The purpose of this bachelor's thesis is to present the topic of web applications security. The purpose of the first, theoretical part of this work is to introduce and describe fundamentals like web security or penetration testing. OWASP (Open Web Application Security Project) and their ten most critical web applications security risks are presented in the rest of the first part. Second, practical part describes tested web application and defines purpose and scope of penetration tests. Then t...
Web application security has been a major issue in information technology since the evolvement of dynamic web application. The main objective of this project was to carry out a detailed study on the top three web application vulnerabilities such as injection, cross site scripting, broken authentication and session management, present the situation where an application can be vulnerable to these web threats and finally provide preventative measures against them. ...
Casteleyn, Sven; Daniel, Florian; Dolog, Peter;
Nowadays, Web applications are almost omnipresent. The Web has become a platform not only for information delivery, but also for eCommerce systems, social networks, mobile services, and distributed learning environments. Engineering Web applications involves many intrinsic challenges due...... design and implementation to deployment and maintenance. They stress the importance of models in Web application development, and they compare well-known Web-specific development processes like WebML, WSDM and OOHDM to traditional software development approaches like the waterfall model and the spiral...... model. Important problem areas inherent to the Web, like localization, personalization, accessibility, and usage analysis, are dealt with in detail, and a final chapter provides both a description of and an outlook on recent Semantic Web and Web 2.0 developments. Overall, their book delivers...
Ratnayake, Rakhitha Nimesh
This book is intended for WordPress developers and designers who want to develop quality web applications within a limited time frame and for maximum profit. Prior knowledge of basic web development and design is assumed.
Building a web application that attracts and retains regular visitors is tricky enough, but creating a social application that encourages visitors to interact with one another requires careful planning. This book provides practical solutions to the tough questions you'll face when building an effective community site -- one that makes visitors feel like they've found a new home on the Web. If your company is ready to take part in the social web, this book will help you get started. Whether you're creating a new site from scratch or reworking an existing site, Building Social Web Applications
Information and services on the web are accessible for everyone. Users of the web differ in their background, culture, political and social environment, interests and so on. Ambient intelligence was envisioned as a concept for systems which are able to adapt to user actions and needs....... With the growing amount of information and services, the web applications become natural candidates to adopt the concepts of ambient intelligence. Such applications can deal with divers user intentions and actions based on the user profile and can suggest the combination of information content and services which...... suit the user profile the most. This paper summarizes the domain engineering framework for such adaptive web applications. The framework provides guidelines to develop adaptive web applications as members of a family. It suggests how to utilize the design artifacts as knowledge which can be used...
Web Call Example Application from Ericsson Developer Connection is an application that hosted at a web server and supplies functionality of VoIP phone calls. Users can access the service from desktop browser, mobile phone browser or Java ME Client. Users can also manage their contact books. Each user can have more than one VoIP service accounts, so they can choose the cheapest on when they make phone call. The Web Call Example Application supports two kinds of VoIP phone call connection: Rela...
The unique characteristic of web applications is that they are supposed to be used by much bigger and diverse set of users and stakeholders. An example application area is e-Learning or business to business interaction. In eLearning environment, various users with different background use the e......Learning system to study a discipline. In business to business interaction, different requirements and parameters of exchanged business requests might be served by different services from third parties. Such applications require certain intelligence and a slightly different approach to design. Adpative web...... adaptation to the changed parameters of environments, user or context. Adaptation can be seen as an orthogonal concern or viewpoint in a design process. In this paper I will discuss design abstractions which are employed in current design methods for web applications. I will exemplify the use...
How do you create a mission-critical site that provides exceptional performance while remaining flexible, adaptable, and reliable 24/7? Written by the manager of a UI group at Yahoo!, Developing Large Web Applications offers practical steps for building rock-solid applications that remain effective even as you add features, functions, and users. You'll learn how to develop large web applications with the extreme precision required for other types of software. Avoid common coding and maintenance headaches as small websites add more pages, more code, and more programmersGet comprehensive soluti
This undergraduate thesis presents the analysis of the GWT framework usage for the development of web applications. GWT offers functionality for the development of complete web applications, as the user interface as the implementation of the application logic on the server. The thesis shows the architectural concepts and the model of framework operation. There is a great emphasis on the compiler, which uses the concept of deffered binding, providing a coherent render on various browsers witho...
VIGIL,FRANK; REEDER,ROXANA G.
The Factsheets web application was conceived out of the requirement to create, update, publish, and maintain a web site with dynamic research and development (R and D) content. Before creating the site, a requirements discovery process was done in order to accurately capture the purpose and functionality of the site. One of the high priority requirements for the site would be that no specialized training in web page authoring would be necessary. All functions of uploading, creation, and editing of factsheets needed to be accomplished by entering data directly into web form screens generated by the application. Another important requirement of the site was to allow for access to the factsheet web pages and data via the internal Sandia Restricted Network and Sandia Open Network based on the status of the input data. Important to the owners of the web site would be to allow the published factsheets to be accessible to all personnel within the department whether or not the sheets had completed the formal Review and Approval (R and A) process. Once the factsheets had gone through the formal review and approval process, they could then be published both internally and externally based on their individual publication status. An extended requirement and feature of the site would be to provide a keyword search capability to search through the factsheets. Also, since the site currently resides on both the internal and external networks, it would need to be registered with the Sandia search engines in order to allow access to the content of the site by the search engines. To date, all of the above requirements and features have been created and implemented in the Factsheet web application. These have been accomplished by the use of flat text databases, which are discussed in greater detail later in this paper.
Offline Web applications are increasingly popular. The possibility to have both the advantages of Web applications and traditional desktop applications is exiting. An offline Web application can be accessed from all computers, with any operating system, as well as offering to store information locally, giving the user the opportunity to use the application when the user does not have Internet access. The concept of offline Web applications is tempting, but it is important to integrate securit...
Maria Cristina ENACHE
This document presents the work that was elaborated at the company Present Technologies as part of the academic discipline Internship/Industrial Project for the Master’s degree in Informatics and Systems, Software Development branch, at Instituto Superior de Engenharia de Coimbra. The area of the mobile web applications has grown exponentially over the last few years turning it into a very dynamic field where new development platforms and frameworks are constantly emerging. Thus, the inter...
A web application framework is designed to support the development of dynamic websites, Web applications and Web services. There are many already established platforms to choose from. Recent years have witnessed an increasing number of web application frameworks based on dynamic programming languages such as Python and Ruby. In my thesis I presented Zope, which is relatively unknown among developers despite the maturity of the platform and the fact that it offers some interesting features...
Code injection is the most critical threat for the web applications. The security vulnerabilities have been growing on web applications. With the growth of the importance of web application, preventing the applications from unauthorized usage and maintaining data integrity have been challenging. Especially those applications which an interface with back-end database components like mainframes and product databases that contain sensitive data can be addressed as the attacker’s main target. ...
With the constant spread of internet access, the world of software is constantly transforming product shapes into services delivered via web browsers. Modern next generation web applications change the way browsers and users interact with servers. A lot of word scale services have already been delivered by top companies as Single Page Applications. Moving services online poses a big attention towards data protection and web application security. Single Page Application are exposed to server-s...
Full Text Available With the constant spread of internet access, the world of software is constantly transforming product shapes into services delivered via web browsers. Modern next generation web applications change the way browsers and users interact with servers. A lot of word scale services have already been delivered by top companies as Single Page Applications. Moving services online poses a big attention towards data protection and web application security. Single Page Application are exposed to server-side web applications security in a new way. Also, having application logic being executed by untrusted client environment requires close attention on client application security. Single Page Applications are vulnerable to the same security threads as server-side web application thus not making them less secure. Defending techniques can be easily adapted to guard against hacker attacks.
Moreno, Lourdes; Martínez, Paloma; Contreras, Jesús; Benjamins, Richard
The importance for Web applications to reach all kind of potential users and customers is being stressed by companies and public sectors. The standardization initiative for Web applications, WAI and the Universal Design framework establish useful rules for building accessible applications for any kind of disabled and non-disabled users. The proliferation of Semantic Web technologies and formal ontologies offer a technological opportunity for establishing automatic and advanced methods for ...
Hemel, Z.; Groenewegen, D.M.; Kats, L.C.L.; Visser, E.
Modern web application development frameworks provide web application developers with highlevel abstractions to improve their productivity. However, their support for static verification of applications is limited. Inconsistencies in an application are often not detected statically, but appear as er
Benson, Edward; Karger, David R.; Zhang, Amy Xian
Creating and publishing read-write-compute web applications requires programming skills beyond what most end users possess. But many end users know how to make spreadsheets that act as simple information management applications, some even with computation. We present a system for creating basic web applications using such spreadsheets in place of a server and using HTML to describe the client UI. Authors connect the two by placing spreadsheet references inside HTML attributes. Data computatio...
Do you need to keep up with the latest hacks, attacks, and exploits effecting web applications? Then you need Seven Deadliest Web Application Attacks. This book pinpoints the most dangerous hacks and exploits specific to web applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. .. .. Attacks detailed in this book include: ..: ..; Cross-Site Scripting (XSS) ..; Cross-Site Request Fo
L'assignatura Desenvolupament d'aplicacions web està orientada a introduir l'estudiant en la creació i funcionament de les aplicacions web. Per aconseguir-ho es presenten temes que tracten, des de la configuració del servidor fins a la creació d'aplicacions dinàmiques amb accés a dades. Un cop finalitzada l'assignatura, l'estudiant disposarà de coneixements en tecnologies Web que seran fonamental per a la implementació d'aplicacions en aquest entorn.
The WebSocket allows asynchronous full-duplex communication between a Web-based (i.e. Java Script-based) application and a Web-server. WebSocket started as a part of HTML5 standardization but has now been separated from HTML5 and has been developed independently. Using WebSocket, it becomes easy to develop platform independent presentation layer applications for accelerator and beamline control software. In addition, a Web browser is the only application program that needs to be installed on client computer. The WebSocket-based applications communicate with the WebSocket server using simple text-based messages, so WebSocket is applicable message-based control system like MADOCA, which was developed for the SPring-8 control system. A simple WebSocket server for the MADOCA control system and a simple motor control application were successfully made as a first trial of the WebSocket control application. Using Google-Chrome (version 13.0) on Debian/Linux and Windows 7, Opera (version 11.0) on Debian/Linux and Safari (version 5.0.3) on Mac OS X as clients, the motors can be controlled using a WebSocket-based Web-application. Diffractometer control application use in synchrotron radiation diffraction experiment was also developed. (author)
Thalheim, Bernhard; Prinz, Andreas; Buchberger, Bruno
The papers in this volume aim at obtaining a common understanding of the challenging research questions in web applications comprising web information systems, web services, and web interoperability; obtaining a common understanding of verification needs in web applications; achieving a common understanding of the available rigorous approaches to system development, and the cases in which they have succeeded; identifying how rigorous software engineering methods can be exploited to develop suitable web applications; and at developing a European-scale research agenda combining theory, methods a
Chen, Hsinchun; Chau, Michael
Presents an overview of machine learning research and reviews methods used for evaluating machine learning systems. Ways that machine-learning algorithms were used in traditional information retrieval systems in the "pre-Web" era are described, and the field of Web mining and how machine learning has been used in different Web mining applications…
Full Text Available Information and communication technologies are designed to support and anticipate the continuing changes of the information society, while outlining new economic, social and cultural dimensions. We see the growth of new business models whose aim is to remove traditional barriers and improve the value of goods and services. Information is a strategic resource and its manipulation raises new problems for all entities involved in the process. Information and communication technologies should be a stable support in managing the flow of data and support the integrity, confidentiality and availability. Concepts such as eBusiness, eCommerce, Software as a Service, Cloud Computing and Social Media are based on web technologies consisting of complex languages, protocols and standards, built around client-server architecture. One of the most used technologies in mobile applications are the Web Services defined as an application model supported by any operating system able to provide certain functionalities using Internet technologies to promote interoperability between various appli-cations and platforms. Web services use HTTP, XML, SSL, SMTP and SOAP, because their stability has proven over the years. Their functionalities are highly variable, with Web services applications exchange type, weather, arithmetic or authentication services. In this article we will talk about SOAP and REST architectures for web services in mobile applications and we will also provide some practical examples based on Android platform.
Goff, Samuel J.
Hangeland, Anders Paulsen; Pettersen, Ståle
The emerging trend of providing business, government and academic services through the World Wide Web, and subsequent value availability, has caused an acceleration in the number and sophistication of web application threats. Since the consequences of security breaches in web applications can be severe, there is an increasing demand for proper security mechanisms. At the same time the decreased time-frame of web application development projects has led to numerous Web Application Frameworks, ...
The thesis presents the process of designing and producing a web application for personal growth. We live in an era where it is well taken care of our physical comfort, but our mind is in danger. People often feel worthless and do not understand their feelings so we have developed a web application that helps strenghten confidence and encourages understanding of emotions. We started development with the use of some newer technologies. On the server side, we used Node.js, Express.js and MongoD...
... MedlinePlus Connect → Web Application URL of this page: https://www.nlm.nih.gov/medlineplus/connect/application.html ... the base URL for the Web application is: https://apps.nlm.nih.gov/medlineplus/services/mpconnect.cfm ...
The thesis goes through a development project where a web application was implemented to support the start-up company business operations. The main reason to implement a web application was the company needed a system where business data is centrally managed with cost-efficient, simple and easy tool. The deployed cloud service provided a platform for the web application. The alternative to the web application development was to deploy commercial customer relationship management tool, but the ...
Karan Gupta; Anita Goel
Tagging is included in web application to ease maintenance of large amount of information stored in a web application. With no mention of requirement specification or design document for tagging software, academically or otherwise, integrating tagging software in a web application is a tedious task. In this paper, a framework is presented for integrating tagging software into a web application. The framework is for use during different stages of software development life cycle....
... MedlinePlus Connect → Web Application URL of this page: https://medlineplus.gov/connect/application.html MedlinePlus Connect: Web ... the base URL for the Web application is: https://apps.nlm.nih.gov/medlineplus/services/mpconnect.cfm ...
Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...
With the increasing popularity,scale and complexity of web applications,design and development of web applications are becoming more and more difficult,However,the current state of their design and development is characterized by anarchy and ad hoc methodologies,One of the causes of this chaotic situation is that different researchers and designers have different understanding of web applications.In this paper,based on an explicit understanding of web applications,we present a unified architecture model of wed applications,the four-view model,which addresses the analysis and design issues of web applications from four perspectives,namely,logical view,data view,navigation view and presentation view,each addrssing a specific set of concerns of web applications,the purpose of the model is to provide a clear picture of web applications to alleviate the chaotic situation and facilitate its analysis,design and implementation.
