To see the other types of publications on this topic, follow the link: COCOMO IN WEB APPLICATION.
Dissertations / Theses on the topic 'COCOMO IN WEB APPLICATION'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'COCOMO IN WEB APPLICATION.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
1
Altskog, Tomas. "Customized Analytics Software : Investigating efficient development of an application." Thesis, Mittuniversitetet, Avdelningen för informations- och kommunikationssystem, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-27967.
Full textAbstract:
Google Analytics is the most widely used web traffic analytics program in the world with a wide array of functionality which serve several different purposes for its users. However the cost of training employees in the usage of Google Analytics can be expensive and time consuming due to the generality of the software. The purpose of this thesis is to explore an alternative solution to hav- ing employees learn the default Google Analytics interface and thus possibly re- ducing training expenses. A prototype written in the Java programming lan- guage is developed which implements the MVC and facade software patterns for the purpose of making the development process more efficient. It contains a feature for retrieving custom reports from Google Analytics using Google’s Core Reporting API in addition to two web pages are integrated into the proto- type using the Google Embed API. In the result the prototype is used along with the software estimation method COCOMO to make an estimation of the amount of effort required to develop a similar program. This is done by counting the prototype’s source lines of code manually, following the guidelines given by the COCOMO manual, and then implementing the result in the COCOMO estima- tion formula. The count of lines of code for the entire prototype is 567 and the count which considers reused code is 466. The value retrieved from the formula is 1.61±0.14 person months for the estimation of the entire program and 1.31± 0.16 for a program with reused code. The conclusion of the thesis is that the res- ult from the estimation has several weaknesses and further research is necessary in order to improve the accuracy of the result.
2
Norberg, Tobias, Andreas Oskarsson, and Martin Kling. "Web application development : a study on UML Web Application Extension." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik och datavetenskap, 2002. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1689.
Full textAbstract:
The complexity of Web sites are increasing and transforming into Web applications that contain business logic, interactivity, transaction handling and states. This phenomenon forces the Web developers to adapt more traditional software engineering techniques to keep the Web applications error free, maintainable, reusable, well documented etc. Many Web developers do not use any engineering techniques at all and design mainly to create as fashionable applications as possible with no regards on the application?s functionality. This results in applications that are hard to maintain and with poor functionality. The purpose with this thesis was to see if the use of a more traditional software engineering technique, namely the Unified Modeling Language with the newly added Web Application Extension, resulted in a Web application with good design regarding the maintainability of the application. To investigate the maintainability of an application, the maintainability was further divided into three sub criteria: extensibility, reusability and documentation. These three criteria were then applied on a case study were a Web application was designed. From the analysis of the final design, using the three criteria, the maintainability was derived. The result of the entire investigation showed that the UML WAE had a good support for extensibility, fair support for reusability and very good support for documentation. From these results the main conclusion was derived, that the use of UML WAE resulted in good design regarding the maintainability. However, the result is limited to our case study and the design created in that case. The result may have been different if the three criteria had been applied on a different case. Another aspect to consider is that the quality of a design is often dependent on the knowledge of the persons that carry out the design.
3
Foss, Julie-Marie, and Nina Ingvaldsen. "Web Application Security." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2005. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9235.
Full textAbstract:
As more and more sensitive information is entering web based applications, and thus are available through a web browser, securing these systems is of increasing importance. A software system accessible through the web is continuously exposed to threats, and is accessible to anyone who would like to attempt a break-in. These systems can not rely on only external measures like separate network zones and firewalls for security. Symantecs1 Internet Security Threat Report [34] is published every six months. Main findings in the last one published prove that there is an increase in threats to confidential information and more attacks aimed at web applications. Almost 48 percent of all vulnerabilities documented the last six months of 2004 were vulnerabilities in web applications. Security principles that one should pay attention to developing web applications do exist. This report have taken a look at existing guidelines, and provided an independent guide to developing secure web applications. These guidelines will be published at the homepage of The Centre for Information Security2 (SIS), www.norsis.no. The report also describes how a web application has been developed using the provided security guidelines as reference points. Relevant vulnerabilities and threats were identified and described. Misuse cases have related the various threats to specific system functionality, and a risk analysis ranks the threats in order to see which ones are most urgent. During the design phase, the application areas exposed to threats with a high rank from the risk analysis, have been at center of attention. This is also the case in the implementation phase, where countermeasures to some of these threats are provided on the Java platform. The implemented solutions can be adapted by others developing applications on this platform. The report comes to the conclusion, that the use of security guidelines throughout the entire development process is useful when developing a secure system. 1Symantec works with information security providing software, appliances and services designed to secure and manage IT infrastructures [33]. 2The Centre for Information Security (SIS) is responsible for coordinating activities related to Information and Communications Technology (ICT) security in Norway. The centre receives reports about security related incidents from companies and departments, and is working on obtaining an overall impression of threats towards Norwegian ICT systems [30].
4
Charpentier, Rojas Jose Enrique. "Web application Security." Thesis, Högskolan i Halmstad, Sektionen för Informationsvetenskap, Data– och Elektroteknik (IDE), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-21624.
Full textAbstract:
Problems related to web application security comes in many ways, one example is inexperience programmers but not only in the way they code and program but also which language and structure they use to code. Not only programmers but Software companies left holes in the software they developed of course without intention.Because is proven that most of the vulnerabilities start in the web application side, as developers we need to follow certain principles, test our code and learn as much as possible about the subject, as a foundation of web application security in order to know how to prevent issues to the most significant treats.The penetration test aimed to help the IT business to discover vulnerabilities in their system ensure their integrity and continue further in the web application security process. The vulnerability research perform in this report is the introduction of a big work that is under continuity for the company.Finally the success of following security standards, process and methodologies applied on this field is considered the best approach to ensure web application security and priceless information you can benefit from.
5
Xia, Ning. "HealthyLifeHRA: Web Application." Case Western Reserve University School of Graduate Studies / OhioLINK, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=case1403521982.
Full text
6
Ghode, Aditi A. "Web application tool /." Connect to title online, 2007. http://minds.wisconsin.edu/handle/1793/34207.
Full text
7
Wong, Ka Wah. "Web services adaptation by using Web application wrapper /." View abstract or full-text, 2004. http://library.ust.hk/cgi/db/thesis.pl?COMP%202004%20WONG.
Full textAbstract:
Thesis (M. Phil.)--Hong Kong University of Science and Technology, 2004.Includes bibliographical references (leaves 68-70). Also available in electronic version. Access restricted to campus users.
8
Molin, Patrik, and Martin Löfberg. "Web vs. Standalone Application." Thesis, Blekinge Tekniska Högskola, Avdelningen för programvarusystem, 2005. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-1738.
Full textAbstract:
Many companies want a lot of functionality over the web. Is it possible to achieve the same functionality on the web compared to an ordinary windows application? Our work aims towards evaluating which one of the solutions that is the best. Many customers wants a standalone application rich of functionality and demands to have the same functionality on the web. Is it always possible to achieve the costumer’s requirements on a web based solution or do you have to settle with an implementation of a standalone application? There are some factors that the answer depends on: performance, security, usability and implementation. The application that will be tested is developed in .Net and is a maintenance application for Business Intelligence (BI). We will have a short introduction to the Business Intelligence field to make you understand the purpose of the application.
