粉碎积累废料，并且已经积累或正在采用，接着顺着水流冲到下水道或者通过类似单元12的出口58.你将会很方便的观察到电磁阀74保持通电，并且在控制单元12积极运作期间，低流量水阀20也保持闭合，并且应当在任何特定安装情况下，把阀22的流通能力考虑在内。

南京理工大学紫金学院毕业设计（论文）外文资料翻译系：机械系专业：车辆工程专业姓名:宋磊春学号:070102234外文出处：EDU_E_CAT_VBA_FF_V5R9(用外文写)附件：1。

外文资料翻译译文；2.外文原文.附件1：外文资料翻译译文CATIA V5 的自动化CATIA V5的自动化和脚本：在NT 和Unix上：脚本允许你用宏指令以非常简单的方式计划CATIA。

CATIA 使用在MS –VBScript中(V5.x中在NT和UNIX3。

0 )的共用部分来使得在两个平台上运行相同的宏。

在NT 平台上：自动化允许CATIA像Word/Excel或者Visual Basic程序那样与其他外用分享目标。

ATIA 能使用Word/Excel对象就像Word/Excel能使用CATIA 对象。

在Unix 平台上:CATIA将来的版本将允许从Java分享它的对象。

这将提供在Unix 和NT 之间的一个完美兼容。

CATIA V5 自动化：介绍（仅限NT）自动化允许在几个进程之间的联系:CATIA V5 在NT 上：接口COM：Visual Basic 脚本(对宏来说)，Visual Basic 为应用（适合前:Word/Excel )，Visual Basic。

COM（零部件目标模型)是“微软“标准于几个应用程序之间的共享对象。

Automation 是一种“微软“技术,它使用一种解释环境中的COM对象。

ActiveX 组成部分是“微软“标准于几个应用程序之间的共享对象,即使在解释环境里。

OLE（对象的链接与嵌入）意思是资料可以在一个其他应用OLE的资料里连结并且可以被编辑的方法(在适当的位置编辑）.在VBScript,VBA和Visual Basic之间的差别：Visual Basic(VB）是全部的版本。

它能产生独立的计划,它也能建立ActiveX 和服务器。

它可以被编辑。

VB中提供了一个补充文件名为“在线丛书“(VB的5。