Full Text Available Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the security attacks targeting a web application every day, and hence improve its security. The aim of this paper is to carry out a detailed overview about the web application forensics. First, we define the web applications forensics, and we present a taxonomic structure of the digital forensics. Then, we present the methodology of a web application forensics investigation. After that, we illustrate the forensics supportive tools for a web application forensics investigation. After that, we present a detailed presentation of a set of the main considered web application forensics tools. Finally, we provide a comparison of the main considered web application forensics tools.
Schwarz, Mathias Romme
that there are important, common errors that remain unhandled by web application frameworks. Guided by a survey of common web application errors and of web application frameworks, we identify the need for techniques to help the programmer avoid HTML invalidity and security vulnerabilities, in particular client......-state manipulation vulnerabilities. The hypothesis of this dissertation is that we can design frameworks and static analyses that aid the programmer to avoid such errors. First, we present the JWIG web application framework for writing secure and maintainable web applications. We discuss how this framework solves......Numerous web application frameworks have been developed in recent years. These frameworks enable programmers to reuse common components and to avoid typical pitfalls in web application development. Although such frameworks help the programmer to avoid many common errors, we nd...
Full Text Available Web applications vulnerabilities allow attackers to perform malicious actions that range from gaining unauthorized account access to obtaining sensitive data. The number of reported web application vulnerabilities in last decade is increasing dramatically. The most of vulnerabilities result from improper input validation and sanitization. The most important of these vulnerabilities based on improper input validation and sanitization are: SQL injection (SQLI, Cross-Site Scripting (XSS and Buffer Overflow (BOF. In order to address these vulnerabilities we designed and developed the WAPTT (Web Application Penetration Testing Tool tool - web application penetration testing tool. Unlike other web application penetration testing tools, this tool is modular, and can be easily extended by end-user. In order to improve efficiency of SQLI vulnerability detection, WAPTT uses an efficient algorithm for page similarity detection. The proposed tool showed promising results as compared to six well-known web application scanners in detecting various web application vulnerabilities.
Ibarra, A.; Kennedy, M.; Rodríguez, P.; Hernández, C.; Saxton, R.; Gabriel, C.
Desmet, Lieven; Johns, Martin; Livshits, Benjamin; Sabelfeld, Andrei
This report documents the program and the outcomes of Dagstuhl Seminar 12401 ``Web Application Security''. The seminar brought 44 web security researchers together, coming from companies and research institutions across Europe and the US. The seminar had a well-filled program, with 3 keynotes, 28 research talks, and 15 5-minute talks. As web application security is a broad research domain, a diverse set of recent research results was presented during the talks, covering the web secur...
Holm, Hannes; Ekstedt, Mathias; Sommestad, Teodor
Web application vulnerabilities are widely considered a serious concern. However, there are as of yet scarce data comparing the effectiveness of different security countermeasures or detailing the magnitude of the security issues associated with web applications. This paper studies the effort that is required by a professional penetration tester to find an input validation vulnerability in an enterprise web application that has been developed in the presence or absence of four security measur...
Namiot, Dmitry; Sneps-Sneppe, Manfred
In this paper, we discuss one approach for development and deployment of web sites (web pages) devoted to the description of objects (events) with a precisely delineated geographic scope. This article describes the usage of context-aware programming models for web development. In our paper, we propose mechanisms to create mobile web applications which content links to some predefined geographic area. The accuracy of such a binding allows us to distinguish individual areas within the same indo...
With the advance of Web Services technologies and the emergence of Web Services into the information space, tremendous opportunities for empowering users and organizations appear in various application domains including electronic commerce, travel, intelligence information gathering and analysis, health care, digital government, etc. In fact, Web services appear to be s solution for integrating distributed, autonomous and heterogeneous information sources. However, as Web services evolve in a dynamic environment which is the Internet many changes can occur and affect them. A Web service is affected when one or more of its associated information sources is affected by schema changes. Changes can alter the information sources contents but also their schemas which may render Web services partially or totally undefined. In this paper, we propose a solution for integrating information sources into Web services. Then we tackle the Web service synchronization problem by substituting the affected information sources....
As the Internet has evolved, so have the various vulnerabilities, which largely stem from the fact that developers are unaware of the importance of a robust application security program. This book aims to educate readers on application security and building secure web applications using the new Java Platform. The text details a secure web application development process from the risk assessment phase to the proof of concept phase. The authors detail such concepts as application risk assessment, secure SDLC, security compliance requirements, web application vulnerabilities and threats, security
WU Jun-hua; XU Bao-wen; JIANG Ji-xiang
Many research indicate a lot of money and time are spent on maintaining and modifying program delivered.So the policies to support program comprehension are very important.Program comprehension is a crucial and difficult task.Insufficient design, illogical code structure, short documents will enhance the comprehensive difficulty.Developing Web application is usually a process with quick implementation and delivery.In addition, generally a Web application is coded by combining mark language statements with some embedded applets.Such programming mode affects comprehension of Web applications disadvantageously.This paper proposes a method to improving understanding Web by dependence analysis and slice technology.
Full Text Available The Internet offers multiple solutions to linkcompanies with their partners, customers or suppliersusing IT solutions, including a special focus on Webservices. Web services are able to solve the problem relatedto the exchange of data between business partners, marketsthat can use each other's services, problems ofincompatibility between IT applications. As web servicesare described, discovered and accessed programs based onXML vocabularies and Web protocols, Web servicesrepresents solutions for Web-based technologies for smalland medium-sized enterprises (SMEs. This paper presentsa web service framework for economic applications. Also, aprototype of this IT solution using web services waspresented and implemented in a few companies from IT,commerce and consulting fields measuring the impact ofthe solution in the business environment development.
Brescia, Massimo; Cavuoti, Stefano; Esposito, Francesco; Fiore, Michelangelo; Garofalo, Mauro; Guglielmo, Marisa; Longo, Giuseppe; Manna, Francesco; Nocella, Alfonso; Vellucci, Civita
Astronomy is undergoing through a methodological revolution triggered by an unprecedented wealth of complex and accurate data. DAMEWARE (DAta Mining & Exploration Web Application and REsource) is a general purpose, Web-based, Virtual Observatory compliant, distributed data mining framework specialized in massive data sets exploration with machine learning methods. We present the DAMEWARE (DAta Mining & Exploration Web Application REsource) which allows the scientific community to perform data...
Boneh, Dan; Erlingsson, Ulfar; Johns, Martin; Livshits, Benjamin
Web applications are ubiquitous nowadays. Consequently, the field of Web application security is of ever rising significance. This Dagstuhl seminar was conducted to assemble researchers active in the domain to gain a first comprehensive overview of this young discipline in security research. From a content perspective, the topic was explored in a great variety of directions, including for instance Web browser-based security measures, language-based techniques, software engin...
Full Text Available In recent years, web applications have evolved from small websites into large multi-tiered applications. The quality of web applications depends on the richness of contents, well structured navigation and most importantly its security. Web application testing is a new field of research so as to ensure the consistency and quality of web applications. In the last ten years there have been different approaches. Models have been developed for testing web applications but only a few focused on content testing, a few on navigation testing and a very few on security testing of web applications. There is a need to test content, navigation and security of an application in one go. The objective of this paper is to propose Dual Security Testing Model to test the security of web applications using UML modeling technique which includes web socket interface. In this research paper we have described how our security testing model is implemented using activity diagram, activity graph and based on this how test cases is generated.
Sanjeev Narayan Bal
This paper enlightens the benefits offered by enabling web applications on Mobile devices and also addresses the current business challenges in developing Mobile Web applications. This paper is intended for all business domains irrespective of application portfolios. Mobile enterprise application platform solutions are the core technology offerings that enable mobile enterprise applications and are the basis for organizations that are building, deploying, and supporting mobile enterprise appl...
Full Text Available World Wide Web is source of information in todayz environment. Web is collection of inter-related files on one or more Web Servers. We have lots of data over there that can help in growing a business. Web mining is part of data mining, helps to find new patterns that enable a merchant to take new decisions for business opportunity. In this paper we discuss about characteristics and applications of web mining techniques in the context of E-commerce.
Brescia, Massimo; Esposito, Francesco; Fiore, Michelangelo; Garofalo, Mauro; Guglielmo, Magda; Longo, Giuseppe; Manna, Francesco; Nocella, Alfonso; Vellucci, Civita
Astronomy is undergoing through a methodological revolution triggered by an unprecedented wealth of complex and accurate data. DAMEWARE (DAta Mining & Exploration Web Application and REsource) is a general purpose, Web-based, Virtual Observatory compliant, distributed data mining framework specialized in massive data sets exploration with machine learning methods. We present the DAMEWARE (DAta Mining & Exploration Web Application REsource) which allows the scientific community to perform data mining and exploratory experiments on massive data sets, by using a simple web browser. DAMEWARE offers several tools which can be seen as working environments where to choose data analysis functionalities such as clustering, classification, regression, feature extraction etc., together with models and algorithms.
Protection of Web applications is an activity that requires constant monitoring of security threats as well as looking for solutions in this field. Since protection has moved from the lower layers of OSI models to the application layer and having in mind the fact that 75% of all the attacks are performed at the application layer, special attention should be paid to the application layer. It is possible to improve protection of Web application on the level of the system architecture by introducing new components which will realize protection on higher levels of OSI models. This paper deals with Intrusion Detection Systems, Intrusion Prevention Systems, Web Application Firewall and gives a holistic approach to securing Web applications using aforementioned components.
There has been a lot of discussion within the Grid community about the use of Web Services technologies in building large-scale, loosely-coupled, cross-organisation applications. In this talk we are going to explore the principles that govern Service-Oriented Architectures and the promise of Web Services technologies for integrating applications that span administrative domains. We are going to see how existing Web Services specifications and practices could provide the necessary infrastructure for implementing Grid applications. Biography Dr. Savas Parastatidis is a Principal Research Associate at the School of Computing Science, University of Newcastle upon Tyne, UK. Savas is one of the authors of the "Grid Application Framework based on Web Services Specifications and Practices" document that was influential in the convergence between Grid and Web Services and the move away from OGSI (more information can be found at http://www.neresc.ac.uk/ws-gaf). He has done research on runtime support for distributed-m...
Jeyalatha SIVARAMAKRISHNAN; Vijayakumar BALAKRISHNAN
This paper deals with Web mining and the different categories of Web mining like content, structure and usage mining. The application of Web mining in an academic search application has been discussed. The paper concludes with open problems related to Web mining. The present work can be a useful input to Web users, Web Administrators in a university environment.
Full Text Available The main issues of current web application is easily hacking the user information by unauthorized person. The development of entire web application depends on scripting languages that easily displays the user authentication code to the web browser. All code must be transferred through query string parameter (URL of the web application. This kind of application security fails when verifying it by penetration testing which is based on XSS languages. This study overcomes the security issues by developing a web application based on cross site scripting technique which the user codes are encrypted using RSA algorithm and cookies, cross domain verification based on encrypted use code. XSS vulnerabilities come in different forms and may be categorized into two varieties: reflected and stored. Reflected is on type of attack which can be performed against applications that employ a dynamic page error message to users. Stored XSS vulnerability appears when data submitted by one user is store in the application or in the back-end database. The user cookies of the web browser store only the encrypted key values. These techniques applied in Enterprise web application it support multiple organization for processing product purchase order, sales order and invoice details.
Farooq, Amjad; Shah, Abad
The web information resources are growing explosively in number and volume. Now to retrieve relevant data from web has become very difficult and time-consuming. Semantic Web envisions that these web resources should be developed in machine-processable way in order to handle irrelevancy and manual processing problems. Whereas, the Semantic Web is an extension of current web, in which web resources are equipped with formal semantics about their interpretation through machines. These web resources are usually contained in web applications and systems, and their formal semantics are normally represented in the form of web-ontologies. In this research paper, an object-oriented design methodology (OODM) is upgraded for developing semantic web applications. OODM has been developed for designing of web applications for the current web. This methodology is good enough to develop web applications. It also provides a systematic approach for the web applications development but it is not helpful in generating machine-poc...
Dynamic web applications represent the largest share in web applications ecosystem. They integrate with each other in a web browser. Users are not aware of connections with third-party service providers and may be unknowingly revealing their browsing data. In this thesis, a web crawler for dynamic web application analysis was designed and implemented to address this problem. Traditional crawlers are not sufficient for described area, since their interest is in semantics of web applications. O...
Castellani, Marco; Mancini, Ettore; Pellecchia, Luca; Longo, Giuseppe
We present the alpha release of the VOGCLUSTERS web application, specialized for data and text mining on globular clusters. It is one of the web2.0 technology based services of Data Mining & Exploration (DAME) Program, devoted to mine and explore heterogeneous information related to globular clusters data.
Castellani, M.; Brescia, M.; Mancini, E.; Pellecchia, L.; Longo, G.
We present the alpha release of the VOGCLUSTERS web application, specialized for data and text mining on globular clusters. It is one of the web2.0 technology based services of Data Mining &Exploration (DAME) Program, devoted to mine and explore heterogeneous information related to globular clusters data.
The Nonactinide Isotopes and Sealed Sources (NISS) Web Application is a web-based database query and data management tool designed to facilitate the identification and reapplication of radioactive sources throughout the Department of Energy (DOE) complex. It provides search capability to the general Internet community and detailed data management functions to contributing site administrators
Ratnayake, Rakhitha Nimesh
An extensive, practical guide that explains how to adapt WordPress features, both conventional and trending, for web applications.This book is intended for WordPress developers and designers who have the desire to go beyond conventional website development to develop quality web applications within a limited time frame and for maximum profit. Experienced web developers who are looking for a framework for rapid application development will also find this to be a useful resource. Prior knowledge with of WordPress is preferable as the main focus will be on explaining methods for adapting WordPres
Vesterli, Sten E
Developing Web Applications with Oracle ADF Essentials covers the basics of Oracle ADF and then works through more complex topics such as debugging and logging features and JAAS Security in JDeveloper as the reader gains more skills. This book will follow a tutorial approach, using a practical example, with the content and tasks getting harder throughout.""Developing Web Applications with Oracle ADF Essentials"" is for you if you want to build modern, user-friendly web applications for all kinds of data gathering, analysis, and presentations. You do not need to know any advanced HTML or JavaSc
The Web has evolved to support sophisticated web applications. These web applications are exposed to a number of attacks and vulnerabilities. The existing security model is unable to cope with these increasing attacks and there is a need for a new security model that not only provides the required security but also supports recent advances like AJAX and mashups. The attacks on client-side Web Applications can be attributed to four main reasons – 1) lack of a security context for Web Browsers...