9
Chopra, Rashi. "Real estate web application." Manhattan, Kan. : Kansas State University, 2008. http://hdl.handle.net/2097/957.
Full text
10
Li, Shanbo. "Web Call Example Application." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-168420.
Full textAbstract:
Web Call Example Application from Ericsson Developer Connection is an application that hosted at a web server and supplies functionality of VoIP phone calls. Users can access the service from desktop browser, mobile phone browser or Java ME Client. Users can also manage their contact books. Each user can have more than one VoIP service accounts, so they can choose the cheapest on when they make phone call. The Web Call Example Application supports two kinds of VoIP phone call connection: Relay Call and Third Party Call. For the Third Party Call there are four different implementations: Call Transfer, SDP Swap, Re-invite and Web Client. This master thesis introduces the theory of third party call and the implementation of Web Call Example Application.
11
Kakkireni, Nithin Kumar. "Beach Museum Web Application." Kansas State University, 2018. http://hdl.handle.net/2097/38797.
Full textAbstract:
Master of ScienceDepartment of Computer Science
Daniel Andresen
This project involves in developing a responsive web application for Beach Museum at Manhattan, Kansas. Application is built on development boxes using Amazon web services. Project is built on MVC architecture that helps user to search images, create their own collection from the images and include an admin module. Migrating the current existing SQL database to couchDB for better performance of the available data. Integrated Apache Lucene to support text search in the couch database writing different indexes to retrieve the results. Implementing core functionalities like basic search, advanced search, filter objects with respective to artist, decade, object type and relevance using different indexes and Mango queries in the couchDB. Search Results are further chunked and displayed to the user. Web storage API’s were used to provide the functionality for a user to create their own collection (set of Images). Built an Admin module to perform CRUD operations the database. Admin module involves in creating exhibitions, adding/editing works and artists in the couch DB.
12
Nyirenda, Mayumbo. "Universal web application server." Master's thesis, University of Cape Town, 2007. http://hdl.handle.net/11427/6427.
Full textAbstract:
Includes bibliographical references (leaves 113-116).The growth of the World Wide Web has in large part been made possible by the technologies that power it. These are the Web servers and Web browsers that many take for granted. Each has evolved to support the changing needs of users of the WWW from simple static text to highly interactive and dynamic multimedia. The Web servers, in particular, have evolved into a spectrum of different technologies to support what are now known as Web applications. These are usually installed and accessed through a Web server. Security is a problem in Web server environments and therefore the Web servers are usually run as an un-privileged user. Performance is another problem as some of these technologies require re-initialization of the execution environment with every subsequent request. These security and performance shortcomings have been dealt with by numerous Web application technologies.
13
Tummeti, Venkata Krishna Reddy. "Website developer: Web application." CSUSB ScholarWorks, 2003. https://scholarworks.lib.csusb.edu/etd-project/2407.
Full textAbstract:
The purpose of the project is to use Java Server Page (JSP) technology to create a web application that could be used by any person who has the basic knowledge of browsing through the Web. There are many programs on the market that aid users in creating web pages, but the process involved in creating web pages using the available software and hosting their website is fairly complex for general people.
14
Filonowich, Eric. "Building a robust web application." [Denver, Colo.] : Regis University, 2006. http://165.236.235.140/lib/EFilonowichPartI2006.pdf.
Full text
15
Pärsson, David. "Guidelines for Web Application Usability." Thesis, Linköping University, Department of Computer and Information Science, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-56996.
Full textAbstract:
More people are connecting to the Internet, by using computers and other devices. At the same time web applications are replacing locally installed applications. This makes web application usability an interesting and important subject.
The aim of this thesis was to find a set of usability recommendations and guidelines specifically suited for web-based applications. The guidelines were derived both from studies on how web applications and regular web sites should be designed, usability studies for locally installed applications as well as more general usability and interaction design guidelines.
A prototype was created based on the list of guidelines. The prototype was then evaluated from a usability perspective, using heuristic evaluation with Nielsen’s 10 usability heuristics, to test the validity of the guidelines.
The results of the evaluation says that while the list of guidelines can be used to help creating usable web applications, following the guidelines is not alone a mean of getting rid of all usability problems.
16
CUNHA, LEONARDO MAGELA. "A SEMANTIC WEB APPLICATION FRAMEWORK." PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO, 2006. http://www.maxwell.vrac.puc-rio.br/Busca_etds.php?strSecao=resultado&nrSeq=10084@1.
Full textAbstract:
CONSELHO NACIONAL DE DESENVOLVIMENTO CIENTÍFICO E TECNOLÓGICOFUNDAÇÃO PADRE LEONEL FRANCA
Até alguns anos atrás, a Web disseminava principalmente documentos. Com o advento das aplicações Web, as organizações puderam disponibilizar informações que estavam em seus bancos de dados e sistemas legados. Entretanto, a comunicação entre estas aplicações ou com aplicações de usuários finais, às vezes, não era possível devido a diferenças no formato de representação dos dados. O desenvolvimento de padrões (standards) e o uso da eXtensible Markup Language (XML) resolveram muitos destes problemas. Apesar das soluções desenvolvidas serem somente sintáticas elas funcionam em muitos casos, como por exemplo, na interoperabilidade de esquemas em sistemas bussiness to bussiness de e-commerce. Entretanto, a falta do aspecto semântico impossibilitou que as aplicações fizessem mais uso dos dados ou os utilizassem de forma mais inteligente. A idéia da Web Semântica é definir explicitamente o significado dos dados que se encontram na Web. Com isso, esperam-se aplicações capazes de entender o que significam os dados. E uma vez que estas aplicações entendam os dados, elas possibilitarão que os usuários utilizem essa nova Web dirigida a dados para facilitar as suas tarefas rotineiras. Esta tese propõe um framework para o desenvolvimento de aplicações para a Web Semântica. Considerando o que foi descrito no parágrafo anterior, o número de aplicações que podem ser construídas é quase infinito. Portanto, nós nos restringimos a observar as aplicações que tem por objetivo solucionar o problema apresentado pelo Semantic Web Challenge; e propor um framework que represente estas soluções. O Challenge tem como principal finalidade demonstrar como as aplicações podem atrair e beneficiar o usuário final através do uso das técnicas da Web Semântica. Conseqüentemente, nossa intenção é possibilitar que o desenvolvedor de aplicações possa atingir essa atração e benefícios, através do uso das técnicas de Web Semântica e de Engenharia de Software, utilizando um framework para o desenvolvimento das aplicações.
Documents have been the main vehicle of the Web until some years ago. With the advent of Web applications, data stored in organizations databases or legacy systems has been made available to users. However, very often, the exchange of data between those applications themselves or between them and end-users applications were not possible since they used different formats for the information representation. The development of standards and the use of the eXtensible Markup Language (XML) solved parts of the problem. That was a syntactic solution and it works for several cases, e.g., schema interoperability in Business-to-Business e-commerce scenarios. Nevertheless, the lack of semantics on these data prevented applications to take more advantage of them. The idea behind the Semantic Web is to define explicitly the semantics of data available on the Web. Therefore, we expect another step forward where applications, being them corporative or for end-users, will understand the meaning of the data available on the Web. Once those applications can understand it, they will be able to help users to take advantage of this data driven Web and to perform their daily tasks easily. This thesis proposes a framework for the development of Semantic Web applications. Considering the scenario described in the previous paragraph, the number of possible applications that can be developed is almost infinite. For this reason, we restricted ourselves to examine the solutions that aim to solve the problem presented at the Semantic Web Challenge; and to propose a framework that represent those solutions. The challenge is concerned in demonstrating how Semantic Web techniques can provide valuable or attractive applications to end users. Our main concern was then to demonstrate and help a developer to achieve that value addition or attractiveness, through Semantic Web techniques, in a Software Engineering approach using frameworks.
