An Empirical Perspective of Roundtrip Engineering for the Development of Secure Web Application Using UML 2.0

Full Text (PDF, 688KB), PP.43-54

Views: 0 Downloads: 0

Author(s)

Nitish Pathak 1,* B. M. Singh 2 Girish Sharma 3

1. Uttrakhand Technical University (UTU), Dehradun, India

2. Department of CS&E, College of Engineering Roorkee, UTU, Dehradun India

3. Departments of CS&E, BPIBS, GGSIP University, Government of NCT of Delhi, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijisa.2017.05.06

Received: 15 Aug. 2016 / Revised: 20 Nov. 2016 / Accepted: 15 Jan. 2017 / Published: 8 May 2017

Index Terms

Component-based development, secure round trip engineering, Model driven Class identification and Modeling, Trusted Operating Systems, Re-engineering

Abstract

This research paper propose experimental support to secure Round Trip Engineering and use of security performance flexibility trusted operating systems for the designing of secure web applications. In this research paper, for security concern, we suggest use of trusted operating systems as a platform to run these web applications. In this regard, a number of trusted operating systems like Argus, Trusted Solaris, and Virtual Vault have been developed by various companies to handle the increasing need of security.
For improving the performance of same web applications, we observe that all security checks in a Trusted Operating System are not necessary. As per our suggestion, various unnecessary security checks can be skipped by administrator, so that system performance of these web applications can improve. These unnecessary security checks, system calls and operations can be easily identified at the time of requirement elicitation and Requirement Engineering. For example, as we know, the popular web servers deal with public information. In this web application, the need for security checks during reads from disk seems like a waste of CPU cycles. On the other hand the real security need for servers seems to be of the write accesses.
This research paper aims to support the efficiency of object-oriented class-based programming and object oriented modeling in secure software development.

Cite This Paper

Nitish Pathak, B. M. Singh, Girish Sharma,"An Empirical Perspective of Roundtrip Engineering for the Development of Secure Web Application Using UML 2.0", International Journal of Intelligent Systems and Applications(IJISA), Vol.9, No.5, pp.43-54, 2017. DOI:10.5815/ijisa.2017.05.06