Ossenbruggen, van, Jacco; Amin, Alia; Hildebrand, Michiel
This position paper discusses our experience in evaluating our cultural search and annotation engine. We identify three aspects that determine the quality of a semantic web application as a whole, namely: the quality of data set, the quality of underlying search and inference software and the quality of the user interface. We argue that evaluation of semantic web applications is particularly difficult because of the strong interdependency between the three aspects.
Baranov, P. A.; BEYBUTOV E.R.
This paper provides an overview of core technologies implemented by comparably new products on the information security market web application firewalls. Web applications are a very widely-used and convenient way of presenting remote users with access to corporate information resources. They can, however, become single point of failure rendering all the information infrastructure inaccessible to legitimate clients. To prevent malicious access attempts to endpoint information resources and, in...
Web-based applications for academic education facilitate, usually, exchange of multimedia files, while design-oriented domains such as architectural and urban design require additional support in collaborative real-time drafting and modeling. In this context, multi-user interactive interfaces employing game engines as well as Virtual Reality (VR) environments offer a framework within which web-based applications for virtual laboratories have been in the last decade successfully developed and ...
Full Text Available The present study aims to introduce and analyze bibliometric application within Web and also to expounds on the status of link analysis in order to point out its application with respect to the existing web-based information sources. Findings indicate that bibliometrics could have required application in the area of digital resources available through Net. Link analysis is a process by which one could make statistical analysis of correlation between hyperlinks and therefore understand the accuracy, veracity and efficacy of citations within a digital document. Link analysis, in effect, is counted as a part of information ranking algorithm within the web environment. The number, linkage and quality of given links to a website are of utmost importance for ranking/status in the Web. The tools applied in this topic include, page ranking strategy, link analysis algorithm, latent semantic indexing and the classical input-output model. The present study analyzes Big Web and Small Web link analysis and explains the means for utilizing web charts in order to better understand the link analysis process.
Full Text Available Currently, computers are changing from single, isolated devices into entry points to a worldwide network of information exchange and business transactions called the World Wide Web (WWW. However, the success of the WWW has made it increasingly difficult to find, access, present and maintain the information required by a wide variety of users. In response to this problem, many new research initiatives and commercial enterprises have been set up to enrich the available information with machine-process able semantics. This Semantic Web will provide intelligent access to heterogeneous, distributed information, enabling software products (agents to mediate between user needs and the information sources available. In this paper we describe some areas for application of this new technology. We focus on on-going work in the fields of knowledge management and electronic commerce. We also take a perspective on the semantic web-enabled web services which will help to bring the semantic web to its full potential.
Geant4 is a toolkit for the simulation of the passage of particles through matter. The Geant4 visualization system supports many drivers including OpenGL, OpenInventor, HepRep, DAWN, VRML, RayTracer, gMocren and ASCIITree, with diverse and complementary functionalities. Web applications have an increasing role in our work, and thanks to emerging frameworks such as Wt , building a web application on top of a C++ application without rewriting all the code can be done. Because the Geant4 toolkit's visualization and user interface modules are well decoupled from the rest of Geant4, it is straightforward to adapt these modules to render in a web application instead of a computer's native window manager. The API of the Wt framework closely matches that of Qt , our experience in building Qt driver will benefit for Wt driver. Porting a Geant4 application to a web application is easy, and with minimal effort, Geant4 users can replicate this process to share their own Geant4 applications in a web browser.
In recent years, many desktop applications have been ported to the world wide web in order to reduce (multiplatform) development, distribution and maintenance costs. However, there is little data concerning the usability of web applications, and the impact of their usability on the total cost of...... developing and using such applications. In this paper we present a comparison of web and desktop applications from the usability point of view. The comparison is based on an empirical study that investigates the performance of a group of users on two calendaring applications: Yahoo!Calendar and Microsoft...... Calendar. The study shows that in the case of web applications the performance of the users is significantly reduced, mainly because of the restricted interaction mechanisms provided by current web browsers....
The World Wide Web, traditionally only used for static content, has grown in size, reach, and capability over the past few years. Web pages have turned into full featured web applications and web browsers have dramatically improved their interoperability, performance, stability, and security. This means developers can move more and more advanced applications to the web. This move initially started with simple applications like e-mail clients. Nowadays, developers can use new web standards to ...
The Social Web constitutes a shift in information flow from the traditional Web. Previously, content was provided by the owners of a website, for consumption by the end-user. Nowadays, these websites are being replaced by Social Web applications which are frameworks for the publication of user-provided content. Traditionally, Web content could be `trusted' to some extent based on the site it originated from. Algorithms such as Google's PageRank were (and still are) used to compute the importance of a website, based on analysis of underlying link topology. In the Social Web, analysis of link topology merely tells us about the importance of the information framework which hosts the content. Consumers of information still need to know about the importance/reliability of the content they are reading, and therefore about the reliability of the producers of that content. Research into trust and reputation of the producers of information in the Social Web is still very much in its infancy. Every day, people are forced to make trusting decisions about strangers on the Web based on a very limited amount of information. For example, purchasing a product from an eBay seller with a `reputation' of 99%, downloading a file from a peer-to-peer application such as Bit-Torrent, or allowing Amazon.com tell you what products you will like. Even something as simple as reading comments on a Web-blog requires the consumer to make a trusting decision about the quality of that information. In all of these example cases, and indeed throughout the Social Web, there is a pressing demand for increased information upon which we can make trusting decisions. This chapter examines the diversity of sources from which trust information can be harnessed within Social Web applications and discusses a high level classification of those sources. Three different techniques for harnessing and using trust from a range of sources are presented. These techniques are deployed in two sample Social Web
Ashish, Naveen; Industrial Experiences
We provide a description of work at the National Aeronautics and Space Administration (NASA) on building systems based on Semantic-Web concepts and technologies. NASA has been one of the early adopters of Semantic-Web technologies for practical applications. Indeed there are several ongoing (IT) endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific inf...
Quan Liang Chen
Full Text Available This paper presents high-level functional Web components such as frames, framesets, and pivot tables, which conventional development environments for Web applications have not yet supported. Frameset Web components provide several editing facilities such as adding, deleting, changing, and nesting of framesets to make it easier to develop Web applications that use frame facilities. Pivot table Web components sum up various kinds of data in two dimensions. They reduce the amount of code to be written by developers greatly. The paper also describes the system that implements these high-level functional components as visual Web components. This system assists designers in the development of Web applications based on the page-transition framework that models a Web application as a set of Web page transitions, and by using visual Web components, makes it easier to write processes to be executed when a Web page transfers to another.
Sridaran, R; Iyakutti, K; Mani, M N S
The Model / View / Controller design pattern divides an application environment into three components to handle the user-interactions, computations and output respectively. This separation greatly favors architectural reusability. The pattern works well in the case of single-address space and not proven to be efficient for web applications involving multiple address spaces. Web applications force the designers to decide which of the components of the pattern are to be partitioned between the server and client(s) before the design phase commences. For any rapidly growing web application, it is very difficult to incorporate future changes in policies related to partitioning. One solution to this problem is to duplicate the Model and controller components at both server and client(s). However, this may add further problems like delayed data fetch, security and scalability issues. In order to overcome this, a new architecture SPIM has been proposed that deals with the partitioning problem in an alternative way. S...
International audience The steady growth of the World Wide Web raises challenges regarding the preservation of meaningful Web data. Tools used currently by Web archivists blindly crawl and store Web pages found while crawling, disregarding the kind of Web site currently accessed (which leads to suboptimal crawling strategies) and whatever structured content is contained in Web pages (which results in page-level archives whose content is hard to exploit). We focus in this PhD work on the cr...
A web application uses two words “web” and “application”.Where web means web browser and application meanscomputer software. Web browser is used to search theinformation on the World Wide Web i.e. www or on Internet,where as application is used to solve the single or multiple tasks,depending on the type of application. In this way, we can saythat a web application is computer software to perform single ormultiple tasks on the computer network using web browser.Now, the questions arise for the...
Security is the essential and important topic in web applications. The choice of communication made the web technology a essential one in the environment. The importance of web application and its securityincreasing day by day, but traditional networks fails to provide security for web application. This paper discuss about some of the vulnerable online attacks commonly occurs in web applications and providing solution for preventing such attacks by using penetration tool BACKTRACK. The testin...
Weinberger, Joel Howard Willis
Web applications are generally more exposed to untrusted user content than traditional applications. Thus, web applications face a variety of new and unique threats, especially that of content injection. One method for preventing these types of attacks is web applicationsecurity policies. These policies specify the behavior or structure of the web application. The goal of this work is twofold. First, we aim to understand how security policies and their systems are currently applied to web app...
Stavros Ioannis Valsamidis
Full Text Available The usage of web applications can be measured with the use of metrics. In a LMS, a typical web application, there are no appropriate metrics which would facilitate their qualitative and quantitative measurement. The purpose of this paper is to propose the use of existing techniques with a different way, in order to analyze the log file of a typical LMS and deduce useful conclusions. Three metrics for course usage measurement are used. It also describes two algorithms for course classification and suggestion actions. The metrics and the algorithms and were in Open eClass LMS tracking data of an academic institution. The results from 39 courses presented interest insights. Although the case study concerns a LMS it can also be applied to other web applications such as e-government, e-commerce, e-banking, blogs e.t.c.
Full Text Available The web applications development has experienced an explosive growth in variety and complexity during the past decade. Most web-based applications are modelled as three tier architecture, the client side experience remaining virtually unchanged, while server-side is updated. However, client-side architecture can change with unexpected results. Consequently, testing procedures should support continue improvements to pursue the current trends and technology. This paper presents an automated tool for testing client-side component of web applications. The testing data is extracted using a crawler. Adopting several procedures, the general aspect of the page is analysed (CSS regression testing. All of the content is tested, including links, images, forms, and scripts. The resulted test cases are automatically created, leaving the user with the option to decide over their usage.
We provide a description of work at the National Aeronautics and Space Administration (NASA) on building system based on semantic-web concepts and technologies. NASA has been one of the early adopters of semantic-web technologies for practical applications. Indeed there are several ongoing 0 endeavors on building semantics based systems for use in diverse NASA domains ranging from collaborative scientific activity to accident and mishap investigation to enterprise search to scientific information gathering and integration to aviation safety decision support We provide a brief overview of many applications and ongoing work with the goal of informing the external community of these NASA endeavors.
When developing web applications we often use prototyping. Prototyping allows us to involve end users of an application in early stages of development process, which can have positive effects on process itself. The correct interpretation of user feedback can avoid potential problems during development. The problem that often occurs in practice, are too simple prototypes that do not provide good simulation of the final application. One of the main principles of prototyping is rapid implementat...
Near, Joseph Paul; Jackson, Daniel
Derailer is an interactive tool for finding security bugs in web applications. Using symbolic execution, it enumerates the ways in which application data might be exposed. The user is asked to examine these exposures and classify the conditions under which they occur as security-related or not; in so doing, the user effectively constructs a specification of the application's security policy. The tool then highlights exposures missing security checks, which tend to be security bugs. We have...
Shams, Khawaja; Norris, Jeff
This slide presentation accompanies a tutorial on the ReSTful (Representational State Transfer) web application. Using Open Services Gateway Initiative (OSGi), ReST uses HTTP protocol to enable developers to offer services to a diverse variety of clients: from shell scripts to sophisticated Java application suites. It also uses Eclipse for the rapid development, the Eclipse debugger, the test application, and the ease of export to production servers.
Full Text Available Recent advances in computing systems have led to a new digital era in which every area of life is nearlyinterrelated with information technology. However, with the trend towards large-scale IT systems, a newchallenge has emerged. The complexity of IT systems is becoming an obstacle that hampers themanageability, operability, and maintainability of modern computing infrastructures. Autonomiccomputing popped up to provide an answer to these ever-growing pitfalls. Fundamentally, autonomicsystems are self-configuring, self-healing, self-optimizing, and self-protecting; hence, they can automate allcomplex IT processes without human intervention. This paper proposes an autonomic HTML web-interfacegenerator based on XML Schema and Style Sheet specifications for self-configuring graphical userinterfaces of web applications. The goal of this autonomic generator is to automate the process ofcustomizing GUI web-interfaces according to the ever-changing business rules, policies, and operatingenvironment with the least IT labor involvement. The conducted experiments showed a successfulautomation of web interfaces customization that dynamically self-adapts to keep with the always-changingbusiness requirements. Future research can improve upon the proposed solution so that it supports the selfconfiguringof not only web applications but also desktop applications.
Doru Anastasiu Popescu; Maria Catrinel Dănăuţă
In this paper, we are trying to introduce a method of selection of some web pages from a web application, which will be verified by using different validating mechanisms. The number of selected web pages cannot be higher than a previously established constant. The method of selection of these web pages must assure the highest possible quality of the verification of the entire application. The error detection of these web pages will automatically lead to the error detection in other pages. Thi...
Takao Shimomura; Quan Liang Chen
This paper presents high-level functional Web components such as frames, framesets, and pivot tables, which conventional development environments for Web applications have not yet supported. Frameset Web components provide several editing facilities such as adding, deleting, changing, and nesting of framesets to make it easier to develop Web applications that use frame facilities. Pivot table Web components sum up various kinds of data in two dimensions. They reduce the amount of code to be w...
Full Text Available A web application uses two words “web” and “application”.Where web means web browser and application meanscomputer software. Web browser is used to search theinformation on the World Wide Web i.e. www or on Internet,where as application is used to solve the single or multiple tasks,depending on the type of application. In this way, we can saythat a web application is computer software to perform single ormultiple tasks on the computer network using web browser.Now, the questions arise for the developer of “web application”,if we develop a web application then how to sell it and how wewill get the maximum profit from its marketing. Is there anyway? There are many ways to market web application by usingcommercial advertisement, trail version, Beta Version,Promotional Launch, by a customize version such as desktopapplication, browser application etc. These are the old methodof marketing “web application” The new and modern method ofmarketing a “Web application” is as a cloud computing (SaaSbecause it is accessed by web browser and used to solve singleor multiple task with very low cost except hosted on centralserver while web application may be hosted on different servers.The cost, security, maintenances and speed are the main benefitof marketing of web application as Cloud Computingapplication.
The best way to learn anything is by doing. The author uses a friendly tone and fun examples to ensure that you learn the basics of application development. Once you have read this book, you should have the necessary skills to build your own applications.If you have no experience but want to learn how to create applications in HTML5, this book is the only help you'll need. Using practical examples, HTML5 Web Application Development by Example will develop your knowledge and confidence in application development.
Ramón Voces Merayo
Se presenta en primer lugar una introducción sobre la creación y la ejecución de aplicaciones web accesibles para continuar analizando las problemáticas de accesibilidad de las Rich Internet Applications y las soluciones que ofrecen las WAI-ARIA.