17
Cane, John W. "Assessment of Web Application Technology." NSUWorks, 2003. http://nsuworks.nova.edu/gscis_etd/442.
Full textAbstract:
Web applications are collections of files for the purpose of responding to user requests in client-server mode over the World Wide Web. Most web applications have a connection to one or more databases for storing and delivering data as required by user requests. Some include a web server extension. There are a number of such systems, each belonging to a set of archetypes. Important factors in selecting a web application include conformance to principles of software engineering, ability to enforce application-level security, and resource conservation or high performance. Existing experimental studies do not provide the required data, owing to variations in configuration, aggregated, statistically mixed workloads, and lack of numerical performance criteria for the application alone. This research gained important insights from the application of scientific methods and numerical, objective criteria to the comparison of web applications. This project conducted architectural analyses, security tests and performance measurements of selected archetypes. This work assessed state saving, separation of concerns, security and performance with standardized tests administered in an invariant environment, i.e., host hardware, operating system, web server and database server. Architectural analysis was applied to state maintenance and separation of concerns. Interactive simulations tested abilities of archetypes to enforce security and to protect themselves from hacker attacks. Automated load tests measured resources consumed and application latency as a function of HTML request traffic. HTML page requests consisted of a standard set of queries against the same dataset. A load test application was developed to manage the testing and data-recording automatically. Results consist of rankings of web application archetypes according to a metric developed for this purpose. Supporting data consist of graphs of latency vs. time and page request traffic vs. resources consumed. Results show the capability of archetypes to enforce security, maintain data integrity, conserve server resources, and to make timely and efficient delivery of client-requested data
18
McDaniel, Brian Newsom. "The CloudBrowser Web Application Framework." Thesis, Virginia Tech, 2012. http://hdl.handle.net/10919/32971.
Full textAbstract:
While more and more applications are moving from the desktop to the web, users still expect
their applications to behave like they did on the desktop. Specifically, users expect that user
interface state is preserved across visits, and that the state of the interface truly reflects
the state of the underlying data. Unfortunately, achieving this ideal is difficult for web
application developers due to the distributed nature of the web. Modern AJAX applications
rely on asynchronous network programming to synchronize the client-side user interface with
server-side data. Furthermore, since the HTTP protocol is stateless, preserving interface
state across visits requires a significant amount of manual work on behalf of the developer.
CloudBrowser is a web application framework that supports the development of rich Internet applications whose entire user interface and application logic resides on the server, while all client/server communication is provided by the framework. CloudBrowser is ideal for single- page web applications, which is the current trend in web development. CloudBrowser thus hides the distributed nature of these applications from the developer, creating an environ- ment similar to that provided by a desktop user interface library. CloudBrowser preserves the user interface state in a server-side virtual browser that is maintained across visits. Further- more, multiple clients can connect to a single server-side interface instance, providing built-in co-browsing support. Unlike other server-centric frameworks, CloudBrowserâ s exclusive use of the HTML document model and associated JavaScript execution environment allows it to exploit existing client-side user interface libraries and toolkits while transparently providing access to other application tiers. We have implemented a prototype of CloudBrowser as well as several example applications to demonstrate the benefits of its server-centric design.
Master of Science
19
Stankovic, Milan. "Convergence entre Web Social et Web Sémantique. Application à l'innovation à l'aide du Web." Thesis, Paris 4, 2012. http://www.theses.fr/2012PA040247/document.
Full textAbstract:
Cette thèse s’inscrit dans le cadre de travaux relatifs au Web Social Sémantique, dans la perspective de la complémentarité et de la coévolution de deux aspects du Web, l’aspect social et sémantique. Le développement du Web au cours de ces dernières années a fait émerger un énorme graphe de données structurées, sémantiques résultant en partie de l’activité des utilisateurs, le LOD. Nous nous intéressons à l’utilisation de ce graphe afin de faciliter l’accès à l’information présente sur le Web, et ce de manière utile, informative et enrichissante pour l’utilisateur. Cette problématique est notamment étudiée dans les scénarios de l’innovation sur le Web – pratiques visant à utiliser des technologies du Web pour contribuer à l’émergence de l’innovation. Une spécificité de ce contexte, assez peu abordé dans la littérature existante, est sans doute le besoin d’inciter les découvertes inattendues et fortuites. Au delà de la simple pertinence sollicitée dans toute situation de recherche et de recommandation sur le Web, le contexte d’innovation impose une certaine ouverture d’esprit pour permettre à l’utilisateur d’accéder aux informations inattendues mais néanmoins pertinentes, et permet par la même occasion de s’inspirer et de transposer des idées d’un domaine à l’autre. Les travaux présentés dans cette thèse ont donc pour objectif d’aider, de manière directe ou indirecte, les acteurs de l’innovation en ligne (e.g., les entreprises qui cherchent à innover, les experts et les porteurs d’idées) de faire des découvertes. Cet objectif ce décline particulièrement par les travaux de construction d’un système de recherche d’experts, un système de recommandation de mots-clés pertinents pour un problème et un système de recommandation de collaborateurs pour aider à un expert d’affronter des problèmes pluridisciplinairesThis thesis builds upon the work on the Social Semantic Web, a research perspective on the complementarity and coevolution of two aspects of the Web, the social and semantic one. Web development in recent years has given rise to a huge graph of semantically structured data, partly resulting from user activity. We are particularly interested in the use of this graph in order to facilitate access to information found on the Web, in a useful, informative manner. This problem is particularly studied in scenarios related to innovation on the Web - practices to use Web technologies to contribute to the emergence of innovation. A notable specificity of this context, so far little discussed in literature, is the need to encourage serendipity and discovery. Beyond the simple relevance sought in any search and recommendation situation on the Web, the context of innovation requires a certain openness to allow the user to access information relevant yet unexpected, and should also open opportunities to learn and translate ideas from one domain to another.The work presented in this thesis therefore aims to assist, directly or indirectly, the innovators online (eg, companies seeking to innovate, experts and carriers of ideas) to make discoveries. We address each of these challenges in different parts of the thesis. This vision is principally implemented through the construction of an expert search system, Hy.SemEx, a system for keyword recommendation allowing to discover unknown relevant keywords, HyProximity, and an approach for recommending collaborators to experts in order to help them face multidisciplinary problems
20
Do, Tuan Anh. "A quality-centered approach for web application engineering." Thesis, Paris, CNAM, 2018. http://www.theses.fr/2018CNAM1201/document.