Reference

[1]PEDRO VALDERAS and VICENTE PELECHANO “A Survey of Requirements Specification in Model-Driven Development of Web Applications” ACM Transactions on the Web, Vol. 5, No. 2, Article 10, Publication date: May 2011
[2]James P. Davis “Propositional Logic Constraint Patterns and Their Use in UML-Based Conceptual Modeling and Analysis” IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 19, NO. 3, MARCH 2007
[3]Andrian Marcus and Denys Poshyvanyk “Using the Conceptual Cohesion of Classes for Fault Prediction in Object-Oriented Systems” IEEE TRANSACTIONS ON SOFTWARE ENGINEERING,VOL.34,NO.2,MARCH/APRIL 2008
[4]BARBARA POBLETE, MYRA SPILIOPOULOU “Privacy-Preserving Query Log Mining for Business Confidentiality Protection” ACM Transactions on the Web, Vol. 4, No. 3, Article 10, Publication date: July 2010.
[5]SARA COMAI and DAVIDE MAZZA “A Model-Driven Methodology to the Content Layout Problem in Web Applications” ACM Transactions on the Web, Vol. 6, No. 3, Article 10, Publication date: September 2012.
[6]Thiago Jabur Bittar, Renata P. M. Fortes and Luanna Lopes Lobato “Web Communication and Interaction Modeling using Model-Driven Development” SIGDOC’09, October 5–7, 2009, Bloomington, Indiana, USA. Copyright 2009 ACM 978-1-60558-559-8/09/10
[7]Ibéria Medeiros, Nuno F. Neves and Miguel Correia “Automatic Detection and Correction of Web Application Vulnerabilities using Data Mining to Predict False Positives” WWW’14, April 7–11, 2014, Seoul, Korea. ACM 978-1-4503-2744-2/14/04.http://dx.doi.org/10.1145/2566486.2568024.
[8]Andrea De Lucia, Carmine Gravino, Rocco Oliveto and Genoveffa Tortora “An experimental comparison of ER and UML class diagrams for data modeling” Empir Software Eng (2010) 15:455–492 DOI 10.1007/s10664-009-9127-7, © Springer Science+Business Media, LLC 2009
[9]R.W. Selby and V.R. Basili, “Cleanroom Software Development: An Empirical Evaluation,” IEEE Trans. Software Eng., vol. 13, no. 9,pp. 1027-1037, Sept. 1987.
[10]http://www.ijric.org/volumes/Vol8/Vol8No8.pdf
[11]http://cairo.cs.uiuc.edu/publications/papers/thesis-achu.pdf
[12]Keng Siau and Lihyunn Lee “Are use case and class diagrams complementary in requirements analysis? An experimental study on use case and class diagrams in UML” Requirements Eng (2004) 9: 229–237, DOI 10.1007/s00766-004-0203-7, Springer-Verlag London Limited 2004.
[13]Nitish Pathak, Girish Sharma and B. M. Singh “Trusted Operating System based Model-Driven Development of Secure Web Applications” Paper accepted for CSI - 2015; CSI - 50th Golden Jubilee Annual Convention, International Conference.
[14]Per Runeson & Martin Höst “Guidelines for conducting and reporting case study research in software engineering” Empir Software Eng (2009) 14:131–164 DOI 10.1007/s10664-008- 102-8, open access at Springerlink.com, December 2008
[15]Nitish Pathak, Girish Sharma and B. M. Singh “Towards Designing of SPF based secure web application using UML 2.0” published in International Journal of Systems Assurance Engineering and Management, Springer, DOI: 10.1007/s13198-015-0338-6 , 28-jan-2015.
[16]MARCO BRAMBILLA, STEFANO CERI, and PIERO FRATERNALI “Process Modeling in Web Applications” ACM Transactions on Software Engineering and Methodology, Vol. 15, No. 4, October 2006.
[17]Georgia M. Kapitsaki, Dimitrios A. Kateros, Christos A. Pappas, Nikolaos D. Tselikas, Iakovos S. Venieris “Model-Driven Development of Composite Web Applications”iiWAS2008, November 24–26, 2008, Linz, Austria.2008 ACM 978-1-60558-349 5/08/0011
[18]Nitish Pathak, Girish Sharma and B. M. Singh “Experimental Designing of SPF based secure web application using Forward Engineering” accepted in IEEE and IETE Sponsored 9th International Conference (INDIACom-2015) on Computing for Nation Development at BVICAM, New Delhi (ISSN 0973-7529 ISBN 978-93-80544-00-7) include in IEEE Xplore.
[19]PETER DESNOYERS, TIMOTHY WOOD, PRASHANT SHENOY “Modellus: Automated Modeling of Complex Internet Data Center Applications” ACM Transactions on the Web, Vol. 6, No. 2, Article 8, Publication date: May 2012.
[20]H. Kim, Y. Zhang, S. Oussena, T. Clark,”A Case study on Model Driven Data Integration for Data Centric SoftwareDevelopment”,ACM,2009.
[21]Nitish Pathak, Girish Sharma and B. M. Singh “Experimental analysis of SPF based Secure Web application” published in International Journal of Modern Education and Computer Science (IJMECS), ISSN: 2075-0161 (Print), ISSN: 2075-017X (Online) DOI: 10.5815/ijmecs, Volume 7, No. 2, February 2015, 2, Page.48-55,Hong Kong.
[22]Nikolay Karabutov ,"Frameworks in Problems of Structural Identification Sy stems", International Journal of Intelligent Sy stems and Applications(IJISA), Vol.9, No.1, p p .1-19, 2017. DOI: 10.5815/ijisa.2017.01.01
[23]N. Karabutov, "Structural M ethods of Estimation Lya-punov Exp onents Linear Dy namic Sy stem," International journal intelligent systems and applications, 2015, vol, 7, no.10, p p . 1-11.
[24]M utlaq B. Alotaibi,"M odelling Electronic Sh arin g (E-Sharin g) Beh aviour: A Persp ective on Location- aware Technolo gy ", International Journal of Intelligent Systems and Applications (IJISA), Vol.9, No.1, p p .20-29, 2017. DOI: 10.5815/ijisa.2017.01.02
[25]Siddu P. Algur, Prashant Bhat,"Web Video Object Mining: A Novel Approach for Knowledge Discovery", International Journal of Intelligent Systems and Applications (IJISA), Vol.8, No.4, pp.67-75, 2016. DOI: 10.5815/ijisa.2016.04.08