Ossenbruggen, J.R. van; Amin, A.K.; Hildebrand, M.
This position paper discusses our experience in evaluating our cultural search and annotation engine. We identify three aspects that determine the quality of a semantic web application as a whole, namely: the quality of data set, the quality of underlying search and inference software and the qualit
Web-based applications for academic education facilitate, usually, exchange of multimedia files, while design-oriented domains such as architectural and urban design require additional support in collaborative real-time drafting and modeling. In this context, multi-user interactive interfaces employ
If you are a Node.js developer who wants to take your Express skills to the next level and develop high performing, reliable web applications using best practices, this book is ideal for you. The only prerequisite is knowledge of Node.js.
Bassil, Youssef; 10.5121/ijwest.2012.3104
Recent advances in computing systems have led to a new digital era in which every area of life is nearly interrelated with information technology. However, with the trend towards large-scale IT systems, a new challenge has emerged. The complexity of IT systems is becoming an obstacle that hampers the manageability, operability, and maintainability of modern computing infrastructures. Autonomic computing popped up to provide an answer to these ever-growing pitfalls. Fundamentally, autonomic systems are self-configuring, self-healing, self-optimizing, and self-protecting; hence, they can automate all complex IT processes without human intervention. This paper proposes an autonomic HTML web-interface generator based on XML Schema and Style Sheet specifications for self-configuring graphical user interfaces of web applications. The goal of this autonomic generator is to automate the process of customizing GUI web-interfaces according to the ever-changing business rules, policies, and operating environment with th...
Thuraisingham, Bhavani; Clifton, Chris; Gupta, Amar; Bertino, Elisa; Ferrari, Elena
This paper provides directions for web and e-commerce applications security. In particular, access control policies, workflow security, XML security and federated database security issues pertaining to the web and ecommerce applications are discussed.
Web engineering is the application of systematic and quantifiable approaches (concepts, methods, techniques, tools) to cost-effective requirements analysis, design, implementation, testing, operation, and maintenance of high quality web applications. Over the past years, Content Management Systems (
A framework and process that explains how to perform security regression testing for web applications. This paper discusses and proposes a framework based on open source tools that can be used to perform automated security regression testing of web applications.
Ong, Kenneth R
"Just-in-time" database-driven Web applications are inexpensive, quickly-developed software that can be put to many uses within a health care organization. Database-driven Web applications garnered 73873 hits on our system-wide intranet in 2002. They enabled collaboration and communication via user-friendly Web browser-based interfaces for both mission-critical and patient-care-critical functions. Nineteen database-driven Web applications were developed. The application categories that compri...
Boni García; Juan Carlos Dueñas
Web applications are becoming more and more complex. Testing such applications is an intricate hard and time-consuming activity. Therefore, testing is often poorly performed or skipped by practitioners. Test automation can help to avoid this situation. Hence, this paper presents a novel approach to perform automated software testing for web applications based on its navigation. On the one hand, web navigation is the process of traversing a web application using a browser. On the other hand, f...
Full Text Available The Semantic Web is a project and vision of the World WideWeb Consortium to extend the current Web, so that informationis given a well-defined meaning and structure, enhancingcomputers and people to work in cooperation. Semantic webmining is the combination of web mining and semantic web. Theknowledge of semantic web makes web mining easier to achieveand can also improve the effectiveness of web mining. Semanticweb mining technologies are being added to enterprise solutionsto accommodate new techniques for discovering relationshipsacross different database, business applications and Webservices. Since this is an interdisciplinary concept in bothengineering and management; we first review web mining,semantic web, semantic web mining and finally propose anapplication of semantic web mining in human resourcemanagement.
HAN Yanbo; LI Juanzi; YANG Nan; LIU Qing; XU Baowen; MENG Xiaofeng
The fourth international conference on Web information systems and applications (WISA 2007) has received 409 submissions and has accepted 37 papers for publication in this issue.The papers cover broad research areas, including Web mining and data warehouse, Deep Web and Web integration, P2P networks,text processing and information retrieval, as well as Web Services and Web infrastructure. After briefly introducing the WISA conference, the survey outlines the current activities and future trends concerning Web information systems and applications based on the papers accepted for publication.
Since the first Web page went online in 1990, the rapid development of the World Wide Web has been continuously influencing the way we manage and acquire personal or corporate information. Nowadays, the WWW is much more than a static information medium, which it was at the beginning. The expressive power of modern programming languages is at the full disposal of Web application developers, who continue to surprise Web users with innovative applications having feature sets and complexity, whic...
Boneh, Dan; Erlingsson, Ulfar; Johns, Martin; Livshits, Benjamin
From 29th March to 3rd April 2009 the Dagstuhl Seminar 09141 Web Application Security was held in Schloss Dagstuhl -- Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar are put together in this paper. Links to full papers (if available) are provided in the corresponding seminar summary document.
Web sites are no longer used only for presentations of companies and their products. More and more modern web sites are dynamic, for example online shopping and other user interactions. Migration of information systems to the web results in large and complex applications. Implementation of comprehensive applications requires technology, that provides rapid development, quality product and efficient and cost effective maintenance. This work presents web application development using PHP script...
R. Suguna; T. Kujani; N. Suganya; Krishnaveni, C.
Nowadays internet is loaded with tons of innovative web applications. This instantaneous growth has paved way for a number of security exposures. Cross Site Scripting attacks (XSS), SQL Injection (SQLI) and Malicious File Execution (MFE) are the foremost web related vulnerabilities reported by Open Web Application Security Project (OWASP). The attackers take advantage of the vulnerabilities in the code of the web applications and engage in activities such as data breach, cookies stealing and ...
Full Text Available This paper presents an overview about the evaluation of risks and vulnerabilities in a web based distributed application by emphasizing aspects concerning the process of security assessment with regards to the audit field. In the audit process, an important activity is dedicated to the measurement of the characteristics taken into consideration for evaluation. From this point of view, the quality of the audit process depends on the quality of assessment methods and techniques. By doing a review of the fields involved in the research process, the approach wants to reflect the main concerns that address the web based distributed applications using exploratory research techniques. The results show that many are the aspects which must carefully be worked with, across a distributed system and they can be revealed by doing a depth introspective analyze upon the information flow and internal processes that are part of the system. This paper reveals the limitations of a non-existing unified security risk assessment model that could prevent such risks and vulnerabilities debated. Based on such standardize models, secure web based distributed applications can be easily audited and many vulnerabilities which can appear due to the lack of access to information can be avoided.
Møller, Anders; Schwarz, Mathias Romme
Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server-oriented arch...... services.The resulting framework provides a novel foundation for developing maintainable and secure web applications.......Although numerous frameworks for web application programming have been developed in recent years, writing web applications remains a challenging task. Guided by a collection of classical design principles, we propose yet another framework. It is based on a simple but flexible server......-oriented architecture that coherently supports general aspects of modern web applications, including dynamic XML construction, session management, data persistence, caching, and authentication, but it also simplifies programming of server-push communication and integration of XHTML-based applications and XML-based web...
Full Text Available Electronic Commerce over the Internet, aims to become a global conveyor belt of business transactions. Web applications of increasing sophistication emerge in almost every business sector, reflecting a variety of technical and technological approaches. In this paper we argue that system developers need to reconsider their professional practices in the context of these new technologies by taking advantage of opportunities like short response cycles and easy diffusion of systems results, while they recognise the limitations of traditional practice. We discuss a framework of IS development issues for Internet based applications and propose guidelines towards new development practices.
XU Lei; XU Baowen
Forms enhance both the dynamic and interactive abilities of Web applications and the system complexity. And it is especially important to test forms completely and thoroughly. Therefore, this paper discusses how to carry out the form testing by different methods in the related testing phases. Namely, at first, automatically abstracting forms in the Web pages by parsing the HTML documents; then, obtaining the testing data with a certain strategies, such as by requirement specifications, by mining users' before input information or by recording mechanism; and next executing the testing actions automatically due to the well-formed test cases; finally, a case study is given to illustrate the convenient and effective of these methods.
Full Text Available Security is the essential and important topic in web applications. The choice of communication made the web technology a essential one in the environment. The importance of web application and its securityincreasing day by day, but traditional networks fails to provide security for web application. This paper discuss about some of the vulnerable online attacks commonly occurs in web applications and providing solution for preventing such attacks by using penetration tool BACKTRACK. The testing aspect of vulnerabilities is carried out for SQL injection. The various methodologies are also discussed.
Full Text Available Web applications are used in academic institutions, such as universities, for variety of purposes. Since these web pages contain critical information, securing educational systems is as important as securing any banking system. It has been found that many academic institutions have not fully secured their web pages against some class of vulnerabilities. In this empirical study, these vulnerabilities are focused and their existences in the web sites of the academic institutions are shown. The degree of securing web pages in education systems is measured. The differences among academic institutions on protecting their web applications are discussed. Recommendation on ways of protecting websites is addressed.
Full Text Available Mobile applications are becoming increasingly used because of the multitude of existing mobile devices. Mobile application development becomes more complex. For mobile devices there are native applications that run directly on the device, web applications accessed via mobile browsers and hybrid applications. Mobile Application Development in any form should be made with quality assurance since when determining the target group and the application architecture. Management of mobile application development is the result obtained and the quality of applications developed in the decisions taken. In this paper decisions made in the development of mobile web applications are presented and how this mobile web application is used by the students.
Rose, Alexander S.; Hildebrand, Peter W.
The NGL Viewer (http://proteinformatics.charite.de/ngl) is a web application for the visualization of macromolecular structures. By fully adopting capabilities of modern web browsers, such as WebGL, for molecular graphics, the viewer can interactively display large molecular complexes and is also unaffected by the retirement of third-party plug-ins like Flash and Java Applets. Generally, the web application offers comprehensive molecular visualization through a graphical user interface so tha...
Full Text Available Growth of web applications has facilitated the humanity almost in all aspects of life especially e-health, e-business and e-communication but this application are exposed for web attacks, unauthorized access, evil intentions and treacherous engagements. Various strategies have been formulated over a period of time in the form of intrusion detection system, encryption devices, and firewalls but still proved to be ineffective. In this paper, we have proposed a system having semantic architecture that is capable of performing detection semantically in the context of HTTP protocol, the data, and the target application. The knowledgebase of the system is the ontological representation of communication protocol, attacks data and the application profile that can be refined and expanded over time. Unlike traditional signature base approach, the semantic architecture analysis the HTTP request with the help of semantic rules and inferred knowledge after reasoning of knowledgebase through Inference engine. Non signature based approach of the system enhance the capability of the system to detect the unknown attacks with low false positive rate. The system is evaluated by comparing with existing open source solutions and showing significant improvement in term of detection ability with low alarm rate
屈春燕; 叶洪; 刘治
The paper first introduces the concepts, method and recent development of WebGIS technology, then discusses the functionality and application prospect of WebGIS in the field of seismological study, finally the paper gives a presentation on application of WebGIS to seismological study and constructs a WebGIS information system for seismological study by using GIS component MO/MOIMS. The system based on Browser/Server architecture can implements the sharing of spatial data and GIS applications and partly collaborating work. This WebGIS solution has important significance for seismological study and deserves to further research.
Symfony is a high performance PHP framework for developing MVC web applications. Symfony1 allowed for ease of use but its shortcoming was the difficulty of extending it. However, this difficulty has now been eradicated by the more powerful and extensible Symfony2. Information on more advanced techniques for extending Symfony can be difficult to find, so you need one resource that contains the advanced features in a way you can understand. This tutorial offers solutions to all your Symfony extension problems. You will get to grips with all the extension points that Symfony, Twig, and Doctrine o
@@ 0 Introduction The surprising growth of the Internet, coupled with the rapid development of Web technique and more and more emergence of web information system and application, is bring great opportunities and big challenges to us. Since the Web provides cross-platform universal access to resources for the massive user population, even greater demand is requested to manage data and services effectively.
The mobile industry has seen tremendous growth over the last decade, with both mobile hardware and software rapidly improving. This opens up new possibilities for mobile applications and allows them to expand into areas that were previously reserved for desktop applications. One of these fields is web analytics, which Vizzit wishes to explore by creating a prototype mobile web analytics application. This master thesis project investigates whether mobile devices are a suitable platform for web...
The thesis describes the development of a web application for rating subsidized students meals providers. It describes development technologies and tools used, required functionality, development process and final functionality of the application. We also focused on responsive web design, so that the application can also be used on smart handheld devices. While developing we focused on Node.js platform enriched with Express.js framework and other web technologies such as: Jade, Bootstrap and ...
A web-based application for a simplified assessment of seismic vulnerability of masonry buildings is described in the thesis. In the first part, a brief overview of earthquake engineering is given. Follow a description of seismic response of masonry buildings and the overview of the construction types of such buildings. The last chapter of theoretical part of the thesis deals with pros and cons of the web applications and with a brief general description of the development of web applications...
Web applications are widely adopted and their correct functioning is mission critical for many businesses. Online banking, emails, eshopping, has become an integral part of today’s life. Vulnerabilities in web application can lead to a variety of erroneous behavior at dynamic run time. We encounter the problem of forceful browsing in many web applications, username enumeration can help an attacker who attempts to use guessable passwords, such as test/test, admin/admin, guest/guest, and so on....
Van Deursen, A.; Mesbah, A.; Nederlof, A.
In this paper we review five years of research in the field of automated crawling and testing of web applications. We describe the open source Crawljax tool, and the various extensions that have been proposed in order to address such issues as cross-browser compatibility testing, web application regression testing, and style sheet usage analysis. Based on that we identify the main challenges and future directions of crawl-based testing of web applications. In particular, we explore ways to re...
Deenadayalan, T.; Kavitha, V.; S.Rajarajeswari
The increasing demand for reliable Web applications gives a central role to Web testing. Most of the existing works are focused on the definition of novel testing techniques, specifically tailored to the Web. However, no attempt was carried out so far to understand the specific nature of Web faults. This paper presents a user session based testing technique that clusters user sessions based on the service profile and selects a set of representative user sessions from each cluster and tailored...
Mohamed Al-Ibrahim; Yousef Shams Al-Deen
Web applications are used in academic institutions, such as universities, for variety of purposes. Since these web pages contain critical information, securing educational systems is as important as securing any banking system. It has been found that many academic institutions have not fully secured their web pages against some class of vulnerabilities. In this empirical study, these vulnerabilities are focused and their existences in the web sites of the academic institutions are shown. The ...