Full textAbstract:
Les développeurs d'applications Web ne sont pas tous des experts. Même s'ils utilisent des méthodes telles que UWE (UML web engineering) et les outils CASE, ils ne sont pas toujours capables de prendre de bonnes décisions concernant le contenu de l'application web, le schéma de navigation et / ou la présentation des informations. La littérature leur fournit de nombreuses lignes directrices (guidelines) pour ces tâches. Cependant, ces connaissances sont disséminées dans de nombreuses sources et non structurées. Dans cette dissertation, nous capitalisons sur les connaissances offertes par ces lignes directrices. Notre contribution est triple: (i) nous proposons un méta-modèle permettant une représentation riche de ces lignes directrices, (ii) nous proposons une grammaire permettant la description des lignes directrices existantes, (iii) sur la base de cette grammaire, nous développons un outil de gestion des lignes directrices . Nous enrichissons la méthode UWE avec cette base de connaissances menant à une approche basée sur la qualité. Ainsi, notre outil enrichit les prototypes existants d'ingénierie logicielle assistée par ordinateur basés sur UWE avec des conseils ad hocWeb application developers are not all experts. Even if they use methods such as UWE (UML web engineering) and CASE tools, they are not always able to make good decisions regarding the content of the web application, the navigation schema, and/or the presentation of information. Literature provides them with many guidelines for these tasks. However this knowledge is disseminated in many sources and not structured. In this dissertation, we perform a knowledge capitalization of all these guidelines. The contribution is threefold: (i) we propose a meta-model allowing a rich representation of these guidelines, (ii) we propose a grammar enabling the description of existing guidelines, (iii) based on this grammar, we developed a guideline management tool. We enrich the UWE method with this knowledge base leading to a quality based approach. Thus, our tool enriches existing UWE-based Computer Aided Software Engineering prototypes with ad hoc guidance
21
Oh, Se Hun. "High-Level Test-Driven Learning Using Web Application and Web Service." ScholarWorks@UNO, 2010. http://scholarworks.uno.edu/td/1124.
Full textAbstract:
In order to introduce learning cases with real-world contexts to the Computer Science students in their early stage of learning, a set of Web applications that utilize Web services are simplified and customized to demonstrate the core concept of high-level test-driven learning methodology. Four e-commerce Web applications were implemented for this project. These applications show how real-world Web services work and interact with each other. By systematically planting a number of errors into the services, we created a learning environment for the students to understand the system structure and basic programming through their critical thinking. A goal is to keep students' interest in computer science. In doing so, a set of features that help students observe the systems' behavior are designed, and collectively formed a pattern of user interface "the Learner's Corner."
22
CORONA, ERIKA. "Web Framework Points: an Effort Estimation Methodology for Web Application Development." Doctoral thesis, Università degli Studi di Cagliari, 2013. http://hdl.handle.net/11584/266242.
Full textAbstract:
Software effort estimation is one of the most critical components of a successful software project: completing the project on time and within budget is the classic challenge for all project managers. However, predictions made by project managers about their project are often inexact:
software projects need, on average, 30-40% more effort than estimated. Research on software development effort and cost estimation has been abundant and diversified since the end of the Seventies. The topic is still very much alive, as shown by the numerous works existing in the
literature. During these three years of research activity, I had the opportunity to go into the knowledge and
to experiment some of the main software effort estimation methodologies existing in literature. In particular, I focused my research on Web effort estimation. As stated by many authors, the existing models for classic software applications are not well suited to measure the effort of Web applications, that unfortunately are not exempt from cost and time overruns, as traditional software
projects. Initially, I compared the effectiveness of Albrecht's classic Function Points (FP) and Reifer's
Web Objects (WO) metrics in estimating development effort for Web applications, in the context of an Italian software company. I tested these metrics on a dataset made of 24 projects provided by the software company between 2003 and 2010. I compared the estimate data with the real effort of each project completely developed, using the MRE (Magnitude of Relative Error) method. The experimental results showed a high error in estimates when using WO metric, which proved to be more effective than the FP metric in only two occurrences. In the context of this first work, it
appeared evident that effort estimation depends not only on functional size measures, but other factors had to be considered, such as model accuracy and other challenges specific to Web applications; though the former represent the input that influences most the final results. For this
reason, I revised the WO methodology, creating the RWO methodology. I applied this methodology to the same dataset of projects, comparing the results to those gathered by applying the FP and WO methods. The experimental results showed that the RWO method reached effort prediction results
that are comparable to – and in 4 cases even better than – the FP method. Motivated by the dominant use of Content Management Framework (CMF) in Web application
development and the inadequacy of the RWO method when used with the latest Web application development tools, I finally chose to focus my research on the study of a new Web effort estimation methodology for Web applications developed with a CMF. I proposed a new methodology for
effort estimation: the Web CMF Objects one. In this methodology, new key elements for analysis and planning were identified; they allow to define every important step in the development of a Web application using a CMF. Following the RWO method approach, the estimated effort of a Web project stems from the sum of all elements, each of them weighted with its own complexity. I tested
the whole methodology on 9 projects provided by three different Italian software companies,
comparing the value of the effort estimate to the actual, final effort of each project, in man-days. I
then compared the effort estimate both with values obtained from the Web CMF Objects methodology and with those obtained from the respective effort estimation methodologies of the three companies, getting excellent results: a value of Pred(0.25) equal to 100% for the Web CMF Objects methodology.
Recently, I completed the presentation and assessment of Web CMF Objects methodology, upgrading the cost model for the calculation of effort estimation. I named it again Web Framework Points methodology. I tested the updated methodology on 19 projects provided by three software
companies, getting good results: a value of Pred(0.25) equal to 79%.
The aim of my research is to contribute to reducing the estimation error in software development projects developed through Content Management Frameworks, with the purpose to
make the Web Framework Points methodology a useful tool for software companies.
23
Ødegård, Leif. "Framework Support for Web Application Security." Thesis, Norwegian University of Science and Technology, Department of Computer and Information Science, 2006. http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-9314.
Full textAbstract:
There are several good reasons to use a framework when you are developing a new web application. We often here that: *** frameworks use known patterns that result in an easily extendable architecture *** frameworks result in loose couplings between different modules in the application *** frameworks allow developer to concentrate on business logic instead of reinventing wheels that is already reinvented several times *** frameworks are often thoroughly tested and contains less bugs than custom solutions But security is rarely mentioned in this setting. Our main motivation in this thesis is therefore to discuss what three popular web application frameworks do to improve the overall security level. In this thesis we have chosen to research Spring, Struts and JSF. We use them to develop small applications and test whether they are vulnerable to different types of attacks or not. We focus on attacks involving metacharacters such that SQL-injection and cross-site scripting, but also security pitfalls connected to access control and error handling. We have found out that all three frameworks do implement some metacharacter handling. Since Spring tries to fill the role of a full-stack application framework, it provides some SQL metacharacter handling to avoid SQL-injections, but we have identified some implementation weaknesses that may lead to vulnerabilities. Cross-site scripting problems are handled in both Spring, Struts, and JSF by HTML-encoding as long as custom RenderKits are not introduced in JSF. When it comes to access control, the framework support is somewhat limited. They do support a role-based access control model, but this is not sufficient in applications where domain object access is connected to users rather than roles. To improve the access control in Struts applications, we provide an overall access control design that is based on aspect-oriented programming and integrates with standard Struts config files. Hopefully, this design is generic enough to suit several application's needs, but also useable to developers such that it results in a more secure access control containing less bugs than custom solutions.
24
Han, Wei. "Wrapper application generation for semantic web." Diss., Georgia Institute of Technology, 2003. http://hdl.handle.net/1853/5407.
Full text
25
Sequeira, Sheldon. "Understanding web application test assertion failures." Thesis, University of British Columbia, 2014. http://hdl.handle.net/2429/50814.