Full Text Available Digital library system contributes the development of digital resource digital resource that can be accessed via the Internet. Librarymanagement system contributed to the development of automation membership data processing, circulation and cataloging. In this thesisis to develop a new concept of digital library systems and library management system by integrating these two systems architecture. Integration architecture implemented by inserting component library management system into the digital library system architecture. Web application technology required for these components in order to be integrated with the digital library system components. The newsystem has the advantage of this development application utilization of borrowing, membership and kataloging to a sharable over the internet, so applications that can be used together. Information can be delivered between the library catalog, without leaving the digitallibrary function in the utilization of shared digital resources derived from uploading by each librarian.Keywords : Digital library system; Library management system; Web application
Itoh, Yuji; Urushihata, Toshiya; Sakuma, Toru; Ikemune, Sachiko; Tojo, Masanori; Miyake, Teruhisa; Takahashi, Hiroshi; Ohkoshi, Norio; Ishizuka, Kazushige; Ono, Tsukasa
This report describes a Web application intended for visually impaired users. Today hundreds of millions of peoplebenefit from the Internet (or the World Wide Web), which is the greatest source of information in the world. The World WideWeb Consortium (W3C) has set the guidelines for Web content accessibility, which allows visually impaired people to accessand use Web contents. However, many of Web sites do not yet follow these guidelines. Thus, we propose a Web applicationsystem that collect...
Full Text Available Because web applications are complex software systems in constant evolution, they become real targets for hackers as they provide direct access to corporate or personal data. Web application security is supposed to represent an essential priority for organizations in order to protect sensitive customer data, or those of the employees of a company. Worldwide, there are many organizations that report the most common types of attacks on Web applications and methods for their prevention. While the paper is an overview, it puts forward several typical examples of web application vulnerabilities that are due to programming errors; these may be used by attackers to take unauthorized control over computers.
Lo, Moussa; Gandon, Fabien
We present our experiment in integrating semantic web services in the existing semantic web server architecture used by the ACACIA team to implement corporate memories. We rely on CORESE, a semantic web search engine, to provide web applications based on the semantic web services it can identify. Thus, CORESE is used as a semantic UDDI registry and allows us to automatically discover and invoke corporate applications wrapped into semantically annotated web services. Using rules and an extensi...
Full Text Available Web application has been popular in various fields of social life.It becomes more and more important to study the reliability of Web application.In this paper the definition of Web application failure is firstly brought out,and then the definition of Web application reliability.By analyzing data in the IIS server logs and selecting corresponding usage and information delivery failure data,the paper study the feasibility of Web application reliability assessment from the perspective of Web software system based on IIS server logs.Because the usage for a Web site often has certain regularity,a new measurement of workload in Web application reliability assessment is raised.In this method,the unit is removed by weighted average technique;and the weights are assessed by setting objective function and optimization.Finally an experiment was raised for validation.The experiment result shows the assessment of Web application reliability base on the new workload is better.
Cheung David W
Full Text Available Abstract Background Very often genome-wide data analysis requires the interoperation of multiple databases and analytic tools. A large number of genome databases and bioinformatics applications are available through the web, but it is difficult to automate interoperation because: 1 the platforms on which the applications run are heterogeneous, 2 their web interface is not machine-friendly, 3 they use a non-standard format for data input and output, 4 they do not exploit standards to define application interface and message exchange, and 5 existing protocols for remote messaging are often not firewall-friendly. To overcome these issues, web services have emerged as a standard XML-based model for message exchange between heterogeneous applications. Web services engines have been developed to manage the configuration and execution of a web services workflow. Results To demonstrate the benefit of using web services over traditional web interfaces, we compare the two implementations of HAPI, a gene expression analysis utility developed by the University of California San Diego (UCSD that allows visual characterization of groups or clusters of genes based on the biomedical literature. This utility takes a set of microarray spot IDs as input and outputs a hierarchy of MeSH Keywords that correlates to the input and is grouped by Medical Subject Heading (MeSH category. While the HTML output is easy for humans to visualize, it is difficult for computer applications to interpret semantically. To facilitate the capability of machine processing, we have created a workflow of three web services that replicates the HAPI functionality. These web services use document-style messages, which means that messages are encoded in an XML-based format. We compared three approaches to the implementation of an XML-based workflow: a hard coded Java application, Collaxa BPEL Server and Taverna Workbench. The Java program functions as a web services engine and interoperates
IBM WebSphere Application Server 8.0 Administration Guide is a highly practical, example-driven tutorial. You will be introduced to WebSphere Application Server 8.0, and guided through configuration, deployment, and tuning for optimum performance. If you are an administrator who wants to get up and running with IBM WebSphere Application Server 8.0, then this book is not to be missed. Experience with WebSphere and Java would be an advantage, but is not essential.
Electron antineutrinos stream freely from rapidly decaying fission products within nuclear reactors and from long-lived radioactivity within Earth. Those with energy greater than 1.8 MeV are regularly observed by several kiloton-scale underground detectors. These observations estimate the amount of terrestrial radiogenic heating, monitor the operation of nuclear reactors, and measure the fundamental properties of neutrinos. The analysis of antineutrino observations at operating detectors or the planning of projects with new detectors requires information on the expected signal and background rates. We present a web application for modeling global antineutrino energy spectra and detection rates for any surface location. Antineutrino sources include all registered nuclear reactors as well as the crust and mantle of Earth. Visitors to the website may model the location and power of a hypothetical nuclear reactor, copy energy spectra, and analyze the significance of a selected signal relative to background.
XU Bao-wen; XU Lei; MENG Xiao-feng; YU Ge; LU Zheng-ding; HE Yan-xiang; SHEN Jun-yi
@@ 0 Introduction World Wide Web (WWW) has given rise to phenomenal growth in Web information systems and applications. And the Internet transcends national and geographical boundaries and has brought about unprecedented opportunities for software deployment to satisfy the application needs of all walks of life. Since the Web provides cross-platform universal access to resources for the massive user population, even greater demand is proposed to manage data and information effectively.
Ferreira, Nelson Bruno Tavares
The possibility of displaying high performance 3D accelerated graphics in the browser is seen as an obstacle to the conversion of applications to the web. The release of WebGL made Web3D gain new strength to overcome that obstacle. Architecture, Engineering and Construction (AEC) tools are a type of applications that could benefit with this advance. In the AEC industry, there is a standard candidate for Building Information Modelling (BIM), called Industry Foundation Classes (I...
Duquennoy, Simon; Grimaud, Gilles; Vandewalle, Jean-Jacques
Embedded systems such as smart cards or sensors are now widespread, but are often closed systems, only accessed via dedicated terminals. A new trend consists in embedding Web servers in small devices, making both access and application development easier. In this paper, we propose a TCP performance model in the context of embedded Web servers, and we introduce a taxonomy of the contents possibly served by Web applications. The main idea of this paper is to adapt the communication stack behavi...
García, Boni; 10.4204/EPTCS.61.4
Web applications are becoming more and more complex. Testing such applications is an intricate hard and time-consuming activity. Therefore, testing is often poorly performed or skipped by practitioners. Test automation can help to avoid this situation. Hence, this paper presents a novel approach to perform automated software testing for web applications based on its navigation. On the one hand, web navigation is the process of traversing a web application using a browser. On the other hand, functional requirements are actions that an application must do. Therefore, the evaluation of the correct navigation of web applications results in the assessment of the specified functional requirements. The proposed method to perform the automation is done in four levels: test case generation, test data derivation, test case execution, and test case reporting. This method is driven by three kinds of inputs: i) UML models; ii) Selenium scripts; iii) XML files. We have implemented our approach in an open-source testing fra...
This paper analyzes the Web and raises a significant question: "Does the Web save the time of the users?" This question is analyzed in the context of Five Laws of the Web. What do these laws mean? The laws are meant to be elemental, to convey a deep understanding and capture the essential meaning of the World Wide Web. These laws may seem simplistic, but in fact they express a simple, crystal-clear vision of what the Web ought to be. Moreover, we intend to echo the simplicity of Ranganathan's...
Fatemeh Amoohosseini; Tahereh Aziminia
This paper analyzes the Web and raises a significant question: Does the Web save the time of the users? This question is analyzed in the context of Five Laws of the Web. What do these laws mean? The laws are meant to be elemental, to convey a deep understanding and capture the essential meaning of the World Wide Web. These laws may seem simplistic, but in fact they express a simple, crystal-clear vision of what the Web ought to be. Moreover, we intend to echo the simplicity of Ranganathans Fi...
Lin, Sally; Second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012)
ECWAC2012 is an integrated conference devoted to Electronic Commerce, Web Application and Communication. In the this proceedings you can find the carefully reviewed scientific outcome of the second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012) held at March 17-18,2012 in Wuhan, China, bringing together researchers from all around the world in the field.
Mesbah, A.; Van Deursen, A.; Roest, D.
AJAX-based Web 2.0 applications rely on stateful asynchronous client/server communication, and client-side run-time manipulation of the DOM tree. This not only makes them fundamentally different from traditional web applications, but also more error-prone and harder to test. We propose a method for
Lin, Sally; Second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012)
ECWAC2012 is an integrated conference devoted to Electronic Commerce, Web Application and Communication. In the this proceedings you can find the carefully reviewed scientific outcome of the second International Conference on Electronic Commerce, Web Application and Communication (ECWAC 2012) held at March 17-18,2012 in Wuhan, China, bringing together researchers from all around the world in the field.
Van Deursen, A.; Mesbah, A.; Nederlof, A.
In this paper we review five years of research in the field of automated crawling and testing of web applications. We describe the open source Crawljax tool, and the various extensions that have been proposed in order to address such issues as cross-browser compatibility testing, web application reg
Gómez Pérez, Asunción; Euzenat, Jérôme
This book constitutes the refereed proceedings of the Second European Semantic Web Conference, ESWC 2005, heldin Heraklion, Crete, Greece in May/June 2005. The 48 revised full papers presented were carefully reviewed and selected from 148 submissions. The papers are organized in topical sections on semantic Web services, languages, ontologies, reasoning and querying, search and information retrieval, user and communities, natural language for the semantic Web, annotation tools, and semantic W...
Glisson, W.B.; Glisson, L.M.; Welland, R.
The World Wide Web (WWW) has been predominantly responsible for instigating radical paradigm transformations in today’s global information rich civilizations. Many societies have basic operational economical components that depend on Web enabled systems in order to support daily commercial activities. The acceptance of E-commerce as a valid channel for conducting business coupled with societal integration and dependence on Web enabled technology has instigated the development of local, nation...
Written as a practical, step-by-step tutorial, Creating HTML5 Apps with SproutCore is full of engaging examples to help you learn in a practical context.This book is for any person looking to write software for the Web or already writing software for the Web. Whether your background is in web development or in software development, Creating HTML5 Apps with SproutCore will help you expand your skills so that you will be ready to apply the software development principles in the web development space.
You, Guohua; Zhao, Ying
More and more web servers adopt multi-core CPUs to improve performance because of the development of multi-core technology. However, web applications couldn't exploit the potential of multi-core web server efficiently because of traditional processing algorithm of requests and scheduling strategies of threads in O/S. In this paper, a new web-based application optimization model was proposed, which could classify and schedule the dynamic requests and static requests on scheduling core, and process the dynamic requests on the other cores. By this way, a simulation program, which is called SIM, was developed. Experiments have been done to validate the new model, and the results show that the new model can effectively improve the performance of multi-core web servers, and avoid the problems of ping-pong effect.
Mulone, Pablo Martin; Gordon, Richard
This is a cookbook and you may read the chapters in any order. The recipes need not be read sequentially. There are a good amount of code examples and relevant screenshots to ease learning pains. The target audience are Python developers with basic knowledge of web2py who want to gain further knowledge of web2py
Darwin, Peter Bacon
Full Text Available Web service is a technological solution for software interoperability that supports the seamless integration of diverse applications. In the vision of web service architecture, web services are described by the Web Service Description Language (WSDL, discovered through Universal Description, Discovery and Integration (UDDI and communicate by the Simple Object Access Protocol (SOAP. Such a divination has never been fully accomplished yet. Although it was criticized that WSDL only has a syntactic definition of web services, but was not semantic, prior initiatives in semantic web services did not establish a correct methodology to resolve the problem. This paper examines the distinction and relationship between the syntactic and semantic definitions for web services that characterize different purposes in service computation. Further, this paper proposes that the semantics of web service are neutral and independent from the service interface definition, data types and platform. Such a conclusion can be a universal law in software engineering and service computing. Several use cases in the GIScience application are examined in this paper, while the formalization of geospatial services needs to be constructed by the GIScience community towards a comprehensive ontology of the conceptual definitions and relationships for geospatial computation. Advancements in semantic web services research will happen in domain science applications.
Hisham M. Haddad; Brunil D. Romero
As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in sec...
Albonico, Michel; Mottu, Jean-Marie; Sunyé, Gerson
Web applications are often exposed to unpredictable workloads, which make infrastructure resource management difficult. Resource may be overused when the workload is high and underused when the workload is low. A solution to deal with unpredictable workloads is to migrate web applications to cloud computing infrastructures, where resources vary according to demand. Since resource variations happen during the application life cycle, adaptation tasks must be performed at runtime. The resource v...
“Kunnan Taitoa Oy”, a Finnish municipal financial expert, commissioned to upgrade its financial simulation tool from its current spreadsheet status to a web application. The principles of Open source served as the foundation of software development for a team of Haaga-Helia students who participated in the project ‘Taitoa’. The project aimed to deliver the working version of the web application. This thesis documents the process of application development and the thesis itself is a project-b...
Dutta, Joy; Fodor, Paul
Designing a web-application from a specification involves a series of well-planned and well executed steps leading to the final product. This often involves critical changes in design while testing the application, which itself is slow and cumbersome. Traditional approaches either fully automate the web-application development process, or let developers write everything from scratch. Our approach is based on a middle-ground, with precise control on the workflow and usage of a set of custom-ma...
Doru E. TILIUTE
Alin Zamfiroiu2; Bogdan Vintila
Mobile applications are becoming increasingly used because of the multitude of existing mobile devices. Mobile application development becomes more complex. For mobile devices there are native applications that run directly on the device, web applications accessed via mobile browsers and hybrid applications. Mobile Application Development in any form should be made with quality assurance since when determining the target group and the application architecture. Management of mobile application...
Artz, John M.
Explains that a corporate Web application is a corporate information system that uses World Wide Web technology to provide access to a variety of corporate information resources for internal and external users in geographically distributed locations. Top-down development is explained, and design requirements are discussed. (Author/LRW)
The main purpose of this paper is to study the process of Web mining techniques, features, application ( e-commerce and e-business) and its beneficial areas. Web mining has become more popular and its widely used in varies application areas (such as business intelligent system, e-commerce and e-business). The e-commerce or e-business results are bettered by the application of the mining techniques such as data mining and text mining, among all the mining techniques web mining is better.
The purpose of this thesis work was to learn a new PHP framework and use it efficiently to build an eCommerce web application for a small start-up freelancing company that will let potential customers check products by category and pass orders securely. To fulfil this set of requirements, a system consisting of a web application with a backend was designed and implemented using built in Laravel features such as Composer, Eloquent, Blade and Artisan and a WAMP stack. The web application wa...
The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack technique
Full Text Available The main purpose of this paper is to study the process of Web mining techniques, features, application ( e-commerce and e-business and its beneficial areas. Web mining has become more popular and its widely used in varies application areas (such as business intelligent system, e-commerce and e-business. The e-commerce or e-business results are bettered by the application of the mining techniques such as data mining and text mining, among all the mining techniques web mining is better.
Full Text Available This paper presents the RMatlab-app2web tool which enables the use of R or MATLAB scripts as CGI programs for generating dynamic web content. RMatlab-app2web is highly adjustable. It can be run on both, Windows and Unix-like systems. CGI scripts written in PHP take information entered on web-based forms on the client browser, pass it to R or MATLAB on the server and display the output on the client browser. Adjustable to the servers requirements, the data transfer procedure can use either the GET or the POST routine. The application allows to call R or MATLAB to run previously written scripts. It does not allow to run completely flexible user code. We run a multivariate OLS regression to demonstrate the use of the RMatlab-app2web tool.
Taye, Mohammad Mustafa
Semantic Web is actually an extension of the current one in that it represents information more meaningfully for humans and computers alike. It enables the description of contents and services in machine-readable form, and enables annotating, discovering, publishing, advertising and composing services to be automated. It was developed based on Ontology, which is considered as the backbone of the Semantic Web. In other words, the current Web is transformed from being machine-readable to machine-understandable. In fact, Ontology is a key technique with which to annotate semantics and provide a common, comprehensible foundation for resources on the Semantic Web. Moreover, Ontology can provide a common vocabulary, a grammar for publishing data, and can supply a semantic description of data which can be used to preserve the Ontologies and keep them ready for inference. This paper provides basic concepts of web services and the Semantic Web, defines the structure and the main applications of ontology, and provides ...
Samir Zidat; Mahieddine Djoudi
The use of the web in languages learning has been developed at very high speed these last years. Thus, we are witnessing many research and development projects set in universities and distance learning programs. However, the interest in research related to writing competence remains relatively low. Our proposed research examines the use of the web for studying English as a second foreign language at an Algerian university. One focus is on pedagogy: therefore, a major part of our research is o...
Writing these sorts of science archive web applications is now possible because of some significant breakthroughs in web technology over the last four years. The Web browser is no longer a glorified batch processing terminal, but an interactive environment that allows the user to have a similar experience as one might expect with an installed desktop application. Taking advantage of this technology requires a significant amount of UI design and advanced interactions with the web server. There are new levels of sophistication required to effectively develop this sort of web application. The IRSA group (NASA/IPAC Infrared Science Archive) is developing web-based software that equally takes advantage of modern technology and is designed to be reused easily. This way we can add new missions and data sets without a large programming effort while keeping the advanced interface. We can now provide true web-based FITS viewing, data overlays, and interaction without any plugins. Our tabular display allows us to filter, sort, and interact with large amounts data in ways that take advantage of the browser's power. This talk will show how we can us AJAX technology, the Google Web Toolkit (GWT), and Java to develop a data archive that is both well designed and creates a truly interactive experience.
Rose, Alexander S; Hildebrand, Peter W
The NGL Viewer (http://proteinformatics.charite.de/ngl) is a web application for the visualization of macromolecular structures. By fully adopting capabilities of modern web browsers, such as WebGL, for molecular graphics, the viewer can interactively display large molecular complexes and is also unaffected by the retirement of third-party plug-ins like Flash and Java Applets. Generally, the web application offers comprehensive molecular visualization through a graphical user interface so that life scientists can easily access and profit from available structural data. It supports common structural file-formats (e.g. PDB, mmCIF) and a variety of molecular representations (e.g. 'cartoon, spacefill, licorice'). Moreover, the viewer can be embedded in other web sites to provide specialized visualizations of entries in structural databases or results of structure-related calculations. PMID:25925569
Byun, Yanga; Han, Kyungsook
Visualizing RNA secondary structures and pseudoknot structures is essential to bioinformatics systems that deal with RNA structures. However, many bioinformatics systems use heterogeneous data structures and incompatible software components, so integration of software components (including a visualization component) into a system can be hindered by incompatibilities between the components of the system. This paper presents an XML web service and web application program for visualizing RNA sec...
This book is a step-by-step, practical tutorial with a simple approach to help you build RESTful web applications and services on the .NET framework quickly and efficiently.This book is for ASP.NET web developers who want to explore REST-based services with C# 5. This book contains many real-world code examples with explanations whenever necessary. Some experience with C# and ASP.NET 4 is expected.
This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight adaptation, the technique can be used for discovering workflow attacks on web applications.
Makiou, Abdelhamid; Begriche, Youcef; Serhrouchni, Ahmed
Injections flaws which include SQL injection are the most prevalent security threats affecting Web applications. To mitigate these attacks, Web Application Firewalls (WAFs) apply security rules in order to both inspect HTTP data streams and detect malicious HTTP transactions. Nevertheless, attackers can bypass WAF's rules by using sophisticated SQL injection techniques. In this paper, we introduce a novel approach to dissect the HTTP traffic and inspect complex SQL injection attacks. Our m...
Web applications are exposed to myriad security vulnerabilities related to malicious user string input. In order to detect such vulnerabilities in Java web applications, this project employs string constraint analysis, which approximates the values that a string variable in a program can take on. In string constraint analysis, program analysis generates string constraints -- assertions about the relationships between string variables. We design and implement a dataflow analys...
The precise and effective measure results of Web applications not only facilitate good comprehension of them, but also benefit to the macro-management of software activities, such as testing, reverse engineering, reuse, etc. The paper exploits some researches on measuring the structure complexity of Web application. Through a deep analysis of the configuration and objects' interactions of Web system, two conclusions have been drawn:①A generic Web application consists of static web page, dynamic page, component and database object;②The main interactions have only three styles, that is static link, dynamic link and call/return relation. Based on analysis and modeling of the content of a Web page (static or dynamic), complexity measure methods of both control logic of script and nesting of HTML code are further discussed. In addition, two methods for measuring the complexity of inter-page navigation are also addressed by modeling the inter-page navigation behaviors of Web application via WNG graph.
Liviu Adrian COTFAS
Full Text Available Web Service Composition allows the development of easily reconfigurable applications that can be quickly adapted to business changes. Due to the shift in paradigm from traditional systems, new approaches are needed in order to evaluate the reliability of web service composition applications. In this paper we present an approach based on intelligent agents for semiautomatic composition as well as methods for assessing reliability. Abstract web services, corresponding to a group of services that accomplishes a specific functionality are used as a mean of assuring better system reliability. The model can be extended with other Quality of Services – QoS attributes.
M. Benedetto; Corsini, M.; R. Scopigno
The recent introduction of the WebGL API for leveraging the power of 3D graphics accelerators within Web browsers opens the possibility to develop advanced graphics applications without the need for an ad-hoc plug-in. There are several contexts in which this new technology can be exploited to enhance user experience and data fruition, like e-commerce applications, games and, in particular, Cultural Heritage. In fact, it is now possible to use the Web platform to present a virtual reconstructi...
Xiang Liu; Zhi-Guang Qin; Jie Shen
With the development of wireless networks and mobile computing, more advanced applications with context-awareness and adaptability to their changing context are needed. However, building context-aware applications is difficult due to the lack of adequate infrastructure support. In this paper, a web middleware architecture for the development of context-awareness applications using near field communication (NFC) is proposed. Based on it, the efficient support for acquiring, interpreting, and accessing context is provided, and the user’s quality of experience is improved. Moreover, a mobile web middleware for the testing and full realization of NFC context-awareness applications has been developed together with two application examples.
The purpose of Enterprise Application Integration (EAI) is to enable the interoperability between two or more enterprise software systems. These systems, for example, can be an Enterprise Resource Planning (ERP) system, an Enterprise Asset Management (EAM) system or a Condition Monitoring system. Traditional EAI approach, based on point-to-point connection, is expensive, vendor specific with limited modules and restricted interoperability with other ERPs and applications. To overcome these drawbacks, the Web Service based EAI has emerged. It allows the integration without point to point linking and with less costs. Many approaches of Web service based EAI are combined with ORACLE, SAP, PeopleSoft, WebSphere, SIEBEL etc. as a system integration platform. The approach still has the restriction that only predefined clients can access the services. This means clients must know exactly the protocol for calling the services and if they don't have the access information they never can get the services. This is because these Web services are based on syntactic service description. In this paper, a semantic based EAI approach, that allows the uninformed clients to access the services, is introduced. The semantic EAI is designed with the Web services that have semantic service descriptions. The Semantic Web Services(SWS) are described in Web Ontology Language for Services(OWL-S), a semantic service ontology language, and advertised in Universal Description, Discovery and Integration (UDDI). Clients find desired services through the UDDI and get services from service providers through Web Service Description Language(WSDL)
Vitolo, C.; Buytaert, W.; El-khatib, Y.; Gemmell, A. L.; Reaney, S. M.; Beven, K.
In order to integrate natural and social science, especially in the light of current environmental legislation, efficient management and decision making requires environmental modelling to be easily accessible, portable and flexible. Deploying models as web applications is a feasible solution to some of the above issues. However migrating desktop-based modelling platforms to web based applications is not trivial. The framework in which the models are deployed should comply with worldwide accepted web standards to allow interoperability and ease exchange of information with external sources. Also the chosen models should guarantee a certain degree of flexibility to adapt the modelling exercise to different purposes. In this study we propose an innovative approach to web-modelling, developed as part of the NERC's Environmental Virtual Observatory pilot (EVOp) project for the UK. The proposed approach combines the use of Google Maps APIs to explore available data and the PyWPS implementation of the Open Geospatial Consortium Web Processing Service standard (OGC-WPS) to deploy models implemented in programming languages such as R and Python. As proof-of-concept, a web application was implemented, on the EVOp portal, to assist local communities with local flooding in the Eden catchment in Cumbria (UK). The application simulates the impact of land-use scenarios using the hydrological model Topmodel (Beven and Kirkby, 1979) implemented as a web service using the aforementioned approach. Current developments include the implementation of web applications for diffuse pollution, which adopts the Export Coefficient Model (Jones, 1996), and national flooding which utilises the hydrological model ensemble FUSE (Clark et al., 2008). Topmodel and FUSE are already exposed as stateless OGC-compliant web services. In the future we also aim to produce tools to help manage drought impacts and ecosystem services. The authors would like to thank the valuable contributions of the whole
Full Text Available The use of the web in languages learning has been developed at very high speed these last years. Thus, we are witnessing many research and development projects set in universities and distance learning programs. However, the interest in research related to writing competence remains relatively low. Our proposed research examines the use of the web for studying English as a second foreign language at an Algerian university. One focus is on pedagogy: therefore, a major part of our research is on developing, evaluating, and analyzing writing comprehension activities, and then composing activities into a curriculum. The article starts with the presentation of language skills and reading comprehension. It then presents our approach of the use of the web for learning English as a second language. Finally a learner evaluation methodology is presented. The article ends with the conclusion and future trends.
This book follows a standard tutorial-based approach which will teach you how to make a web app using R and Shiny quickly and easily.This book is for anybody who wants to produce interactive data summaries over the Web, whether you want to share them with a few colleagues or the whole world. You need no previous experience with R, Shiny, HTML, or CSS to begin using this book, although you will need at least a little previous experience with programming in a different language.
ROJAS DURÁN, GONZALO EDUARDO
Las Aplicaciones Web Adaptativas son sistemas Web que plantean una solución a esta problemática, mediante la adaptación automática del acceso a ítems de información, servicios e hiperlinks, en base a las características de los usuarios. El desarrollo de estos sistemas exige adoptar una aproximación ingenieril que facilite la especificación de las funcionalidades adaptativas a proveer, junto con las características de los usuarios en las cuales se basan dichas funcionalidades. La presente t...
Ueno; Asai; Arita
We have constructed a general framework for integrating application programs with control through a local Web browser. This method is based on a simple inter-process message function from an external process to application programs. Commands to a target program are prepared in a script file, which is parsed by a message dispatcher program. When it is used as a helper application to a Web browser, these messages will be sent from the browser by clicking a hyper-link in a Web document. Our framework also supports pluggable extension-modules for application programs by means of dynamic linking. A prototype system is implemented on our molecular structure-viewer program, MOSBY. It successfully featured a function to load an extension-module required for the docking study of molecular fragments from a Web page. Our simple framework facilitates the concise configuration of Web softwares without complicated knowledge on network computation and security issues. It is also applicable for a wide range of network computations processing private data using a Web browser. PMID:11072353
Deenadayalan, T; Rajarajeswari, S
The increasing demand for reliable Web applications gives a central role to Web testing. Most of the existing works are focused on the definition of novel testing techniques, specifically tailored to the Web. However, no attempt was carried out so far to understand the specific nature of Web faults. This paper presents a user session based testing technique that clusters user sessions based on the service profile and selects a set of representative user sessions from each cluster and tailored by augmentation with additional requests to cover the dependence relationships between web pages. The created suite not only can significantly reduce the size of the collected user sessions, also viable to exercise fault sensitive paths. The results demonstrate that our approach consistently detected the majority of known faults using a relatively small number of test cases and will be a powerful system when more and more user sessions are being clustered.
Mennatallah H. Ibrahim
Full Text Available Current geographical information applications increasingly require managing spatial data through the Web. Users of geographical information application need not only to display the spatial data but also to interactively modify them. As a result, the security risks that face geographical information applications are also increasing. In this paper, a secured framework is proposed. The proposed framework's goal is, providing a fine grained access control to web-based geographic information applications. A case study is finally applied to prove the proposed framework feasibility and effectiveness.
Tracy, Fran; Jordan, Katy
This paper draws upon the experience of an interdisciplinary research group in engaging undergraduate university students in the design and development of semantic web technologies. A flexible approach to participatory design challenged conventional distinctions between "designer" and "user" and allowed students to play a role in developing…
The objective of bachelor's thesis is to find out, how to make graphic design of mobile applications. Thesis has two parts. At the beginning is described growth of mobile application market and terms about mobile devices. After this thesis describes, what is mobile application, identify difference between native applications and mobile web sites. Last section of teoretical part is about approaches how to design mobile applications. The second part is practical. There are chosen three applicat...