Full textAbstract:
Developers often write test cases that assert the behaviour of a web application from an end-user’s perspective. However, when such test cases fail, it is difficult to relate the assertion failure to the faulty line of code. The challenges mainly stem from the existing disconnect between front-end test cases that assert the DOM and the application’s underlying JavaScript code. We propose an automated technique to help developers localize the fault related to a test failure. Through a combination of selective code instrumentation and dynamic backward slicing, our technique bridges the gap between test cases and program code. Through an interactive visualization, our approach, implemented in a tool called Camellia, allows developers to easily understand the dynamic behaviour of their application and its relation to the test cases. The results of our controlled experiment show that Camellia improves the fault localization accuracy of developers by a factor of two. Moreover, the implemented approach incurs a low performance overhead.Applied Science, Faculty of
Electrical and Computer Engineering, Department of
Graduate
26
Pelme, Andreas. "Evaluation of a web application architecture." Thesis, Linköpings universitet, Interaktiva och kognitiva system, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-107011.
Full textAbstract:
The purpose of this thesis was to come up with a new architecture for an existing web based planning and administration tool at Ericsson. The main objective was to create a new architecture with a proof of concept implementation. To find out how the existing tool were being used we interviewed people with different roles within the company. We made observations as they performed their day-to-day activities in the tool. We then designed and implemented a new version of the tool. We came up with a database design that handles a very dynamic use of data types. On top of the database we created REST API to allow data to be easily consumed by a web interface and other internal systems at Ericsson. We also showed that the architecture we ended up with performed well even with a lot of objects in the database. We did also come up with a solution to allow people to work simultaneously with the same parts of the system without overwriting each other’s changes.
27
Nilsson, Daniel, and Hampus Åberg. "HTML5 Web application security with OWASP." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2074.
Full textAbstract:
HTML5 has gained a lot of interest the last couple of years from web developers. HTML5 is the new upcoming standard for HTML set to be released in the end of 2014 (W3C). In this report HTML5 is reviewed in order to determine if it has made web applications more secure. This is done with information study and the use of experimental test cases. We use the latest OWASP top ten list of security risks in web applications as a benchmark. As a result we found ve correlations between OWASP top ten list and HTML5 functionality. The results clearly indicates that HTML5 is a ecting web application security. The security risks that was successfully exploited is Cross-site scripting, Security Miscon guration, Sensitive Data Exposure, Cross-site request forgery and Unvalidated redirects and forwards. We suggest countermeasures for the tests performed and discuss how developers should have security in mind when it comes to developing with HTML5.
28
Maras, Josip. "Automating Reuse in Web Application Development." Doctoral thesis, Mälardalens högskola, Inbyggda system, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-24600.
Full textAbstract:
Web applications are one of the fastest growing types of software systems today. Structurally, they are composed out of two parts: the server-side, used for data-access and business logic, and the client-side used as a user-interface. In recent years, thanks to fast, modern web browsers and advanced scripting techniques, developers are building complex interfaces, and the client-side is playing an increasingly important role. From the user's perspective, the client-side offers a number of features. A feature is an abstract notion representing a distinguishable part of the system behavior. Similar features are often used in a large number of web applications, and facilitating their reuse would offer considerable benefits. However, the client-side technology stack does not offer any widely used structured reuse method, and code responsible for a feature is usually copy-pasted to the new application. Copy-paste reuse can be complex and error prone - usually it is hard to identify exactly the code responsible for a certain feature and introduce it into the new application without errors. The primary focus of the research described in this PhD thesis is to provide methods and tools for automatizing reuse in client-side web application development. This overarching problem leads to a number of sub-problems: i) how to identify code responsible for a particular feature; ii) how to include the code that implements a feature into an already existing application without breaking neither the code of the feature nor of the application; and iii) how to automatically generate sequences of user actions that accurately capture the behavior of a feature? In order to tackle these problems we have made the following contributions: i) a client-side dependency graph that is capable of capturing dependencies that exist in client-side web applications, ii) a method capable of identifying the exact code and resources that implement a particular feature, iii) a method that can introduce code from one application into another without introducing errors, and iv) a method for generating usage scenarios that cause the manifestation of a feature. Each contribution was evaluated a suite of web applications, and the evaluations have shown that each method is capable of performing its intended purpose.
29
LIMA, FERNANDA. "SEMANTIC MODELING DESIGN OF WEB APPLICATION." PONTIFÍCIA UNIVERSIDADE CATÓLICA DO RIO DE JANEIRO, 2003. http://www.maxwell.vrac.puc-rio.br/Busca_etds.php?strSecao=resultado&nrSeq=4000@1.
Full textAbstract:
CONSELHO NACIONAL DE DESENVOLVIMENTO CIENTÍFICO E TECNOLÓGICOEste trabalho apresenta um modelo para projeto e implementação de aplicações hipermídia no contexto da Web semântica. A partir dos princípios o Object Oriented Hypermedia Design Method, utilizamos as noções de ontologias para definir o modelo conceitual de uma aplicação, estendendo o poder expressivo daquele método. Os modelos de navegação são definidos utilizando-se uma linguagem de consulta que permite referências tanto ao esquema de dados quanto às suas instâncias, possibilitando a definição de estruturas de navegação flexíveis e abrangentes. Adicionalmente, propomos a utilização de estruturas de acesso facetadas para o apoio à escolha de objetos de navegação utilizando múltiplos critérios. Finalmente, apresentamos uma arquitetura de implementação que permite a utilização direta da especificação da aplicação na derivação da implementação da aplicação final.
In this thesis we present a method for the design and implementation of web applications for the Semantic Web. Based on the Object Oriented Hypermedia Design Method approach, we used ontology concepts to define an application conceptual model, extending the expressive power of the original method. The navigational models definitions use a query language capable of querying both schema and instances, enabling the specification of flexible access structures. Additionally, we propose the use of faceted access structures to improve the selection of navigational objects organized by multiple criteria. Finally, we present an implementation architecture that allows the direct use of the application specifications when deriving a final application implementation.
30
Nagulavancha, Sruthi. "Traumatic brain injury options web application." Kansas State University, 2010. http://hdl.handle.net/2097/4626.
Full textAbstract:
Master of ScienceDepartment of Computing and Information Sciences
Daniel A. Andresen
According to the Division of Injury Response, Centers for Disease Control and Prevention, approximately 1.4 million Americans sustain a traumatic brain injury each year. The aim of the project is to create a web interface to link survivors, family members, and caregivers of individuals suffering from traumatic brain injuries (TBI) to potentially helpful agencies or service centers within their local communities. Often the TBI service centers located in the remote places are difficult to trace hence this website mainly concentrates on small rural centers which are located in Kansas State. The portal will offer two-dimensional and basic information about traumatic brain injury centers and specifically about access of resources. Within the portal, a link to an interactive map will be provided. A form for data entry helps the service centers to publish about their presence and the regions they serve. A search distance feature is also added into the website which interactively searches the nearest latitude, longitude values (TBI service center) to the user’s location by using the haversine formula.
31
Ноздрунов, Володимир Андрійович. "The Stages of Web Application Development." Thesis, Київський національний університет технологій та дизайну, 2017. https://er.knutd.edu.ua/handle/123456789/7378.
Full text
32
Berggren, Simon. "Web Application for Modeling and Simulation." Thesis, Malmö högskola, Fakulteten för teknik och samhälle (TS), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:mau:diva-20407.
Full textAbstract:
Humans often use graphs, diagrams and 3D-models tovisualize complex systems, in order to comprehend them better.While this kind of software does exist, it is not easily accessiblevia mobile devices. This thesis will explore and explain the designprocess of developing a web application for visualizing andcreating complex systems, natively supporting handheld devices.The innovative nature of this thesis calls for a suiting researchprocess, which we will describe together with what designdecisions led to satisfying functionality.
33
Chen, Lijun. "A Web-based database application builder." [Gainesville, Fla.] : University of Florida, 2002. http://purl.fcla.edu/fcla/etd/UFE1000113.
Full textAbstract:
Thesis (M.S.)--University of Florida, 2002.Title from title page of source document. Document formatted into pages; contains ix, 64 p.; also contains graphics. Includes vita. Includes bibliographical references.
34
Remiš, Michael. "Google Web Toolkit." Master's thesis, Vysoká škola ekonomická v Praze, 2016. http://www.nusl.cz/ntk/nusl-264289.
Full textAbstract:
This diploma thesis deals with development of web applications using Google web Toolkit. GWT is modern set of open source tools that allows developers to create Rich Internet Applications completely in Java without any deep knowledge of JavaScript. The theoretical part of this thesis is focused on architecture of Google Web Toolkit, basic approaches and some advanced topics as MVP architecture, client-server communication or persistence layer. The practical part consists of set of examples which demonstrates approaches described in theoretical part.
35
Svensson, Per-Erik. "Mobile TV as a Web Application : Mobile Web 2.0 - a new application framework for interactive Mobile TV." Thesis, KTH, Kommunikationssystem, CoS, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91989.
Full textAbstract:
The existing advanced web browsers in today’s mobile phones open up the door for mobile web applications. By using standard webtechnologies, a web page can be crafted to mimic the behavior of a normal application. The purpose of this master’s thesis has been to look at web application development for mobile phones in general and to implement a web-based Mobile TV client to determine whether it would be a viable alternative to existing clients based on other technologies. The advantages are the same as for any other web application: 1) the user avoids the hassle of installing an application and will always run the latest version, 2) developers benefit from the browser’s ability to render generic content, and 3) it is believed that the differences between browser implementations are less than in other environments in which an application would run, for example Java or operating system specificenvironments.De avancerade webbläsare som redan idag finns tillgängliga på nyare mobiltelefoner har gjort det möjligt att skapa mobila webbapplikationer. Genom användandet av befintlig webbteknik kan en webbsida utformas på ett sådant sätt att den uppträder som en vanlig applikation. Syftet med det här examensarbetet har varit att titta på webbutveckling för mobiltelefoner i allmänhet samt att implementera en webbaserad MobilTV-klient för att avgöra hurivida en sådan lösning skulle kunna utgöra ett alternativ till redan existerande klienter baserade på andra teknologier. Fördelarna antas vara desamma som för andra webbapplikationer: 1) användaren slipper installera ett program och kommer alltid att köra den senaste versionen, 2) utvecklingen gynnas av webbläsarens förmåga att rendera godtyckligt innehåll och 3) skillnaderna mellan olika webbläsarimplementationer anses vara mindre i jämförelse med andra miljöer i vilka en applikation körs, till exempel Java- eller operativsystemspecifika.
36
Bergström, Gustav, Elsa Duberg, Karin Holmén, Tobias Lundell, Robert Lönnberg, Marcus Mandelius, Christian Olsson, Björn Ström, and Oscar Äng. "A study in web development : An onlinewatch store as a web application." Thesis, Linköpings universitet, Programvara och system, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-118736.
Full textAbstract:
This is a report on the development and implementation of the web shop “Urballa Ur”, a web application developed by nine students at Linköping university. The report illustrates the methodology and process with intention to answer the question “How can an online watch store be implemented to increase sales?”. During the process the agile method scrum has been used as a working method. A survey and a market plan was created and the results were used as a foundation for the backlog and implementation process. Additionally, a thorough theoretical study was conducted to found the report in academic research. The results of the study is discussed and the conclusion shows that, by creating a thorough backlog and a solid theoretical background, it is possible to develop a web shop with the requirements to answer the question.
37
Ott, Bryce Daniel. "Web Based Resource Management for Multi-Tiered Web Applications." BYU ScholarsArchive, 2007. https://scholarsarchive.byu.edu/etd/1255.
Full textAbstract:
The currently emerging trend of building more complex web applications to solve increasingly more involved software problems has led to the the need for a more automated and practical means for deploying resources required by these advanced web applications. As web based applications become more complex and involve more developers, greater system redundancy, and a larger number of components, traditional means of resource deployment become painfully inadequate as they fail to scale sufficiently. The purpose of this research is to provide evidence that a more sound and scalable test and deployment process can be employed and that many of the components of this improved process can be automated and/or delegated to various system actors to provide a more usable, reliable, stable, and efficient deployment process. The deployable resources that have been included for their commonality in web based applications are versioned resources (both ASCII based and binary files), database resources, cron files, and scripting commands. In order to achieve an improved test and deployment process and test its effectiveness, a web-based code deployment tool was developed and deployed in a production environment where its effects could be accurately measured. This deployment tool heavily leverages the use of Subversion to provide the management of versioned resources because of its extensive ability to manage the creation and merging of branches.
38
Ott, Bryce D. "Web based resource management for multi-tiered web applications /." Diss., CLICK HERE for online access, 2007. http://contentdm.lib.byu.edu/ETD/image/etd2194.pdf.
Full text
39
Mata, Miquel Christian. "Web-based application for medical imaging management." Doctoral thesis, Universitat de Girona, 2015. http://hdl.handle.net/10803/323093.
Full textAbstract:
Prostate and breast cancer are the most common cause of cancers in men and women, respectively. Medical imaging plays an important role in breast and prostate cancer detection and evaluation. Then to prove that our web-based medical application could be applied in different medical disciplines, the main part of this thesis is the implementation of two frameworks as a Java applet interface designed as a web-based tool in the domains of mammography from X-rays in radiology, and of prostate imaging from an Magnetic Resonance Imaging (MRI). This aims to facilitate the diagnosis of new mammographic and prostate cases by providing a set of image processing tools that allow a better visualization of the images, and a set of drawing tools used to annotate the suspicious regions (overlays). Each annotation allows including the attributes considered by the experts when issuing the final diagnosis. The overall set of overlays is stored in a database as eXtensible Markup Language (XML) files associated with the original images. Finally, an exhaustive evaluation of the results is also discussed in this thesis. For the application on mammography, the experimental study is performed in order to evaluate the scalability, complexity and response speed at the proposed tool. For the application on MRI of prostate cancer, the evaluation focused on the decrease of the variability of the expert assessments when collaborative work is performed. To conclude, a new architecture with the main goal of managing patient databases with potentially multi-modal imaging is presented such as for an MRI of the prostate cancer and evaluation from potentially several experts.En aquesta tesi es realitza una revisió bibliogràfica de les principals publicacions recents en els últims anys en aplicacions mèdiques basades en web. Aquest estudi analitza els avantatges i inconvenients dels treballs d’investigació en el camp de la imatge mèdica, així com les arquitectures de base de dades per a la gestió d’imatges digitals. La part principal d’aquesta tesi és la implementació d’una eina basada en la web amb la finalitat de demostrar la integritat i aplicació en diferents disciplines mediques. En aquest sentit, l’aplicació proposada en aquest projecte de tesis ha sigut implementada com a eina d’ajuda al diagnòstic de càncer de mama i pròstata. L’objectiu és facilitar el diagnòstic proporcionant un conjunt d’eines de processat d’imatge que permetin una millor visualització de les imatges, i un conjunt d’eines d’anotació de regions sospitoses o malignes (superposicions). Cada anotació permet incloure tots els atributs i especificacions considerades pels experts a l’emetre el diagnòstic final. S’han dissenyat diferents arquitectures per a la gestió de base de dades (per exemple PACS per emmagatzemar imatges monogràfiques). Per altra banda, el conjunt global d’anotacions s’emmagatzemen en una base de dades d’arxius XML associats a les imatges originals. Conseqüentment, aquesta nova arquitectura es presenta amb l’objectiu d’obtenir una base de dades de casos diagnosticats i validats per radiòlegs experts per a la formació de radiòlegs novells. Finalment, conclusions i noves línies d’investigació associades al projecte com a treball futur són presentades en aquesta tesi.