The evolution of today's mobile devices increases the number of mobile applications developed, and among them the mobile learning applications. Mobile hardware and software platforms allow running of faster and richer applications. This paper presents the main steps in development of a distributed mobile learning application for Android. The client application communicates with the server using Web services. The prototype developed includes the testing module.
Full Text Available The evolution of today's mobile devices increases the number of mobile applications developed, and among them the mobile learning applications. Mobile hardware and software platforms allow running of faster and richer applications. This paper presents the main steps in development of a distributed mobile learning application for Android. The client application communicates with the server using Web services. The prototype developed includes the testing module.
Full Text Available Nowadays internet is loaded with tons of innovative web applications. This instantaneous growth has paved way for a number of security exposures. Cross Site Scripting attacks (XSS, SQL Injection (SQLI and Malicious File Execution (MFE are the foremost web related vulnerabilities reported by Open Web Application Security Project (OWASP. The attackers take advantage of the vulnerabilities in the code of the web applications and engage in activities such as data breach, cookies stealing and password theft which results in severe consequences. The major cause for these glitches is that the scripts allow the user input without scanning for pernicious contents. Several security measures on server-side also available, but they are not applied in large scale, because of the deployment difficulty. On the Client-side, usage of security software worsens the client system’s performance which in turn reduces the web surfing experience of the user. A new tool called XProber has been presented for verifying the string manipulating programs automatically. The pre and post conditions of common string functions using Push Down Automata (PDA are computed and used to identify the presence of vulnerabilities. This approach is capable of finding hefty amount of pernicious attacks in web application and prevents the attacks.
Semantic web technologies are considered to be the next wave for web technologies related with rich internet web applications, content management, and document and information management. The most promising semantic web applications for business domain are considered to be the semantic web business portals which integrate diverse business information. Because semantic web applications are working with ontologies or data vocabularies there is a need to permanently assure the links between publ...
This study aims to develop a practical tourist mobile application for tourists and local residents in the city of Edinburgh. From the market survey done by LG and Yahoo in the year 2013, it can be concluded that from the point of view of both mobile developers and users, more of the population is choosing Android than iOS or Windows smartphones. Thus, this study chooses an Android platform combined with web app technology to develop a web based, personal eating and drinking guide. A web app c...
Full Text Available Web applications are becoming more and more complex. Testing such applications is an intricate hard and time-consuming activity. Therefore, testing is often poorly performed or skipped by practitioners. Test automation can help to avoid this situation. Hence, this paper presents a novel approach to perform automated software testing for web applications based on its navigation. On the one hand, web navigation is the process of traversing a web application using a browser. On the other hand, functional requirements are actions that an application must do. Therefore, the evaluation of the correct navigation of web applications results in the assessment of the specified functional requirements. The proposed method to perform the automation is done in four levels: test case generation, test data derivation, test case execution, and test case reporting. This method is driven by three kinds of inputs: i UML models; ii Selenium scripts; iii XML files. We have implemented our approach in an open-source testing framework named Automatic Testing Platform. The validation of this work has been carried out by means of a case study, in which the target is a real invoice management system developed using a model-driven approach.
Teerling, M.L.; Huizingh, Eelko K.R.E.
While mass customization is the tailoring of products and services to the needs and wants of individual customers, web site customization is the tailoring of web sites to individual customers? preferences. Based on a review of site customization applications, the authors propose a model with four different levels standardization, adaptation, passive personalization, and active personalization). Each of these levels requires a different level of involvement of both the supplier and the custome...
Appasami Govindasamy; Suresh Joseph K; Annadurai P.
New Interactive, attractive and device independent web application’s Graphical User Interfaces (GUI) are developed by new technologies like Silverlight and Moonlight. Silverlight is Microsoft's cross platform runtime and development technology for running Web based multimedia applications in windows platform. Moonlight is an open-source implementation of the Silverlight development platform for Linux and other operating systems. Manufacturing Execution systems (MES) is a framework which tries...
Luong, The Nhan; Etcheverry, Patrick; Nodenot, Thierry; Marquesuzaà, Christophe
15 pages International audience Recent research has attested the implementation and the effectiveness of Geographic Information Systems in geographic teaching. Different works and experiments have shown that current Web Mapping Services and frameworks are partially unfitted for the design and easy programming of web applications dedicated to the teaching of geographic information. Our research problem is enabling to teachers to design by themselves an Active Reading Learning Scenario ma...
Atefeh Tajpour; Suhaimi Ibrahim; Mohammad Sharifi
SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability. In this paper we present all SQL injection attack types and also current tools which can detect or p...
V. Rajeswari; Dr. Dharmishtan K. Varughese
In the contemporary business and industrial environment, the variety of data used by organizations are increasing rapidly. Also, there is an increasing demand for accessing this data. The size, complexity and variety of databases used for data handling cause serious problems in manipulating this distributed information. Integrating all the information from different databases into one database is a challenging problem. XML has been in use in recent times to handle data in web appliccations...
Full Text Available Semantic Web approaches try to get the interoperability and communication among technologies and organizations. Nevertheless, sometimes it is forgotten that the Web must be useful for every user, consequently it is necessary to include tools and techniques doing Semantic Web be accessible. Accessibility and usability are two usually joined concepts widely used in web application development, however their meaning are different. Usability means the way to make easy the use but accessibility is referred to the access possibility. For the first one, there are many well proved approaches in real cases. However, accessibility field requires a deeper research that will make feasible the access to disable people and also the access to novel non-disable people due to the cost to automate and maintain accessible applications. In this paper, we propose one architecture to achieve the accessibility in web-environments dealing with the WAI accessibility standard and the Universal Design paradigm. This architecture tries to control the accessibility in web applications development life-cycle following a methodology starting from a semantic conceptual model and leans on description languages and controlled vocabularies.
This work presents the idea and the realization of web application for monitoring the operation of the mainframe computer, servers with Linux operating system and application servers. Web application is intended for administrators of these systems, as an aid to better understand the current state, load and operation of the individual components of the server systems.
Hisham M. Haddad
Full Text Available As software applications become more complex they require more security, allowing them to reach an appropriate level of quality to manage information, and therefore achieving business objectives. Web applications represent one segment of software industry where security risk assessment is essential. Web engineering must address new challenges to provide new techniques and tools that guarantee high quality application development. This work focuses asset identification, the initial step in security risk assessment for web applications. Risk assessment helps organizations determine security risks in information management systems. The formal approach to identifying information assets for risk assessment is investigated using the MAGERIT methodology and EBIOS method. This work is carried out at Sim?n Bolivar University (Venezuela for its Student Opinion Survey Coordination web-based application. Under this research, a methodological tool for asset identification was developed to help the University achieve security risk assessment. Assets are identified according to their priorities in the organizational environment. This work contributes to Web Engineering in general, and to Information Security Management with emphasis on security risk assessment.
Di Benedetto, M.; Corsini, M.; Scopigno, R.
M. Di Benedetto
Full Text Available Web applications are widely adopted and their correct functioning is mission critical for many businesses. Online banking, emails, eshopping, has become an integral part of today’s life. Vulnerabilities in web application can lead to a variety of erroneous behavior at dynamic run time. We encounter the problem of forceful browsing in many web applications, username enumeration can help an attacker who attempts to use guessable passwords, such as test/test, admin/admin, guest/guest, and so on. These accounts are often created by developers for testing purposes, and many times the accounts are never disabled or the developer forgets to change the password, hacking reduces the performance or function of the application, further more, the modified system itself becomes a constraint to counter newer types of vulnerabilities that may crop up from time to time. Hence, the best solution would be to finds the steps to solve that are web-based (firewall independent for protecting against vulnerabilities in web applications. In our work algorithm is to analyze vulnerabilities that are caused by breaking of the data dependency using problem which work efficient with existing one.
Patel, Sandeep Kumar
This book is a standard tutorial for web application developers presented in a comprehensive, step-by-step manner to explain the nuances involved. It has an abundance of code and examples supporting explanations of each feature. This book is intended for Java developers wanting to create rich and responsive applications using AJAX. Basic experience of using jQuery is assumed.
Guthrie, J.D.; Dartiguenave, C.; Ries, Kernell G., III
StreamStats is a U.S. Geological Survey Web-based GIS application developed as a tool for waterresources planning and management, engineering design, and other applications. StreamStats' primary functionality allows users to obtain drainage-basin boundaries, basin characteristics, and streamflow statistics for gaged and ungaged sites. Recently, Web services have been developed that provide the capability to remote users and applications to access comprehensive GIS tools that are available in StreamStats, including delineating drainage-basin boundaries, computing basin characteristics, estimating streamflow statistics for user-selected locations, and determining point features that coincide with a National Hydrography Dataset (NHD) reach address. For the state of Kentucky, a web service also has been developed that provides users the ability to estimate daily time series of drainage-basin average values of daily precipitation and temperature. The use of web services allows the user to take full advantage of the datasets and processes behind the Stream Stats application without having to develop and maintain them. ?? 2009 IEEE.
Syed Mutahar Aaqib
Full Text Available The World Wide Web (WWW has undergone remarkable change over the past few years, placing substantially heavy load on Web servers. Today’s web servers host web applications that demand high computational resources. Also some applications require heavy database retrieval processing, making server load even more critical. In this paper, performance of Apache web server running compute and retrieve-intensive web workloads is analyzed. Workload files implemented in three dynamic web programming technologies: PERL, PHP and Java Servlets are used with MySQL acting as a data source. Measurements are performed with the intent to analyze the impact of application workloads on the overall performance of the web server and determine which web technology yields better performance on Windows and Linux platforms. Experimental results depict that for both compute and retrieve intensive applications, PHP exhibits better performance than PERL and Java Servlets. A multiple linear regression model was also developed to predict the web server performance and to validate the experimental results. This regression model showed that for compute and retrieve intensive web applications, PHP exhibits better performance than Perl and Java Servlets.
Moro, Arielle; Daehne, Peter
Depuis quelques années, Internet est vraiment entré dans les mœurs : tant dans les entreprises qu’au sein de chaque foyer. En effet, Internet permet de communiquer à travers le monde en quelques secondes, de vendre toute sorte de produits en déployant des solutions e-commerce facilement et bien d’autres choses. Internet est donc un véritable vecteur de communication, de commerce et à présent, avec le Web 2.0, un vrai berceau d’informations (tant des informations personnelles que des informati...
Pritychenko,B.; Sonzogni, A.A.
We present Sigma Web interface which provides user-friendly access for online analysis and plotting of the evaluated and experimental nuclear reaction data stored in the ENDF-6 and EXFOR formats. The interface includes advanced browsing and search capabilities, interactive plots of cross sections, angular distributions and spectra, nubars, comparisons between evaluated and experimental data, computations for cross section data sets, pre-calculated integral quantities, neutron cross section uncertainties plots and visualization of covariance matrices. Sigma is publicly available at the National Nuclear Data Center website at http://www.nndc.bnl.gov/sigma.
Krstev, Dejan; Krstev, Aleksandar; Krstev, Boris
Bargala is one of the most important antic town in Macedonia which name ethimology connect with Bregalnica River. This town is located 12 km west-eastern from Stip town among the Kozjacka River below the Plackovica mountain. Web-page for Bargala is unique way to represent and show what is Macedonia, what is history and civilization by centuries earlier. Basic colour which is set on the back is aproximatively dark brown (#1D1A15) and used combination with red colour (#9D1014). The dimension o...
Full Text Available This paper revisits the debate concerning which development environment should be used to teach server-side Web Application Development courses to undergraduate students. In 2002, following an industry-based survey of Web developers, a decision was made to adopt an open source platform consisting of PHP and MySQL rather than a Microsoft platform utilising Access and Active Server Pages. Since that date there have been a number of significant changes within the computing industry that suggest that perhaps it is appropriate to revisit the original decision. This paper investigates expert opinion by reviewing current literature regarding web development environments, it looks at the results of a survey of web development companies and it examines the current employment trends in the web development area. The paper concludes by examining the impact of making a decision to change the development environment used to teach Web Application Development to a third year computing degree class and describes the impact on course delivery that the change has brought about.
ZENG Hongwei; MIAO Huaikou
A formal model representing the navigation behavior of a Web application as the Kripke structure is proposed and an approach that applies model checking to test case generation is presented. The Object Relation Diagram as the object model is employed to describe the object structure of a Web application design and can be translated into the behavior model. A key problem of model checking-based test generation for a Web application is how to construct a set of trap properties that intend to cause the violations of model checking against the behavior model and output of counterexamples used to construct the test sequences.We give an algorithm that derives trap properties from the object model with respect to node and edge coverage criteria.
CAI Li-zhi; TONG Wei-qin; YANG Gen-xing
Software testing coverage criteria play an important role in the whole testing process. The current coverage criteria for web applications are based on program or URL. They are not suitable for black-box test or intuitional to use. This paper defines a kind of test criteria based on page coverage sequences only navigated by web application, including Page_Single, Page_Post, Page_Pre,Page_Seq2, Page_SeqK. The test criteria based on page coverage sequences made by interactions between web application and browser are being under consideration after that. In order to avoid ambiguity of natural language, these coverage criteria are depicted using Z formal language. The empirical result shows that the criteria complement traditional coverage and fault detection capability criteria.
Bebo White is a Departmental Associate (retired) at SLAC and has spent considerable time at CERN. In addition, he holds faculty appointments at Hong Kong University, the University of San Francisco, and Contra Costa College. He is a frequent speaker at conferences, academic institutions, and for commercial organizations around the world. Bebo has been a member of the International World Wide Web Conference Committee (IW3C2) since 1996 and in that time has served as General Co-Chair of two of the conferences ...
Gupta, N.; Gupta, V.; Okaya, D.; Kamb, L.; Maechling, P.
Web services offer scientific communities a new paradigm for sharing research codes and communicating results. While there are formal technical definitions of what constitutes a web service, for a user community such as the Southern California Earthquake Center (SCEC), we may conceptually consider a web service to be functionality provided on-demand by an application which is run on a remote computer located elsewhere on the Internet. The value of a web service is that it can (1) run a scientific code without the user needing to install and learn the intricacies of running the code; (2) provide the technical framework which allows a user's computer to talk to the remote computer which performs the service; (3) provide the computational resources to run the code; and (4) bundle several analysis steps and provide the end results in digital or (post-processed) graphical form. Within an NSF-sponsored ITR project coordinated by SCEC, we are constructing web services using architectural protocols and programming languages (e.g., Java). However, because the SCEC community has a rich pool of scientific research software (written in traditional languages such as C and FORTRAN), we also emphasize making existing scientific codes available by constructing web service frameworks which wrap around and directly run these codes. In doing so we attempt to broaden community usage of these codes. Web service wrapping of a scientific code can be done using a "web servlet" construction or by using a SOAP/WSDL-based framework. This latter approach is widely adopted in IT circles although it is subject to rapid evolution. Our wrapping framework attempts to "honor" the original codes with as little modification as is possible. For versatility we identify three methods of user access: (A) a web-based GUI (written in HTML and/or Java applets); (B) a Linux/OSX/UNIX command line "initiator" utility (shell-scriptable); and (C) direct access from within any Java application (and with the
This thesis was commissioned by Wärtsilä Finland Oy, Ship Power. The task was to design a database capable of storing different types of product data. A web application to improve the previously used Excel spreadsheet for comparing competitor engines with Wärtsilä ones, should also be created. Moreover, an administration page was required, where authorized users could administer the web application. This was mainly done with SQL Server and .NET techniques such as ASP.NET and ADO.NET as wel...