40
Azam, Zaher. "WEB PROJECTS MANAGEMENTBETWEEN THEORY & PRACTICAL APPLICATION." Thesis, Tekniska Högskolan, Högskolan i Jönköping, JTH. Forskningsområde Informationsteknik, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:hj:diva-14318.
Full text
41
Paudyal, Umesh. "Scalable Web Application using Node.JS and CouchDB." Thesis, Uppsala universitet, Institutionen för informationsteknologi, 2011. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-159178.
Full textAbstract:
This report presents design and implementation of a protoype application using server side javascript programming language, node.JS and couchDB as backend database. It scales and evaluates the developed prototype application and the couchDB for their scalability and performance. The report concludes that node.JS is a suitable framework for development of scalable web servers and couchDB as a backend database, though natively not distributed and scalable, can be scaled and distributed across multiple nodes using clustering and replication mechanism.
42
Gustafsson, Johan. "Desktop Integration with a Web Based Application." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-76913.
Full textAbstract:
This master thesis work was done at Ipendo Systems in Linköping, a company that makes an intellectual property management system called Ipendo Platform. The master thesis describes the design and development of an extension to a web based solution to work as desktop application and demonstrating the solution with an Outlook plugin. The goal was to improve the workflow for the user when handling documents received by mail and also find and evaluate a model for product integration that could be re-used for future projects. The result of the master thesis is an Outlook plugin and a web service that exposes part of Ipendo Platform functionality in a service layer. As a final test the solution was tested in a production environment to simulate real world usage. The report provides conclusions about the pros and cons of this kind solution and how the current design and implementation of Ipendo Platform has affected the outcome.
43
Joelsson, Sophie. "Developing a web application: a usability approach." Thesis, Linköpings universitet, Interaktiva och kognitiva system, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-119780.
Full textAbstract:
The objective of this thesis was to develop a user-friendly web application for quality annotation of text translations. Prototypes were designed in an iterative process to allow for continuous feedback from potential users. The iterative method drew attention to the frequently occurring difference between the developer’s and the user’s perception of the design, and was helpful to meet the high usability requirements. This thesis’ work included users throughout the process with user evaluation of each prototype, to ensure the usability of the final product.
44
Olofsson, Niclas. "Automated testing of a dynamic web application." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-107745.
Full textAbstract:
Software testing plays an important role in the process of verifying software functionality and preventing bugs in production code. By writing automated tests using code instead of conducting manual tests, the amount of tedious work during the development process can be reduced and the software quality can be improved. This thesis presents the results of a conducted case study on how automated testing can be used when implementing new functionality in a Ruby on Rails web application. Different frameworks for automated software testing are used as well as test-driven development methodology, with the purpose of getting a broad perspective on the subject. This thesis studies common issues with testing web applications, and discuss drawbacks and advantages of different testing approaches. It also looks into quality factors that are applicable for tests, and analyze how these can be measured.
45
Wanderydz, Kristoffer. "WEB APPLICATION SECURITY IN THE JAVA ENVIRONMENT." Thesis, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-2370.
Full textAbstract:
This project focuses on web security. Some of the most famous vulnerabilities, known troubling web applications. Has been collected and analyzed. Each vulnerability collected in this project, was exploited and secured. Demon- strations from a web application prototype, developed for this project. Brings real examples for each vulnerability, both secured, and insecured. The proto- type ran on a Tomcat web server, and was developed with frameworks such as Web, Spring and Hibernate. Connected to one PostgreSQL data source. All vulnerabilities was successfully implemented in Spring framework, and they were all exploited. Every vulnerability was also secured, with different tools and methods from earlier mentioned frameworks. As a result, real examples from the prototype is used for demonstration in the project, both in a secure and an insecure state. The result views Spring as a framework with good security potential. Most of the Spring specific vulnerabilities, are logical design flaws from developers that can be avoided. Vulnerabilities not related to Spring, such as the one collected for this project. Could be prevented by using methods from the Spring framework or intelligent programming. Which leads to conclusions. Web applications are always exposed to attacks, no matter the framework in use. Creative hackers search to discover new vul- nerabilities, and update old ones all the time. Developers has a responsibility, towards the web applications users. Web applications can not just developed for normal use, but also against possible misuse. Frameworks with good reputation and well processed models, is a good ground for developing a secure application.
46
Vernersson, Susanne. "Penetration Testing in a Web Application Environment." Thesis, Linnéuniversitetet, Institutionen för datavetenskap, fysik och matematik, DFM, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-8934.
Full textAbstract:
As the use of web applications is increasing among a number of different industries, many companies turn to online applications to promote their services. Companies see the great advantages with web applications such as convenience, low costs and little need of additional hardware or software configuration. Meanwhile, the threats against web applications are scaling up where the attacker is not in need of much experience or knowledge to hack a poorly secured web application as the service easily can be accessed over the Internet. While common attacks such as cross-site scripting and SQL injection are still around and very much in use since a number of years, the hacker community constantly discovers new exploits making businesses in need of higher security. Penetration testing is a method used to estimate the security of a computer system, network or web application. The aim is to reveal possible vulnerabilities that could be exploited by a malicious attacker and suggest solutions to the given problem at hand. With the right security fixes, a business system can go from being a threat to its users’ sensitive data to a secure and functional platform with just a few adjustments. This thesis aims to help the IT security consultants at Combitech AB with detecting and securing the most common web application exploits that companies suffer from today. By providing Combitech with safe and easy methods to discover and fix the top security deficiencies, the restricted time spent at a client due to budget concerns can be made more efficient thanks to improvements in the internal testing methodology. The project can additionally be of interest to teachers, students and developers who want to know more about web application testing and security as well as common exploit scenarios.
47
Barhamgi, Mahmoud. "Composing DaaS web services : application to eHealth." Thesis, Lyon 1, 2010. http://www.theses.fr/2010LYO10164.
Full textAbstract:
Dans cette thèse, nous intéressons à l'automatisation de la composition de service Web d'accès aux données (i.e. DaaS Data-gs-g-S..ervice Web services) pour les besoins de partage de données dans les environnements distribués. La composition de service Web permet de répondre aux besoins d'un utilisateur ne pouvant être satisfaits par un seul Web service, alors qu'une intégration de plusieurs le permettrait. La motivation principale de notre travail est que les méthodes de composition, telles qu'elles sont appliquées aux services Web traditionnels (i.e. AaaS Application-as-a-Service Web services), ne permettent pas de prendre en compte la relation sémantique entre les entrées/sorties d'un service Web d'accès aux données, et en conséquence, elles ne sont pas adaptées pour composer les services Web d'accès aux données. Dans ce travail de thèse, nous proposons d'exploiter les principes de base des systèmes d'intégration des données pour composer les services Web d'accès aux données. Plus précisément, nous modélisons les services Web d'accès aux données comme des vues sur des ontologies de domaine. Cela permet de représenter la sémantique d'un service d'une manière déclarative en se basant sur des concepts et des relations dont les sémantiques sont formellement définies dans l'ontologie de domaine. Ensuite, nous utilisons les techniques de réécriture des requêtes pour sélectionner et composer automatiquement les services pour répondre aux requêtes des utilisateurs. Comme les services Web d'accès aux données peuvent être utilisés pour accéder à des données sensibles et privées, nous proposons également un mécanisme basé sur la modification des requêtes pour préserver la confidentialité des données. Ce mécanisme modifie les requêtes en se basant sur des politiques de confidentialité avant leur résolution par 1' algorithme de composition, et il prend en considération les préférences des utilisateurs quant à la divulgation de leurs données privées. Le principal domaine d'application de notre approche est le domaine d'e-santé, où les services Web d'accès aux données sont utilisés pour partager les dossiers médicaux des patientsIn this dissertation, we propose a novel approach for the automatic composition of DaaS Web services (DaaS Data-gs-g-S.ervice Web services). Automatic DaaS Web service composition requires dealing with three major research thrusts: (i) describing the semantics of DaaS Web services, (ii) selecting and combining relevant DaaS Web services, and (iii) generating composite service descriptions (i.e. the compositions' plans). We first propose to model DaaS Web services as RDF views over domain ontologies. An RDF view allows capturing the semantics of the associated DaaS Web service in a "declarative" way based on concepts and relationships whose semantics are formally defined in domain ontologies. The service description files (i.e. WSDL files) are annotated with the defined RDF views using the extensibility feature of the WSDL standard. We then propose to use query rewriting techniques for selecting and composing DaaS Web services. Specifically, we devised an efficient RDF-oriented query rewriting algorithm that selects relevant services based ontheir defined RDF views and combines them to ans~wer a posed query. It also generates an execution plan for the obtained composition/s. Our algorithm takes into account the RDFS semantic constraints (i.e. "subClassOf", "subPropertyOf", "Domain" and "Range") and is able to address both specifie and parameterized queries. Since DaaS Web services may be used to access sensitive and private data; we also extended our DaaS service composition approach to handle data privacy concems. Posed queries are modified to accommodate pertaining privacy conditions from data privacy policies before their resolution by the core composition algorithm. Our proposed privacy preservation model takes user' s privacy preferences into account
48
Ponomarenko, Maksym. "Maintenance of the Quality Monitor Web-Application." Thesis, Linnéuniversitetet, Institutionen för datavetenskap (DV), 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-28816.
Full textAbstract:
Applied Research in System Analysis (ARiSA) is a company specialized in the development of the customer-specific quality models and applied research work. In order to improve the quality of the projects and to reduce maintenance costs, ARiSA developed Quality Monitor (QM) – a web application for quality analysis. QM application has been originally developed as a basic program to enable customers to evaluate the quality of the sources. Therefore, the business logic of the application was simplified and certain limitations were imposed on it, which in its turn leads to a number of issues related to user experience, performance and architecture design. These aspects are important for both application as a product, and for its future promotion. Moreover, this is important for customers, as end users. Main application issues, which were added to the maintenance list are: manual data upload, insufficient server resources to handle long-running and resource consuming operations, no background processing and status reporting, simplistic presentation of analysis results and known usability issues, weak integration between analysis back-ends and front-end. In order to address known issues and to make improvements of the existing limitations, a maintenance phase of QM application is initiated. First of all, it is intended to stabilize current version and improve user experience. It also needed for refactoring and implementation of more efficient data uploads processing in the background. In addition, extended functionality of QM would fulfill customer needs and transform application from the project into a product. Extended functionality includes: automated data upload from different build processes, new data visualizations, and improvement of the current functionality according to customer comments. Maintenance phase of QM application has been successfully completed and master thesis goals are met. Current version is more stable and more responsive from user experience perspective. Data processing is more efficient, and now it is implemented as background analysis with automatic data import. User interface has been updated with visualizations for client-side interaction and progress reporting. The solution has been evaluated and tested in close cooperation with QM application customers. This thesis describes requirements analysis, technology stack with choice rationale and implementation to show maintenance results.
49
Jarugu, Swathi. "Web application for Office of International Programs." Kansas State University, 2011. http://hdl.handle.net/2097/12018.
Full textAbstract:
Master of ScienceDepartment of Computing and Information Sciences
Mitchell L. Neilsen
The mission of the Office of International Programs is to lead the internationalization of Kansas State University by supporting and collaborating with faculty, students, and scholars. The units within the Office of International Programs provide primary support for both in coming international students, faculty and researchers at K-State, faculty and researchers going abroad, etc. It seldom happens that all the international activity of a particular university is organized under the same hood. There is no conventional source that handles all the information (International activity) in a single web application, it is usually scattered over the web. This makes it tough for prospective students or researchers to search for people or programs. Therefore, to overcome this issue, the current project has been implemented. The main objective of the current project is to design a website for the Office of International Programs. This website hosts information about International Faculty, Study Abroad Programs, International Agreements, Alumni Groups and International Students on a single platform. This portal would offer the administrators with different modules where information about a particular program can be added, edited, deleted and viewed. Primary focus of this application is to display information in an innovative format and to enable different users to navigate over the web site easily. This website makes the searching process easy for users. This site is significantly responsible for viewing of information and maintaining a database for various people and programs for Office of International Programs at Kansas State University.
50
Cooper, Ezra. "Programming language features for Web application development." Thesis, University of Edinburgh, 2009. http://hdl.handle.net/1842/29069.
Full textAbstract:
Web programming remains difficult, even with cutting-edge libraries, because the execution model of the web environment is essentially different from the classic models. Unlike a batch program which sits between input and output streams, a web program sits between user activity in the browser and serverside resources such as a database. Furthermore the use of URLs as durable entry points to an application makes the environment fundamentally concurrent and re-entrant, a challenge and opportunity for supporting web programmers. This thesis makes four principal contributions to the technology for expressing web applications. First, it describes the features of Links, a new programming language with a unified model of the web environment, encompassing client and server. Among other things, the Links compiler can slice the program, generating JavaScript to run on the client and other code to run on the server, so that they interact transparently. To allow programmers to control the location of code, Links offers syntactic client and server annotations. The second contribution is a formal semantics of these client/server annotations, in the form of an "RPC calculus." Along with the calculus is provided a compilation technique that shows how these location annotations can be implemented in the web's asymmetrical client/server setting, where the server acts only in response to the client's requests. The third contribution is a description of a language feature, 'formlets,' which is an abstraction of HTML forms; as an abstraction, it allows reusing bundles of form elements, composing them hierarchically, and viewing their submitted data at an appropriate abstract type. And the fourth and final major contribution shows how to integrate relational database query expressions into a programming language while also extending those queries to allow nested data structures and functional abstraction.