Full Text Available This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight adaptation, the technique can be used for discovering workflow attacks on web applications.
Simula, Adele Asuncion Valerio
Mycomob, an open source Java application for mobile phones, is a comprehensive mushroom hunting and identification guide with visual and written descriptions of roughly 300 mushroom species commonly found in Finland. There are different areas within the application that were specifically designed to aid beginner, intermediate and advanced mushroom hunters. Alongside the Mycomob mobile application is a web community, which acts as a portal. From the Mycomob website, people can download the ...
The purpose of this bachelor thesis was the development of an web application that would enable a smoother organization and prosecution of team work. It is intended to be used by members of smaller groups and can be described as a tool of communication that will improve the group’s organization. The application offers services for direct communication through discussions, file sharing and the division of current tasks. The server part of the application was created in the framework Django in ...
Lanham, Clifton; Kallner, Shawn; Gernand, Jeffrey
A Web application facilitates collaborative development of the ground operations planning document. This will reduce costs and development time for new programs by incorporating the data governance, access control, and revision tracking of the ground operations planning data. Ground Operations Planning requires the creation and maintenance of detailed timelines and documentation. The GOPDb Web application was created using state-of-the-art Web 2.0 technologies, and was deployed as SaaS (Software as a Service), with an emphasis on data governance and security needs. Application access is managed using two-factor authentication, with data write permissions tied to user roles and responsibilities. Multiple instances of the application can be deployed on a Web server to meet the robust needs for multiple, future programs with minimal additional cost. This innovation features high availability and scalability, with no additional software that needs to be bought or installed. For data governance and security (data quality, management, business process management, and risk management for data handling), the software uses NAMS. No local copy/cloning of data is permitted. Data change log/tracking is addressed, as well as collaboration, work flow, and process standardization. The software provides on-line documentation and detailed Web-based help. There are multiple ways that this software can be deployed on a Web server to meet ground operations planning needs for future programs. The software could be used to support commercial crew ground operations planning, as well as commercial payload/satellite ground operations planning. The application source code and database schema are owned by NASA.
Karto Iskandar; Andrew Thejo Putranto
Today web applications have become a necessity and many companies use them as a communication tool to keep in touch with their customers. The usage of Web Application in current time increases as the number of internet users has been rised. For reason of Rich Internet Application, the desktop application developer was moved to web application developer with AJAX technology. BINUS School Serpong is a Cambridge Curriculum base International School that uses web application for access e...
The article proposes an intelligent framework for supporting Web-based applications. The framework focuses on innovative use of existing resources and technologies in the form of services and takes the leverage of theoretical foundation of services science and the research from services computing. The main focus of the framework is to deliver benefits to users with various roles such as service requesters, service providers, and business owners to maximize their productivity when engaging with each other via the Web. The article opens up with research motivations and questions, analyses the existing state of research in the field, and describes the approach in implementing the proposed framework. Finally, an e-health application is discussed to evaluate the effectiveness of the framework where participants such as general practitioners (GPs), patients, and health-care workers collaborate via the Web.
MALMSTRÖM, TIM JOHAN
This degree project, conducted at Decerno AB, investigates what can be done to create client side web applications that are maintainable for a long time. The focus is on basing the application on an existing framework which both simplifies the development process and helps keeping the application well structured. Which framework is currently the best is evaluated using a comparison between the currently most popular frameworks. The comparison is done using a set of categories that is defined ...
This work presents the ScalaBLAST Web Application (SWA), a web based application implemented using the PHP script language, MySQL DBMS, and Apache web server under a GNU/Linux platform. SWA is an application built as part of the Data Intensive Computer for Complex Biological Systems (DICCBS) project at the Pacific Northwest National Laboratory (PNNL). SWA delivers accelerated throughput of bioinformatics analysis via high-performance computing through a convenient, easy-to-use web interface. This approach greatly enhances emerging fields of study in biology such as ontology-based homology, and multiple whole genome comparisons which, in the absence of a tool like SWA, require a heroic effort to overcome the computational bottleneck associated with genome analysis. The current version of SWA includes a user account management system, a web based user interface, and a backend process that generates the files necessary for the Internet scientific community to submit a ScalaBLAST parallel processing job on a dedicated cluster
Maya Samaha Rupert
Full Text Available The evolution of the Web and its applications has undergone in the last few years a mutation towardstechnologies that include the social dimension as a first class entity in which the users, their interactionsand the emerging social networks are the center of this evolution. The web is growing and evolving theintelligibility of its resources and data, the connectivity of its parts and its autonomy as a whole system. Thesocial dimension of the current and future web is being at the roots of its dynamics and evolution. It is thus,fundamental to propose new underlying infrastructure to the web and applications on the web, to makemore explicit this social dimension and facilitate its exploitation. The work presented is this papercontributes to this initiative by proposing a multi-agent modeling based on the system coupling to itsenvironment through its social dimension. Applied to a collaborative tagging system, the exploitation of thesocial dimension of tagging allows an intelligent and better sharing of resources and enhancing sociallearning between users.
Vina M. Lomte
Full Text Available The World Wide Web has experienced remarkable growth in recent years hence security is becoming oneof the major promising task in the present scenario of e-business environment. Web attacks can devastatethe system within no time. More than 80% attacks are at application layer and almost 90% applicationsare vulnerable to these attacks. Traditional solution is not capable to protect the web from suchattacks.This paper handles different web attacks and also provide some tricks used by hackers to hack theweb world similarly it contains an attempt has been made to analyze impact of DOS, SQL injection, Crosssite scripting, Sniffing/ Request Encoding on web application in terms of throughput and response time etc.It also provides the best protection mechanisms for the said attacks. Our main aim is to analyze both Eapplication one with security (proposed E –Tracking system and another without security and find theimpact of all above attacks on both in terms of request time, response time & throughput etc.
Bebjak, Michal; Vranic, Valentino; Dolog, Peter
It is more convenient to talk about changes in a domainspecific way than to formulate them at the programming construct level or-even worse-purely lexical level. Using aspect-oriented programming, changes can be modularized and made reapplicable. In this paper, selected change types in web applic...
Scripting languages require the use of high-level library functions to implement efficient image processing; thus, real-time image blur in web-based applications is a challenging task unless specific library functions are available for this purpose. We present a pyramid blur algorithm, which can ...
Ardizzone, Valeria; Bruno, Riccardo; Calanducci, Antonio; Carrubba, Carla; Fargetta, Marco; Ingrà, Elisa; Inserra, Giuseppina; La Rocca, Giuseppe; Monforte, Salvatore; Pistagna, Fabrizio; Ricceri, Rita; Rotondo, Riccardo; Scardaci, Diego; Barbera, Roberto
In this paper we present the architecture of a framework for building Science Gateways supporting official standards both for user authentication and authorization and for middleware-independent job and data management. Two use cases of the customization of the Science Gateway framework for Semantic-Web-based life science applications are also described. PMID:22942003
Sergey V. Zykov
Web-portal based approach can significantly improve the entire corporate information infrastructure. The approach proposed provides for rapid and accurate front-end integration of heterogeneous corporate applications including enterprise resource planning (ERP) systems. Human resources ERP component and multimedia data warehouse implementations are discussed as essential instances.
The geographically application RFUE-WebGIS integrates various FOSS (Free and Open Source Software) technologies to bring together the relevant data sources of the reactor remote monitoring (RFUE) in Rhineland-Palatinate and Saarland for the interests of the nuclear emergency response across national borders.
Casson, William H. Jr. [Los Alamos National Laboratory
The Adversarial Route Analysis Tool is a type of Google maps for adversaries. It's a web-based Geospatial application similar to Google Maps. It helps the U.S. government plan operations that predict where an adversary might be. It's easily accessible and maintainble and it's simple to use without much training.
Full Text Available In the contemporary business and industrial environment, the variety of data used by organizations are increasing rapidly. Also, there is an increasing demand for accessing this data. The size, complexity and variety of databases used for data handling cause serious problems in manipulating this distributed information. Integrating all the information from different databases into one database is a challenging problem. XML has been in use in recent times to handle data in web appliccations. XML (eXtensible Markup Language is a very open way of data communication. XML has become the undisputable standard both for data exchange and content management. XML is supported by the giants of the software industry like IBM, Oracle and Microsoft. The XML markup language should be the lingua franca of data interchange; but it’s rate of acceptance has been limited by a mismatch between XML and legacy databases. This in turn, has created a need for a mapping tool to integrate the XML and databases. This paper highlights the merging of heterogeneous database resource. This can be achieved by means of conversion of relational mode to XML schema and vice versa and by adding the semantic constraints to the XML Schema. The developments that the industry has seen in recent times in this field is referred to as the basis.
Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC) architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system
Full Text Available Although many general-purpose frameworks have been developed to aid in web application development, they typically tend to be both comprehensive and complex. To address this problem, a specialized server-side Java framework designed specifically for data retrieval and visualization has been developed. The framework's focus is on maintainability and data security. The functionality is rich with features necessary for simplifying data display design, deployment, user management and application debugging, yet the scope is deliberately kept limited to allow for easy comprehension and rapid application development. The system clearly decouples the application processing and visualization, which in turn allows for clean separation of layout and processing development. Duplication of standard web page features such as toolbars and navigational aids is therefore eliminated. The framework employs the popular Model-View-Controller (MVC architecture, but it also uses the filter mechanism for several of its base functionalities, which permits easy extension of the provided core functionality of the system.
Full Text Available A web application has been developed using the Microsoft .NET technology, which allows to use the Mathematica software from any personal computer connected to Internet. It is not necessary to have the Mathematica software in the own computer, therefore the requirements are limited to have a web browser. All the power of a high level package for numerical and symbolic calculation can be used with no need to spend great amounts of money in individual licenses. This allows students to use this software from their houses, by means of a simple interface, in any subject or project with mathematical calculations, even to attend virtual laboratories.
Full Text Available SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input box to gain access or make changes to data. SQL injection vulnerability allows an attacker to flow commands directly to a web application underlying database and destroy functionality or confidentiality. Researchers have proposed different tools to detect and prevent this vulnerability. In this paper we present all SQL injection attack types and also current tools which can detect or prevent these attacks. Finally we evaluate these tools.
López-Cima, A.; Corcho, Oscar; A. GÓMEZ-PÉREZ
This paper presents the approach followed by the ODESeW framework for the development of ontology-based Web applications. ODESeW eases the creation of this type of applications by allowing the use of the expression language JSTL over ontology components, using a data model that reflects the knowledge representation of common ontology languages and that is implemented with Java Beans. This framework has been used for the development of a number of portals focused on the dissemination and manag...
Web applications have become a necessity to almost any organization worldwide, but these applications can considerably weak the corporation’s security network since they may be turned into security breaches by people with malicious intentions, causing damage to finances and to a company’s reputation. Apache Shiro is a Java security framework built as a solution for developers to easily integrate security features such as authentication, authorization, cryptography, and session management...
di Marzo Serugendo, Giovanna; Guelfi, Nicolas
The Java object-oriented programming language has been the subject of an important involvement from programmers and the industry. Especially for applications related to the Web. The problem of such a rapid penetration of Java programs into commercial products is that software engineers do not have any methodology and have to develop complex parallel applications. Here, we present a formal development methodology based on the stepwise refinement of CO-OPN/2 formal specifications, using a real ...
Hermosillo, Gabriel; Gomez, Roberto; Seinturier, Lionel; Duchien, Laurence
Adding security functions in existing Web application servers is now vital for the IS of companies and organizations. Writing crosscutting functions in complex software should take advantage of the modularity offered by new software development approaches. With Aspect-Oriented Programming (AOP), separating concerns when designing an application fosters reuse, parameterization and maintenance. In this paper, we design a security aspect called AProSec for detecting SQL injection and Cross Scrip...
Full Text Available Abstract Background Metagenomics is a new field of research on natural microbial communities. High-throughput sequencing techniques like 454 or Solexa-Illumina promise new possibilities as they are able to produce huge amounts of data in much shorter time and with less efforts and costs than the traditional Sanger technique. But the data produced comes in even shorter reads (35-100 basepairs with Illumina, 100-500 basepairs with 454-sequencing. CARMA is a new software pipeline for the characterisation of species composition and the genetic potential of microbial samples using short, unassembled reads. Results In this paper, we introduce WebCARMA, a refined version of CARMA available as a web application for the taxonomic and functional classification of unassembled (ultra-short reads from metagenomic communities. In addition, we have analysed the applicability of ultra-short reads in metagenomics. Conclusions We show that unassembled reads as short as 35 bp can be used for the taxonomic classification of a metagenome. The web application is freely available at http://webcarma.cebitec.uni-bielefeld.de.
Disturbances in traffic on highways usually lead to an increase in traffic flow density or even traffic jams. The main goal of the diploma thesis is to produce an application that will predict traffic flow and traffic jams on any given date and time based on traffic flow in the past. By using an estimated desired speed the traffic information gained from flow counters we can forecast the evolution of traffic jams. The application presents a graph that represents the number of vehicles on a...
The current trend is to move everything on the Internet. Because a lot of companies store sensitive user information, security has become mandatory. Usually, software developers don’t follow some basic practices in order to secure their applications. This paper will present in the second chapter, the white-box, black-box and gray-box methods which can be used in order to test applications for possible vulnerabilities. It focuses on fuzz testing, which is a black-box testing method, presented ...
Web 3D技术有多种，都有适用的场合，介绍了有代表性的几种Web 3D技术；Vrml、Cortona、WireFusion、EON、Virtools、Quest3D、Flash 3D和Unity 3D，比较了它们各自的特点和应用。%There are variety technology of Web 3D, and everyone has applicable occasion. Introduces several representative Web 3D technology;Such as Vrml, Cortona, WireFusion, EON, Virtools, Quest3D, Flash 3D and Unity 3D. It Compared their char⁃acteristic and application.